www.ketto.org Open in urlscan Pro
13.226.155.119 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u1699505.ct.sendgrid.net/ls/click?upn=lqP1VrxUtWMVJ2zsP7wlGo8aTuxJegzbtY9GbCRBAxI8XbOC7jC-2FM5N5rN-2FsOa5gNvDyS3roWg6TPum...
Effective URL:
https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_ca...
Submission: On August 13 via manual (August 13th 2020, 2:20:19 pm UTC) from US

Summary HTTP 174 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 52 IPs in 10 countries across 42 domains to perform 174 HTTP transactions. The main IP is 13.226.155.119, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.ketto.org.
TLS certificate: Issued by Amazon on October 26th 2019. Valid for: a year.

This is the only time www.ketto.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.16 167.89.123.16	11377 (SENDGRID) (SENDGRID)
1 1	34.252.225.59 34.252.225.59	16509 (AMAZON-02) (AMAZON-02)
37	13.226.155.119 13.226.155.119	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:218... 2600:9000:2182:1400:9:d911:8400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:ea00:11:c3fe:5b00:93a1	16509 (AMAZON-02) (AMAZON-02)
9	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
4	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
10	2600:9000:218... 2600:9000:2182:a600:d:a7d1:b5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:1a00:d:a7d1:b5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE)
1	13.226.155.83 13.226.155.83	16509 (AMAZON-02) (AMAZON-02)
6	151.101.113.44 151.101.113.44	54113 (FASTLY) (FASTLY)
3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
2	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.210.250.44 23.210.250.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
1	23.39.102.135 23.39.102.135	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
2	204.141.42.111 204.141.42.111	2639 (ZOHO-AS) (ZOHO-AS)
1	3.221.154.44 3.221.154.44	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19b::143a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	147.75.84.91 147.75.84.91	54825 (PACKET) (PACKET)
1	2600:9000:218... 2600:9000:2182:7200:14:81fb:1e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.227.234.108 13.227.234.108	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2 9	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
7	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
3	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1	147.75.102.203 147.75.102.203	54825 (PACKET) (PACKET)
1	92.123.150.214 92.123.150.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	147.75.33.229 147.75.33.229	54825 (PACKET) (PACKET)
1	204.141.43.144 204.141.43.144	2639 (ZOHO-AS) (ZOHO-AS)
6	31.186.243.147 31.186.243.147	2639 (ZOHO-AS) (ZOHO-AS)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1 2	172.217.23.134 172.217.23.134	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:5a00:d:e617:f340:21	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1	2600:1901:0:a... 2600:1901:0:a5e4::	15169 (GOOGLE) (GOOGLE)
6	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
4	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	204.141.32.123 204.141.32.123	2639 (ZOHO-AS) (ZOHO-AS)
174	52

1 167.89.123.16 (United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x16.outbound-mail.sendgrid.net

u1699505.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.225.59 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

wizrocketmail.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 13.226.155.119 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-119.dus51.r.cloudfront.net

www.ketto.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2182:1400:9:d911:8400:93a1 (United States)

ASN16509 (AMAZON-02, US)

prod_cdn.gumlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:ea00:11:c3fe:5b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.gumlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.96.102.137 (United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:7a0b:: (United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2182:a600:d:a7d1:b5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

prod_cdn.gumlet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:1a00:d:a7d1:b5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

ketto.gumlet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-83.dus51.r.cloudfront.net

d2r1yp2w7bby2u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.113.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-44.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.39.102.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-102-135.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.132.192.30 (Singapore) 1 redirects

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sin.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.141.42.111 (United States)

ASN2639 (ZOHO-AS, US)

salesiq.zoho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.221.154.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-154-44.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19b::143a (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.91 (Parsippany, United States)

ASN54825 (PACKET, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:7200:14:81fb:1e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.notifyvisitors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.234.108 (Seattle, United States)

ASN16509 (AMAZON-02, US)

wzrkt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.203 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.150.214 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-150-214.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.33.229 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress12

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.141.43.144 (United States)

ASN2639 (ZOHO-AS, US)

vts.zohopublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.186.243.147 (United Kingdom)

ASN2639 (ZOHO-AS, US)

css.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f134.1e100.net

9811153.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:5a00:d:e617:f340:21 (United States)

ASN16509 (AMAZON-02, US)

d1vdjc70h9nzd9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:a5e4:: (United States)

ASN15169 (GOOGLE, US)

notify.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.141.32.123 (United States)

ASN2639 (ZOHO-AS, US)

js.zohostatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	ketto.org www.ketto.org	909 KB
12	taboola.com cdn.taboola.com trc.taboola.com trc-events.taboola.com	47 KB
11	doubleclick.net 3 redirects stats.g.doubleclick.net googleads.g.doubleclick.net 9811153.fls.doubleclick.net	10 KB
11	gumlet.io prod_cdn.gumlet.io ketto.gumlet.io	144 KB
9	google.de www.google.de	961 B
9	google.com 2 redirects www.google.com	1 KB
9	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	100 KB
6	zohocdn.com css.zohocdn.com js.zohocdn.com	268 KB
6	outbrain.com amplify.outbrain.com tr.outbrain.com amplifypixel.outbrain.com	4 KB
6	google-analytics.com 2 redirects www.google-analytics.com	20 KB
5	facebook.com 1 redirects www.facebook.com graph.facebook.com	1 KB
5	gstatic.com fonts.gstatic.com	131 KB
5	bugsnag.com sessions.bugsnag.com notify.bugsnag.com	456 B
4	cloudflare.com cdnjs.cloudflare.com	123 KB
4	googletagmanager.com www.googletagmanager.com	173 KB
4	facebook.net connect.facebook.net	228 KB
4	gumlet.com prod_cdn.gumlet.com cdn.gumlet.com	12 KB
3	snapchat.com tr.snapchat.com	575 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	74 KB
3	creativecdn.com 1 redirects asia.creativecdn.com sin.creativecdn.com	450 B
3	googleadservices.com www.googleadservices.com	34 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	7 KB
2	zoho.com salesiq.zoho.com	42 KB
2	yimg.com s.yimg.com	7 KB
2	sc-static.net sc-static.net	14 KB
2	mgid.com a.mgid.com	3 KB
2	cloudfront.net d2r1yp2w7bby2u.cloudfront.net d1vdjc70h9nzd9.cloudfront.net	19 KB
1	zohostatic.com js.zohostatic.com	5 KB
1	atdmt.com cx.atdmt.com	422 B
1	zohopublic.com vts.zohopublic.com
1	yahoo.com sp.analytics.yahoo.com	857 B
1	bluekai.com stags.bluekai.com
1	t.co t.co	166 B
1	twitter.com analytics.twitter.com	280 B
1	wzrkt.com wzrkt.com	874 B
1	notifyvisitors.com www.notifyvisitors.com	4 KB
1	clmbtech.com ade.clmbtech.com	1 KB
1	quora.com q.quora.com	422 B
1	bkrtx.com tags.bkrtx.com	11 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	wizrocketmail.net 1 redirects wizrocketmail.net	201 B
1	sendgrid.net 1 redirects u1699505.ct.sendgrid.net	687 B
174	42

	Domain	Requested by
35	www.ketto.org	www.ketto.org
10	prod_cdn.gumlet.io	www.ketto.org
9	www.google.de
9	www.google.com	2 redirects
9	dev.visualwebsiteoptimizer.com	www.ketto.org dev.visualwebsiteoptimizer.com
7	googleads.g.doubleclick.net	www.googleadservices.com
6	trc-events.taboola.com	www.ketto.org
6	www.google-analytics.com	2 redirects www.googletagmanager.com www.google-analytics.com
5	fonts.gstatic.com	www.ketto.org
4	cdnjs.cloudflare.com	www.ketto.org
4	js.zohocdn.com	salesiq.zoho.com js.zohocdn.com
4	trc.taboola.com	cdn.taboola.com www.ketto.org
4	www.googletagmanager.com	www.ketto.org www.googletagmanager.com
4	www.facebook.com	1 redirects www.ketto.org connect.facebook.net
4	connect.facebook.net	www.ketto.org connect.facebook.net
4	sessions.bugsnag.com	www.ketto.org
3	tr.snapchat.com	sc-static.net
3	tr.outbrain.com
3	www.googleadservices.com	www.googletagmanager.com
3	prod_cdn.gumlet.com	www.ketto.org
2	9811153.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	css.zohocdn.com	salesiq.zoho.com js.zohocdn.com
2	amplifypixel.outbrain.com
2	stats.g.doubleclick.net	2 redirects
2	salesiq.zoho.com	www.ketto.org
2	s.yimg.com	www.ketto.org
2	asia.creativecdn.com	1 redirects www.googletagmanager.com
2	sc-static.net	www.googletagmanager.com sc-static.net
2	a.mgid.com	www.googletagmanager.com
2	cdn.taboola.com	www.googletagmanager.com www.ketto.org
2	fonts.googleapis.com	ajax.googleapis.com
1	js.zohostatic.com	js.zohocdn.com
1	notify.bugsnag.com	www.ketto.org
1	cx.atdmt.com
1	d1vdjc70h9nzd9.cloudfront.net	cdn.gumlet.com
1	graph.facebook.com	www.ketto.org
1	vts.zohopublic.com	salesiq.zoho.com
1	vars.hotjar.com	static.hotjar.com
1	sp.analytics.yahoo.com	s.yimg.com
1	stags.bluekai.com	tags.bkrtx.com
1	script.hotjar.com	static.hotjar.com
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	wzrkt.com	d2r1yp2w7bby2u.cloudfront.net
1	www.notifyvisitors.com	www.ketto.org
1	static.hotjar.com	www.ketto.org
1	ade.clmbtech.com
1	q.quora.com
1	sin.creativecdn.com	www.googletagmanager.com
1	tags.bkrtx.com	www.googletagmanager.com
1	static.ads-twitter.com	www.ketto.org
1	amplify.outbrain.com	www.googletagmanager.com
1	d2r1yp2w7bby2u.cloudfront.net	www.ketto.org
1	ketto.gumlet.io	www.ketto.org
1	ajax.googleapis.com	www.ketto.org
1	cdn.gumlet.com	www.ketto.org
1	wizrocketmail.net	1 redirects
1	u1699505.ct.sendgrid.net	1 redirects
174	58

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
d1vdjc70h9nzd9.cloudfront.net
support.ketto.org
www.facebook.com
www.twitter.com

Subject Issuer	Validity	Valid
ketto.org Amazon	`2019-10-26` - `2020-11-26`	a year	crt.sh
*.gumlet.com Amazon	`2020-04-04` - `2021-05-04`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2021-05-18`	a year	crt.sh
*.gumlet.io Amazon	`2020-06-20` - `2021-07-20`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-08-10` - `2021-12-31`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
sc-static.net DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-03-15`	2 years	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2020-02-28` - `2021-05-29`	a year	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-06` - `2020-09-20`	a month	crt.sh
*.zoho.com Thawte RSA CA 2018	`2020-05-31` - `2021-05-31`	a year	crt.sh
*.quora.com Let's Encrypt Authority X3	`2020-08-02` - `2020-10-31`	3 months	crt.sh
static.clmbtech.com GeoTrust RSA CA 2018	`2020-03-24` - `2021-06-23`	a year	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-06-17` - `2020-09-15`	3 months	crt.sh
notifyvisitors.com Amazon	`2020-08-12` - `2021-09-11`	a year	crt.sh
wzrkt.com Amazon	`2020-05-19` - `2021-06-19`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
tr.snapchat.com DigiCert SHA2 Secure Server CA	`2019-02-19` - `2021-02-23`	2 years	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-06-18` - `2020-09-16`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-04-14` - `2021-04-10`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-03-04` - `2020-08-31`	6 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-06-16` - `2020-09-14`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.zohopublic.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-04` - `2021-03-04`	a year	crt.sh
*.zohocdn.com Let's Encrypt Authority X3	`2020-07-29` - `2020-10-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-06-25` - `2020-09-23`	3 months	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
*.zohostatic.com Thawte RSA CA 2018	`2020-05-31` - `2021-05-31`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Frame ID: D483DFA53223A3FB2CB3D542CA992DEA
Requests: 163 HTTP requests in this frame

Frame: https://sin.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp&tc=1
Frame ID: A6FA363A64F1D6CFEF0E6776A8485039
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=063d31e7-94b2-4f93-9267-59adb398a633
Frame ID: C087CB5145E79DA3A0AC8BAFFC1D85BD
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/84435?ret=html&phint=__bk_t%3DCrowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&phint=__bk_k%3Dcrowdfunding%20india%2C%20crowdfunding%2C%20crowdfunding%20website%2C%20ketto%2C%20crowdsourcing&phint=__bk_l%3Dhttps%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&phint=__bk_v%3D3.1.5&limit=1&r=97821346
Frame ID: 92F194FC7386AB9704238E16770A4B0C
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 05FC10265419EC6FBB1A34570F70BDD3
Requests: 1 HTTP requests in this frame

Frame: https://vts.zohopublic.com/crosdom.html
Frame ID: 170DB0444E0B2297491ECA5B01A16C43
Requests: 1 HTTP requests in this frame

Frame: https://9811153.fls.doubleclick.net/activityi;dc_pre=CNWb74CwmOsCFdXKuwgdf_wINw;src=9811153;type=invmedia;cat=dv36000;ord=5236353721528;gtm=2wg871;auiddc=2099060509.1597328403;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4
Frame ID: F81DBE3B93AF4C08EBF1E861A630F94F
Requests: 1 HTTP requests in this frame

Frame: https://asia.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp_offer_214585
Frame ID: 6B2B16E193AEE9F55578D5029E565CCD
Requests: 1 HTTP requests in this frame

Frame: https://css.zohocdn.com/salesiq/https/styles/newembedtheme_714b9745619d0d1f2eba0d69108c0341_.css
Frame ID: 57EF9293E169B8CA8FAC0E8DCA419F26
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u1699505.ct.sendgrid.net/ls/click?upn=lqP1VrxUtWMVJ2zsP7wlGo8aTuxJegzbtY9GbCRBAxI8XbOC7jC-2FM5N5rN-2F... HTTP 302
https://wizrocketmail.net/r?e=K24AfR8EBgx6CAB%2FDSZlegMBBwdhJCw1ICQsNQUBAAVhaWQ3FxohLkFDWFs5BTEkODE7Ln... HTTP 302
https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm... Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Page Statistics

174
Requests

100 %
HTTPS

44 %
IPv6

42
Domains

58
Subdomains

52
IPs

10
Countries

2396 kB
Transfer

8580 kB
Size

6
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=917700975559&text=Count%20me%20in%21%20I%20want%20to%20subscribe%20to%20Ketto%20Voice.
Title: Get us on Whatsapp

Search URL Search Domain Scan URL

URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/f2c8111d98ce7c5ad7d96f7a1f359b4914c34bff.jpg

Search URL Search Domain Scan URL

URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/b29f3c2eef4a5c1f0f4dda75666788c355507c84.jpg

Search URL Search Domain Scan URL

URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/b7711e727907019c3cd9720bdb9cf04b398a2e19.jpg

Search URL Search Domain Scan URL

URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/0f7cba800e43e2155c1d3abf0d71c9fc4f0ab351.jpg

Search URL Search Domain Scan URL

URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/2f0e58c319b85cd58207cba0437ff503fe2ad368.jpeg

Search URL Search Domain Scan URL

URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/214000/214585/image/5f043c195c8af.jpeg

Search URL Search Domain Scan URL

URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/214000/214585/image/5f043c25435e4.jpeg

Search URL Search Domain Scan URL

URL: https://support.ketto.org/hc/en-us/articles/360021050313-Terms-of-use
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://support.ketto.org/hc/en-us/articles/360021156273-Privacy-Policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.facebook.com/ketto.org

Search URL Search Domain Scan URL

URL: http://www.twitter.com/ketto

Search URL Search Domain Scan URL

URL: https://support.ketto.org/hc/en-us/articles/360035965313-Trust-Safety
Title: Trust & Safety

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u1699505.ct.sendgrid.net/ls/click?upn=lqP1VrxUtWMVJ2zsP7wlGo8aTuxJegzbtY9GbCRBAxI8XbOC7jC-2FM5N5rN-2FsOa5gNvDyS3roWg6TPumAGG92Lf6VfhUqK-2FLcsoYjv6H80484dBcrkj45Q-2FIjCLhGPpYJYaeOt2-2BR1EBrDsnZAvMV-2FWt1gFksqVST9czJ7Qk0SDY54InuY5l-2FiwepJkGBItnk3TgZxI5nH7Ev-2BXqagRtRqoZvbIHEL-2FIJuZjUpQaxNho6Rh6dUFeHeAJGWlHq7U2KtRadOdDYsNXDhQnHh1WyGSwNM0Gb9e1cBqfHjMLey0NxaCJPD0o7RNsxrY8I-2B1matVDfhVkHDCtypWF4FCf2VaqqPrwYXyhBHpYRacstl7NNJDpkFDy4R0094ZuPMHVOXhEOA8CwP5E6pDSCHf1KcqTH0ENTC-2BA25Bt5nS7lS8k45QdmJJ-2FdmUaZ-2FGQmDcwtpmwrPWWch-2BGb9nUMseunge-2FfDxOYskiZp8gnlPfdzOBzJAazzlz9rdy6QUA7sjKUDheUFJ6qXX8DQI3HbaDBidZKkqsSlKGj-2FqoOYhCOb5cirYuAZP3lakPqPJFsUGg6CwbDC3e-2BGxWh25K44-2F-2FW9lTgY0kbRMdse7otaHgLAhEvMsovKMZMGylJmBSdCTg8lpGGFeCDIklJNmLhThws7A-3D-3DCBl2_b8F8XimgmWMTDwdpbBBQchx-2FHYqmg7-2BiWLn5A-2FpfgT-2FWcos0ZwQ4os9PvJwzEuW6kPCVYRURIJ3bLmohLbjipxwB9c-2FmRa-2Ft5Ems4MqEk8Cm-2BwaBka6BBB9YJRsaaVoalqm5OYzAfl6lFnzaRggiZz-2BlXbX1rWRwqkt7xNE-2FUmB5nrGDvyydZmMenSkOUXymdPtBBLdE7SJpJ5OXAxZe7T2-2BWUZSY7W5JtOew-2B3nauNry9ENd-2FoblTgBXIn4mVfVCwkWC5QEOqersPodpVC66RTz-2Fgtb6U03ogkFGnmdRzrrAZ5WoJV4iz3QGDhUDyScY7dS9gEgX42Hy-2BpKfh8nYNU3CbeZos8hryTbXcbmmIj0XawBXxXqXIkBFeAAhm64UDSrnm60Elyfm5-2FwQOwdwMPyK2xyA8egE8cELb3TjlTBtT9GevYKP-2FCLg3q8frKqZ3-2BVnhzDotiAJXbpyOvxpw-3D-3D HTTP 302
https://wizrocketmail.net/r?e=K24AfR8EBgx6CAB%2FDSZlegMBBwdhJCw1ICQsNQUBAAVhaWQ3FxohLkFDWFs5BTEkODE7LnJwTQUrPyQuOS4uBV1EWFI%2BOTM%2FPjU8a3FcWFc8PzY3LHglMUBbbl0zeGhpZm9rfAECBwZnYg15Z2hiewoBAhZ7eCUxJTENO1tGXkB1YHAdNig7KlxEEXV1Jw%3D%3D&r=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&c=621783120&token=GldfBANUAwMFAg%3D%3D&try=1&$follow_redirect=true HTTP 302
https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://asia.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp HTTP 302
https://sin.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp&tc=1

Request Chain 75

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1522905606&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&ul=en-us&de=UTF-8&dt=Crowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=399611943&gjid=2109953889&cid=260549908.1597328403&tid=UA-30181760-1&_gid=1444898778.1597328403&_r=1&gtm=2wg871MJRMLZ&z=958939170 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=260549908.1597328403&jid=399611943&_gid=1444898778.1597328403&gjid=2109953889&_v=j83&z=958939170 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=260549908.1597328403&jid=399611943&_v=j83&z=958939170 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=260549908.1597328403&jid=399611943&_v=j83&z=958939170&slf_rd=1&random=2515523741

Request Chain 121

https://9811153.fls.doubleclick.net/activityi;src=9811153;type=invmedia;cat=dv36000;ord=5236353721528;gtm=2wg871;auiddc=2099060509.1597328403;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4 HTTP 302
https://9811153.fls.doubleclick.net/activityi;dc_pre=CNWb74CwmOsCFdXKuwgdf_wINw;src=9811153;type=invmedia;cat=dv36000;ord=5236353721528;gtm=2wg871;auiddc=2099060509.1597328403;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4

Request Chain 129

https://www.facebook.com/tr/?id=441308802710601&ev=ViewContent&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&rl=&if=false&ts=1597328403917&sw=1600&sh=1200&v=2.9.23&r=stable&ec=2&o=30&fbp=fb.1.1597328402793.1271898743&it=1597328402695&coo=false&rqm=GET HTTP 302
https://cx.atdmt.com/?c=10142005414154234067&f=AYzffjIQYbmqxgnj4ZnL6G8a54QZICMWAwiveTfldQ7DLEboUYRoDwOXGIFjII9T1KnMlLJGEoWEsQ1t5oMIXLnv&id=441308802710601&l=3&v=0

Request Chain 143

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1522905606&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&ul=en-us&de=UTF-8&dt=My%20Son%20Urgently%20Needs%20A%20Liver%20Transplant%20But%20I%20Cannot%20Afford%20It.%20Please%20Help%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Product%20View&_u=aGDAAEAL~&jid=841014254&gjid=1198825188&cid=260549908.1597328403&tid=UA-30181760-1&_gid=1444898778.1597328403&_r=1&gtm=2wg871MJRMLZ&pal=stories&pa=detail&pr1nm=saveshlok&pr1id=214585&pr1ca=ad&pr1va=150&z=1211612505 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=260549908.1597328403&jid=841014254&_gid=1444898778.1597328403&gjid=1198825188&_v=j83&z=1211612505 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=260549908.1597328403&jid=841014254&_v=j83&z=1211612505 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=260549908.1597328403&jid=841014254&_v=j83&z=1211612505&slf_rd=1&random=1733712864

174 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request saveshlok Show response
www.ketto.org/stories/
Redirect Chain

https://u1699505.ct.sendgrid.net/ls/click?upn=lqP1VrxUtWMVJ2zsP7wlGo8aTuxJegzbtY9GbCRBAxI8XbOC7jC-2FM5N5rN-2FsOa5gNvDyS3roWg6TPumAGG92Lf6VfhUqK-2FLcsoYjv6H80484dBcrkj45Q-2FIjCLhGPpYJYaeOt2-2BR1EBrD...
https://wizrocketmail.net/r?e=K24AfR8EBgx6CAB%2FDSZlegMBBwdhJCw1ICQsNQUBAAVhaWQ3FxohLkFDWFs5BTEkODE7LnJwTQUrPyQuOS4uBV1EWFI%2BOTM%2FPjU8a3FcWFc8PzY3LHglMUBbbl0zeGhpZm9rfAECBwZnYg15Z2hiewoBAhZ7eCUxJ...
https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

8 KB
3 KB

142ms
56ms

Document
text/html

13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf9e4c59117c33761b90b8c4ab5d53aa27f942544e71a8938872b5504fa0786

Request headers

:method: GET
:authority: www.ketto.org
:scheme: https
:path: /stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html
date: Thu, 13 Aug 2020 11:12:33 GMT
last-modified: Thu, 13 Aug 2020 11:12:22 GMT
etag: W/"45185b292fd1f2cc10233386d1017e6a"
cache-control: max-age=31536000
expires: Fri, 21 Mar 2042 23:59:59 GMT
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: L06I0729SoIwHYLRKo3NeDcVcwOL2hENrxx6YcqcM2tJVrxjx1Zzrw==
age: 11249

Redirect headers

status: 302
date: Thu, 13 Aug 2020 14:20:01 GMT
content-length: 0
location: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
cache-control: no-cache, no-store
pragma: no-cache
expires: 0

GET
H2 200 logo-light-bg.svg
prod_cdn.gumlet.com/images/ 3 KB
2 KB 97ms
17ms Image
image/svg+xml 2600:9000:2182:1400:9:d911:8400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod_cdn.gumlet.com/images/logo-light-bg.svg

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:1400:9:d911:8400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b08a2fde13d4e5798529ef923dc39f8fdbba7691008326e0c1125587f87b1b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: a618249d409a096d254911e4f00fb0d1
x-gumlet-reqid: 5f23b211079c4c6c07d7777c
age: 1153536
x-cache: Hit from cloudfront
status: 200
x-gumlet-runtime: 0.061
access-control-allow-origin: *
date: Fri, 31 Jul 2020 05:54:25 GMT
vary: accept
content-type: image/svg+xml
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: DUS51-C1
link: <https://d1vdjc70h9nzd9.cloudfront.net/images/logo-light-bg.svg>; rel="canonical"
x-amz-cf-id: l952Xg_2GXcU6NjvifHdwvx299JVRZyd-57jgHP9JNsORaJwD4Cdng==

GET
H2 200 runtime.9821c92358f98f876ae8.js Show response
www.ketto.org/new/ 3 KB
2 KB 30ms
29ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 642adb175a5076ac41f5956704c9f2dc445b9eb8464230967dd3a08d015348de

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 11:39:10 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:23 GMT
server: AmazonS3
age: 9652
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: gXW08T5Bqe8G2X6Nf-cGTD2TPKt2Npp7jOvZzaFG_vn32653wTuEcw==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 polyfills.e3b2bdca3c43369eaa2e.js Show response
www.ketto.org/new/ 41 KB
14 KB 84ms
82ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 234897b4e97c5735d806e0e5d979d9a4c36dd131ca4d95b4b3fe61dbcc348827

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:00:59 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:23 GMT
server: AmazonS3
age: 8343
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: XTQDK37R3SpuichuxJXQKtSNgHZYg9VZ_I8LHg1lOIIElEZ7_tE5ZA==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 styles.a6813eb14bf065123583.js Show response
www.ketto.org/new/ 309 KB
41 KB 43ms
41ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/styles.a6813eb14bf065123583.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc40471ec2ae90745cd787eb699d7c5e676b60bae632c48e7428db65d81a4106

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:00:59 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:23 GMT
server: AmazonS3
age: 8343
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: 1F3izNWU4rwEmnUrDatfNZyMrXfnfM4kImq0FzJo-4Dxy9UDt8WsDw==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 scripts.9ddf727ecc94cd123172.js Show response
www.ketto.org/new/ 14 KB
6 KB 33ms
31ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/scripts.9ddf727ecc94cd123172.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29b516aee6a400f25664f52b1919736ae13dca09da5edf0290aed5e92b206ed7

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:00:59 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:23 GMT
server: AmazonS3
age: 8343
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: DaiEoCEfgJprN5ExDM7KEADEzSf_Nf0oaqzoyJoAVvjpVOa4zC6rtA==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 vendor.37c718b3bdbd6d47e85c.js Show response
www.ketto.org/new/ 2 MB
458 KB 66ms
64ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/vendor.37c718b3bdbd6d47e85c.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f58ffeb33ac7096e1667d2bb0573f4575001e0ce128d249804e96c8022996d51

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:00:59 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:23 GMT
server: AmazonS3
age: 8343
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: JbFXhDxq-SpEaGLj7SlMoVQ83Ujj9G5_J8T-6kTOwxmL_227TxpFEQ==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 main.a0a3f74d8963da1927e3.js Show response
www.ketto.org/new/ 467 KB
93 KB 54ms
52ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/main.a0a3f74d8963da1927e3.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2c51dbc8dd33c7b5eb59543fded056ae773509cf1379dad184e1e63c1edca1d

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 11:39:10 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:23 GMT
server: AmazonS3
age: 9652
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: FcXn-eJxbiSaqk_Slb6WNSPHC9AsBrSm86jYhFGN-_bo8MuP4nwjjQ==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 vwo.js Show response
www.ketto.org/assets/js/ 3 KB
2 KB 50ms
49ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/assets/js/vwo.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17d81106176fdcddbcb848b8527dd2514831e000cabce15dc66b96c7212f73b7

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:00:59 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:21 GMT
server: AmazonS3
age: 8343
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: 4wI7rzirqpITrRKWFhwr5SD8aOVYw8vAwWDgHCToMzp_nV7XPa-H2A==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 gumlet.min.js Show response
cdn.gumlet.com/gumlet.js/2.0/ 19 KB
7 KB 103ms
17ms Script
application/javascript 2600:9000:2182:ea00:11:c3fe:5b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gumlet.com/gumlet.js/2.0/gumlet.min.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:ea00:11:c3fe:5b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 790fa159386b80e1ff4677d65fc9eb7c59f9b86c4ee6e9de737d6964867af4b8

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:37:58 GMT
content-encoding: gzip
last-modified: Sun, 28 Jun 2020 19:11:17 GMT
server: AmazonS3
age: 6124
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: K_iqXGPu7SfrF0wKh2iSu4mjEvXw2zn1d8Q5qOG53Kg-Uu2unafmXA==
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)

GET
H2 200 spinner.svg
www.ketto.org/assets/images/ 855 B
1 KB 47ms
46ms Image
image/svg+xml 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ketto.org/assets/images/spinner.svg
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 330c6994f421612a2a17b91f08e16a970dd2158a4632e9c133a393be9cefbf99

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 11:37:03 GMT
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
age: 9779
x-cache: Hit from cloudfront
status: 200
content-length: 855
last-modified: Thu, 13 Aug 2020 11:12:20 GMT
server: AmazonS3
etag: "cded618b6ad289ddd62ee325c973c092"
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: imoCgTMB3VwiRufdh7doaMgUdxTxWosN6szAYLNbAWyPPW6ywpu5Lg==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 7 KB
3 KB 53ms
21ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&f=1&r=0.4938280561741173
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/assets/js/vwo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 39bb79ed3db8305d9cd99fc04e9a8a8bda8028a050daa5228fd351a61053f60e

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:01 GMT
content-encoding: gzip
server: gfra1
content-type: application/javascript; charset=UTF-8
status: 200
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 13.58af89580acc9ee4e561.js Show response
www.ketto.org/new/ 23 KB
7 KB 24ms
24ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/13.58af89580acc9ee4e561.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b5e89ff4b46e5bd5ce4901f44203e73839865bd0f57fa9a955da009f05fb1a0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:01:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:10 GMT
server: AmazonS3
age: 8342
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: Y-VCSNLaj1zswCxPyYD1XZ1I29SFAQ997rwR82woqYLIyw8kNLDYaQ==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
97 B 143ms
142ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Bugsnag-Sent-At: 2020-08-13T14:20:01.906Z
Bugsnag-Api-Key: 0d02ac2f63382263e24f75c0adad288e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

status: 202
date: Thu, 13 Aug 2020 14:20:02 GMT
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 1.fcc86dcbba957cd7b13a.js Show response
www.ketto.org/new/ 134 KB
35 KB 43ms
40ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/1.fcc86dcbba957cd7b13a.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c65e707014518bf83814ceca1d50249f336f9eb87347a9176fa766d00c72f6cd

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:01:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:10 GMT
server: AmazonS3
age: 8342
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: lVCPLxyH7h_ddjQ7UBo3tqWHZJBiwoBH9vMazciUgDQt3WpWHvG9pw==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 2.88dc38da15625f8c24af.js Show response
www.ketto.org/new/ 65 KB
17 KB 40ms
38ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/2.88dc38da15625f8c24af.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b46c117bfc3a32a93541c04e6f8a70dcddab81a10a40237f422804adad586b2a

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 11:46:41 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:10 GMT
server: AmazonS3
age: 9201
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: DJ5E_PNQE4_gsqRmjbX0S4AwUuClTPRj5WjMOyxl7brlRqelfJrr7w==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 3.d37f8603b4fa54d80faa.js Show response
www.ketto.org/new/ 348 KB
56 KB 31ms
28ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/3.d37f8603b4fa54d80faa.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02874782bb9e7d9ecfbd6e7083304b6f6e533771ca9e2856b4f70e891ba7bfed

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 11:46:41 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:12 GMT
server: AmazonS3
age: 9201
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: P9GNxzd5qIIoD48yhoaKJC_25DsIXrWgBxY3OSjLa0nI1UeQa79vnA==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 4.5a38cf0f60f44e61eb5f.js Show response
www.ketto.org/new/ 137 KB
24 KB 31ms
28ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/4.5a38cf0f60f44e61eb5f.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff7f060e074279be23a8e06fe67eaf945adf1e9acc29c30900ff562009720d11

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:01:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:12 GMT
server: AmazonS3
age: 8342
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: jMB-0WQEh_HYKMuWOiDU8OqsMBlWW8mjeCv5KHK3IIGuHDA5KzNm9w==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 5.85a83abc0e8c6353417a.js Show response
www.ketto.org/new/ 75 KB
16 KB 32ms
29ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/5.85a83abc0e8c6353417a.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77668a022770d9f1a81b773aa4fbad6af9ac5ed2397d6be3d9a6778296fcfb96

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:01:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:13 GMT
server: AmazonS3
age: 8342
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: UYnOz-N83fHI_uIqy-cN0QNHry79Eoev9uQZTj8PQCyXEFIqLokJPg==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 7.dfa6f9a87af54a78b431.js Show response
www.ketto.org/new/ 97 KB
20 KB 35ms
32ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/7.dfa6f9a87af54a78b431.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 03105f6d7c6a3d4004b7b82f144215dda56b85b9ba2d1dad03f2c6389659f676

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 11:39:12 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:13 GMT
server: AmazonS3
age: 9650
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: 3aL-u95p_uxljYhpjYiegzjxl2Okf34rtvV6TvV30ZZYyKj4bxLwBQ==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 8.950fa6f4dd4cdc5091c4.js Show response
www.ketto.org/new/ 76 KB
13 KB 31ms
29ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/8.950fa6f4dd4cdc5091c4.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5bc846e0c0546c77193d2a3def464945d5c38716b6ed55312b8a33083a5db264

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:01:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:13 GMT
server: AmazonS3
age: 8342
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: eDKrHIAfXSe7Wgoi900BeMCXAQfT51M_dxbmVZQLE0kwFbGlmV-BrQ==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 10.2766074b6e0bb769d01e.js Show response
www.ketto.org/new/ 17 KB
5 KB 37ms
34ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/10.2766074b6e0bb769d01e.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0504480ecbd55fe67ce48d0235fb1a1311c01fe598e8ef496df7e75c8c4ac2f1

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 11:39:12 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:10 GMT
server: AmazonS3
age: 9650
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: w0KBBe3kYIAmdM2hSIY5XLhWF1OrMainvjVMNjwPNPQFZE7mpMd0Iw==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 16.9ddd6479ccbc369ab3e9.js Show response
www.ketto.org/new/ 149 KB
29 KB 33ms
31ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/16.9ddd6479ccbc369ab3e9.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d8fa57ccd272aee1e6fb084f258335213c527b8e0fe81082ba6f29e0010ac96

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:01:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:10 GMT
server: AmazonS3
age: 8342
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: loMEyu5pvyBrbSKRlXmPP7sOaBGru411RrBIOKN9m4_S3lRj3vW_6g==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 18.0a366b53c0e93300e07d.js Show response
www.ketto.org/new/ 35 KB
7 KB 33ms
31ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/18.0a366b53c0e93300e07d.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b903728b3ff98aab1c6356338720eb0d520a0b9aa23130389c2646deb9848888

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 13:11:37 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:11 GMT
server: AmazonS3
age: 4105
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: iv3iBuX01lvQmDzdxwcebdfLbHIxREgyE_yeWtm_jUoJ7xfcicWszg==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 common.2659353dadd43df94c72.js Show response
www.ketto.org/new/ 33 KB
9 KB 37ms
35ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/common.2659353dadd43df94c72.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28091b54019c34e19809a4cded415e4077c0f78a8fcc797dc483f55f51ade723

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:01:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:22 GMT
server: AmazonS3
age: 8342
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: v1d7SDiZpjSKH3Bc71nI2MIdLOwTyfzkYstZF68SnJ1cfHJeg1W0Mw==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 24.152147650e522b83fa34.js Show response
www.ketto.org/new/ 83 KB
18 KB 37ms
36ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/24.152147650e522b83fa34.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af7142db88c7b9ba5a90d1a46d506c76b9b889749fe6227729144b44a6afd736

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 13:11:41 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:10 GMT
server: AmazonS3
age: 4101
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: IOB_iap0FCDlK6t4Zs1vIgw5rfh1E3bxGTjxfCS_yZjNRZoypf4Ylw==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
DATA 200
OK truncated
/ 58 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 va-44ab19c220e47f67e9b7970ae24b5af7.js Show response
dev.visualwebsiteoptimizer.com/6.0/ 195 KB
57 KB 48ms
18ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/6.0/va-44ab19c220e47f67e9b7970ae24b5af7.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&f=1&r=0.4938280561741173
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gbel1 /
Resource Hash: 706768e4b131b180c185e87060ad8927da59d9f131ca9541cd8132a83330a8f6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Origin: https://www.ketto.org

Response headers

date: Thu, 13 Aug 2020 14:20:01 GMT
content-encoding: br
last-modified: Thu, 13 Aug 2020 09:53:47 GMT
server: gbel1
status: 200
etag: "5f350dab-e242"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57922
via: 1.1 google

GET
H2 200 track-44ab19c220e47f67e9b7970ae24b5af7.js Show response
dev.visualwebsiteoptimizer.com/6.0/ 11 KB
4 KB 48ms
19ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/6.0/track-44ab19c220e47f67e9b7970ae24b5af7.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&f=1&r=0.4938280561741173
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gbel1 /
Resource Hash: 6b3a3c33d38c05b3a3fcd41e055290f200a958b67f00979b9a83f7af8ac5b33b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Origin: https://www.ketto.org

Response headers

date: Thu, 13 Aug 2020 14:20:01 GMT
content-encoding: br
last-modified: Thu, 13 Aug 2020 09:53:47 GMT
server: gbel1
status: 200
etag: "5f350dab-e12"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3602
via: 1.1 google

GET
H2 200 opa-a4111607dc5ce718c2993c75e25e5d78.js Show response
dev.visualwebsiteoptimizer.com/analysis/3.0/ 82 KB
21 KB 62ms
32ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/3.0/opa-a4111607dc5ce718c2993c75e25e5d78.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&f=1&r=0.4938280561741173
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gbel1 /
Resource Hash: 9d1d20907ba83d3f3470e59e4304e94a093514d204330dde7afea7056c13febd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Origin: https://www.ketto.org

Response headers

date: Thu, 13 Aug 2020 14:20:01 GMT
content-encoding: br
last-modified: Tue, 21 Jul 2020 12:30:46 GMT
server: gbel1
status: 200
etag: "5f16dff6-5558"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21848
via: 1.1 google

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 95ms
95ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=326437&d=ketto.org&u=D7525242CE14C66B975772ECA7133AFD6&h=c811ca37ccda04e6e2e68065aa1aeb09&t=false&r=0.5137111006610786

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:02 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 14.a9f303fe0d0edce9356b.js Show response
www.ketto.org/new/ 9 KB
3 KB 23ms
23ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/14.a9f303fe0d0edce9356b.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a8ec8465298b1d2cd779b04471b720b19f06ba579fc63cc32291f2506039232

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:01:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:10 GMT
server: AmazonS3
age: 8342
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: tGDmVTgpsrIO8baFk5TO-lwzxeWADgnFUBlxevy7nPm5lCO_bVGoCQ==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 46.b7f57c73e64fd697b74b.js Show response
www.ketto.org/new/ 2 KB
1 KB 25ms
24ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/46.b7f57c73e64fd697b74b.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.9821c92358f98f876ae8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c31458398fbaa943006ea3d1bad6a3f7d3a4e0ca0219864ee88f1bab618b64f

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 12:01:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:13 GMT
server: AmazonS3
age: 8342
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: GY8bWcEPRBIu1BSx6y-ac8Sz-DDzQEY5oMfuRXK1cjEqkmMlhW0QUA==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 logo-light-bg.svg
prod_cdn.gumlet.io/images/ 29 KB
30 KB 78ms
18ms Image
image/webp 2600:9000:2182:a600:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod_cdn.gumlet.io/images/logo-light-bg.svg?w=1140&dpr=1.0

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:a600:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

277dfd85f30b874c8f063fd4c0fc7719182340778939ea8a61f47e99e4aac3cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
etag: f8677c4b980b9e7389a746b527977499
x-gumlet-reqid: 5ef8ed1d2840c86f7bea9364
age: 3956469
x-cache: Hit from cloudfront
status: 200
x-gumlet-runtime: 0.041
content-length: 29654
date: Sun, 28 Jun 2020 19:18:53 GMT
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: DUS51-C1
link: <https://d1vdjc70h9nzd9.cloudfront.net/images/logo-light-bg.svg>; rel="canonical"
x-amz-cf-id: yaPa8P8deMAJKJrawIbtLrxaawq1sMIp5IDl-FHbOS53wqdbflrDJQ==

GET
H2 200 auth.php Show response
www.ketto.org/vars/ 3 B
1 KB 1144ms
1143ms XHR
application/json 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/vars/auth.php
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash: 37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization: Bearer false
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:02 GMT
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
server: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
x-amz-cf-pop: DUS51-C1
pageurl-1: 1
x-powered-by: PHP/5.6.40
x-cache: Miss from cloudfront
content-type: application/json
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 3
x-amz-cf-id: KO7jC0xnkqlU9V-9kXH6WFEtdmqhGC-SVAZzGlwlYIYGbhVDtsYiEA==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/main.a0a3f74d8963da1927e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 06:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113230
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 06:52:52 GMT

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
82 B 144ms
144ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Bugsnag-Sent-At: 2020-08-13T14:20:02.010Z
Bugsnag-Api-Key: 0d02ac2f63382263e24f75c0adad288e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

status: 202
date: Thu, 13 Aug 2020 14:20:02 GMT
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 22ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/main.a0a3f74d8963da1927e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e089a756827b3e7edb64f412a3de03e42bfa9d9eb1361dbb55b2d0ce311bf15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: woIba81c9f7j2d/s452xhw==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
etag: "b1460946bee644678a481a961efe9c6b"
x-fb-debug: cJ69+eGWDQxKyor/aPTKhvFlpKtQMkpKXaGaYUU7NgniF2CExvdsRHF/0CsgrFHyl4mANgaS+G2kek0OEe5iow==
x-fb-trip-id: 664085054
x-fb-content-md5: 038387aac0ce224762f9cfa57f5af3f6
x-frame-options: DENY
date: Thu, 13 Aug 2020 14:20:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 13 Aug 2020 14:39:54 GMT

GET
H2 200 icomoon.8efc2e3a756630532397.ttf
www.ketto.org/new/ 29 KB
17 KB 24ms
24ms Font
application/font-sfnt 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/icomoon.8efc2e3a756630532397.ttf?i2iup6
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/vendor.37c718b3bdbd6d47e85c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28f6272f5b11edbe9648c1b85a1ff6d3c95750eff95f044038992aee28d80e38

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ketto.org/
Origin: https://www.ketto.org

Response headers

date: Thu, 13 Aug 2020 14:18:04 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:12:22 GMT
server: AmazonS3
age: 119
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
content-type: application/font-sfnt
x-amz-cf-id: QGHL7A8BCjeVmD2bZg4EOcNwrOZZYzIlRr5DCLA2djSa0nMLflyXig==
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 iplocation Show response
www.ketto.org/api/third_party/ 195 B
533 B 623ms
623ms XHR
application/json 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ketto.org/api/third_party/iplocation

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-119.dus51.r.cloudfront.net

Software

nginx/1.11.9 /

Resource Hash

fcb21c496f2ce2f6906ea1b01a25329abacc8010449ba4dd37619ac3e0bbce32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization: Bearer false
Content-Type: application/json

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.11.9
x-amz-cf-pop: DUS51-C1
status: 200
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control: no-cache, private
vary: Accept-Encoding
content-length: 159
x-xss-protection: 1; mode=block
x-amz-cf-id: bVKTgvYOe6B8Sz6NmDzDa3Z-JTTt2KTfEFK4sWeAGLNUqhYVoEa6ZA==

GET
H2 200 logo-light-bg.svg
prod_cdn.gumlet.com/images/ 3 KB
2 KB 10ms
9ms Image
image/svg+xml 2600:9000:2182:1400:9:d911:8400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod_cdn.gumlet.com/images/logo-light-bg.svg?w=80

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:1400:9:d911:8400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b08a2fde13d4e5798529ef923dc39f8fdbba7691008326e0c1125587f87b1b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: a618249d409a096d254911e4f00fb0d1
x-gumlet-reqid: 5ece37b3fa07a15e2d34b970
age: 6755423
x-cache: Hit from cloudfront
status: 200
x-gumlet-runtime: 0.076
access-control-allow-origin: *
date: Wed, 27 May 2020 09:49:39 GMT
vary: accept
content-type: image/svg+xml
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: DUS51-C1
link: <https://d1vdjc70h9nzd9.cloudfront.net/images/logo-light-bg.svg>; rel="canonical"
x-amz-cf-id: woOPUuhl7B45FvvNvU_jQ8tY4sK_anSvKNOsImFYnJuLlQ3ohmnQMA==

GET
H2 200 css
fonts.googleapis.com/ 8 KB
868 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d640a627d56a7bb8741578125551070487b6a02ba6c1e28a21b2f092cb4a992f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Aug 2020 13:42:46 GMT
server: ESF
date: Thu, 13 Aug 2020 14:20:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Aug 2020 14:20:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 596 B
448 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82ca7b137491e17a1fa14c7ba83766bbc3f9f715c8a9d9847feaf0010859f16b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Aug 2020 14:20:02 GMT
server: ESF
date: Thu, 13 Aug 2020 14:20:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Aug 2020 14:20:02 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 194 KB
59 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=f317067b8fbf50bdfc8db207df9188cc&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b40bfe50830f45c243236a827a53b30bce8813079d74a09617aad75ae29b00e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Origin: https://www.ketto.org

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Ti3ADsv0yyp0JzE2oDyLIg==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 59380
etag: "68e7ab9b0ae16427e7c5058109100cc6"
x-fb-debug: DbhJIDVU21go7jS0cbvpbjX3MfXu144kSDlQvNniDw1+NWkOTM4wMdKfERpdAG/dmBY5hAkVcXdwPkNVm4kwrw==
x-fb-trip-id: 664085054
x-fb-content-md5: af689f5a31fff178b9d9d732a4cf53ad
x-frame-options: DENY
date: Thu, 13 Aug 2020 14:20:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Fri, 13 Aug 2021 12:44:41 GMT

GET
H2 200 logo-light-bg.svg
prod_cdn.gumlet.io/images/ 3 KB
2 KB 11ms
10ms Image
image/svg+xml 2600:9000:2182:a600:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod_cdn.gumlet.io/images/logo-light-bg.svg?w=80&dpr=1.0

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:a600:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b08a2fde13d4e5798529ef923dc39f8fdbba7691008326e0c1125587f87b1b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
etag: a618249d409a096d254911e4f00fb0d1
x-gumlet-reqid: 5ef8ed1d2840c86efaea936a
age: 3956468
x-cache: Hit from cloudfront
status: 200
x-gumlet-runtime: 0.199
access-control-allow-origin: *
date: Sun, 28 Jun 2020 19:18:54 GMT
vary: accept
content-type: image/svg+xml
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: DUS51-C1
link: <https://d1vdjc70h9nzd9.cloudfront.net/images/logo-light-bg.svg>; rel="canonical"
x-amz-cf-id: bBzBQhtQ76JtWy3ck1z3H36u4GrUfd2gUsyJ30AUSAqEbKzaYLabuA==

GET
H2 200 icon-secure-lock.png
ketto.gumlet.io/assets/images/story/ 550 B
1 KB 53ms
10ms Image
image/webp 2600:9000:2182:1a00:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ketto.gumlet.io/assets/images/story/icon-secure-lock.png?w=240&dpr=1.0

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:1a00:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d488038bd69e57cecd9b5910a143e6a7e418f858c4101bbc88e74252be078e42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
etag: 83a456bb867e0261c45ff24f899af5a6
x-gumlet-reqid: 5ef8ee142840c8649ceab279
age: 3956221
x-cache: Hit from cloudfront
status: 200
x-gumlet-runtime: 1.131
content-length: 550
date: Sun, 28 Jun 2020 19:23:01 GMT
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: DUS51-C1
link: <https://www.ketto.org/assets/images/story/icon-secure-lock.png>; rel="canonical"
x-amz-cf-id: 0ELCjJQf2foT8m82kUyyJtQgg3mYYapqpC5bE-UfzJ75AX8SZ-Qo_Q==

GET
H2 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 3 KB
963 B 24ms
24ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=326437&settings_type=1&vn=6.0&r=0.3375092537199915&exc=3|4|235
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/6.0/va-44ab19c220e47f67e9b7970ae24b5af7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 49779bb3198780ade3bb1f170b8fb26dcb5f353df156bf7de9e972ead6a078f8

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 13 Aug 2020 14:20:01 GMT
content-encoding: gzip
server: gfra1
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google
content-type: application/javascript; charset=UTF-8

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v54/ 80 KB
80 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v54/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee8a320f2202a43715db883d97dcc60c206a4a3a2f307a9d26699b63ac4054f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Material+Icons&display=swap
Origin: https://www.ketto.org

Response headers

date: Mon, 10 Aug 2020 22:40:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Jul 2020 01:58:14 GMT
server: sffe
age: 229197
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81824
x-xss-protection: 0
expires: Tue, 10 Aug 2021 22:40:05 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 13 KB
13 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Origin: https://www.ketto.org

Response headers

date: Tue, 11 Aug 2020 01:52:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:07 GMT
server: sffe
age: 217670
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13108
x-xss-protection: 0
expires: Wed, 11 Aug 2021 01:52:12 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Origin: https://www.ketto.org

Response headers

date: Fri, 07 Aug 2020 08:34:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:17 GMT
server: sffe
age: 539137
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12976
x-xss-protection: 0
expires: Sat, 07 Aug 2021 08:34:25 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Origin: https://www.ketto.org

Response headers

date: Tue, 11 Aug 2020 09:29:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:19 GMT
server: sffe
age: 190229
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Wed, 11 Aug 2021 09:29:33 GMT

GET
H2 200 worker-1acd6955248e984d8c16ea37afb8cbb7.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 18ms
18ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-1acd6955248e984d8c16ea37afb8cbb7.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gbel1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:01 GMT
content-encoding: br
last-modified: Mon, 16 Mar 2020 04:39:45 GMT
server: gbel1
status: 200
etag: "5e6f0311-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 38ms
25ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=287403324698248&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&sdk=joey&wants_cookie_data=false

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: xpn13XHo1uUnVWI+515lg1rl8v8siBsbDoKB1JkV7Z4ceVh+sqyow+6Q6K8qIiQneJwN6RRLlfXxcrXoAMLSXA==
fb-s: unknown
status: 200
date: Thu, 13 Aug 2020 14:20:02 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ketto.org
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 264 KB
68 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

243e0b681fb1f68f609106841a1a20a953c9c1d92523721ba4360492102aaca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69320
x-xss-protection: 0
last-modified: Thu, 13 Aug 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Aug 2020 14:20:02 GMT

GET
H/1.1 200
OK a.js Show response
d2r1yp2w7bby2u.cloudfront.net/js/ 44 KB
15 KB 98ms
23ms Script
application/javascript 13.226.155.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-83.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a38063da0192b10a1ad5fc0496eb659d23ab881775c8c13072e08f4f55622eca

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 14:12:20 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 06 Jul 2020 18:46:24 GMT
Server: AmazonS3
Age: 463
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
Cache-Control: max-age=1800, private
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: 44H3TMkRKDSRvKgRL9oSXLVLYo9FHu-FmiuvouSwCzm7KKts5oYqNw==

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1271067/ 61 KB
21 KB 65ms
23ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1271067/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b76bb0ad5be77742c6e2dc706c1a00073520da9304b49112e9e8f8ea84c76f9c

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ig0nyOy57rSICaLHV1dhhnnI1bYSJ19Q
content-encoding: gzip
etag: "e741f07b18153520f5aefb6e02382a65"
age: 170
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 21096
x-amz-id-2: Xk+DDb4bYK22e6I0AGYv78+/I1pTQsfJKl7bP0Fnch4J9EJw2bC4hWBXJ9VsXR2oSvJDrXhORis=
x-served-by: cache-hhn4020-HHN
last-modified: Mon, 27 Jul 2020 20:22:31 GMT
server: AmazonS3
x-timer: S1597328403.684235,VS0,VE1
date: Thu, 13 Aug 2020 14:20:02 GMT
vary: Accept-Encoding
x-amz-request-id: A5CCEF8A4C8B8350
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 62
x-cache-hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34269
x-xss-protection: 0
pragma: public
x-fb-debug: yysugX7g/0AV8Cquf6vcxnjR4vBvUSvN3IgZhHb391Vb8I7HN3i92JzQvtxMmJCN4MfVxFF8x7L520msfKf+QA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 13 Aug 2020 14:20:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 70ms
29ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

92f410985c0233c9abcba33b98f05b3e24d5ea3e80f5083466d545e94d49ec43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11332
x-xss-protection: 0
server: cafe
etag: 5272426352805486351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Aug 2020 14:20:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3862
date: Thu, 13 Aug 2020 13:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Thu, 13 Aug 2020 15:15:40 GMT

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 11 KB
3 KB 176ms
136ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1597328402633&source=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b07c6fb64749e8a8fa27e5d80bdfdb3c6b0661840b7a6af095e657a1cdecc3bc

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 7dcf0b85-e45c-4e99-8748-20a795a59af7
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0489ca40f90000c7614e9ee200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c231314cb5cc761-AMS

GET
H2 200 scevent.min.js Show response
sc-static.net/ 13 KB
6 KB 97ms
48ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: DUS51-C1
status: 200
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5415
via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
x-amz-cf-id: eKgC-VJD1jj5T4QZ7yc80-YrvGawwnRBjRtMhgFsoQcXXmivyufRNg==

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 6 KB
3 KB 67ms
24ms Script
application/x-javascript 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c0161becb5fafacfce1ed84b0cb433d722cd05f49a9bddd970f3beda387f4ac1

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 14:20:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Jul 2020 06:46:19 GMT
Server: AkamaiNetStorage
ETag: "0e73951387d5f29371176e76c57bc02c:1595832379.898009"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2622
Expires: Thu, 13 Aug 2020 14:40:02 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 21ms
19ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: gzip
age: 60477
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-hhn4026-HHN
last-modified: Mon, 10 Aug 2020 18:10:59 GMT
x-timer: S1597328403.654829,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 22ms
20ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-782023289

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6ed48e4bef4d7de32b9ea692990250e7a08d451bf24d8fe029c7437dc7cfc6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35699
x-xss-protection: 0
last-modified: Thu, 13 Aug 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Aug 2020 14:20:02 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1201088/ 61 KB
21 KB 51ms
23ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1201088/tfa.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25f36c05d70e31e1c49176074f12f940a0e43627a489c5a03d0519bc01729d4f

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: av_XXdGEG931XGhjlYFT3JFqkNCDLgBl
content-encoding: gzip
etag: "f98cc2169c896daadce460efaac5bb70"
age: 118
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 21093
x-amz-id-2: rOdrpD7LTxXyJaAM4r/anpPeV7f0Tw5JxQB82cYujwenY+FvhIA5+vaR4ita43m+w4XaPK+K4gE=
x-served-by: cache-hhn4020-HHN
last-modified: Mon, 27 Jul 2020 20:28:36 GMT
server: AmazonS3
x-timer: S1597328403.684210,VS0,VE1
date: Thu, 13 Aug 2020 14:20:02 GMT
vary: Accept-Encoding
x-amz-request-id: 62F8F9821CC288BD
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 62
x-cache-hits: 1

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 30 KB
11 KB 145ms
44ms Script
application/javascript 23.39.102.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.39.102.135 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-102-135.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

1fc90ca7cad373bbb2464bc5cf020c039a70652527015c24a61f1da4c0e9d11a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 16 Jun 2020 22:42:47 GMT
Server: nginx/1.15.8
ETag: W/"5ee94ae7-784f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Thu, 13 Aug 2020 14:20:02 GMT
Connection: keep-alive
Content-Length: 10653
Expires: Thu, 20 Aug 2020 14:20:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9811153

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8a7340f118b98b851eac48a14c594e09b93bfebf7b0781fdb025e8bf1bdbce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35690
x-xss-protection: 0
last-modified: Thu, 13 Aug 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Aug 2020 14:20:02 GMT

GET
H2

200

tags
sin.creativecdn.com/ Frame A6FA
Redirect Chain

https://asia.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp
https://sin.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp&tc=1

0
0

178ms
176ms

Document
text/html

103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sin.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp&tc=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sin.creativecdn.com
:scheme: https
:path: /tags?id=pr_2WHipQMZZIb93rcciYUp&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: u=scvxgt0uO5sbwF3H44Mb; ts=1597328403
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Response headers

status: 200
date: Thu, 13 Aug 2020 14:20:03 GMT Thu, 13 Aug 2020 14:20:03 GMT
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding, User-Agent
content-encoding: gzip
content-length: 129

Redirect headers

status: 302
date: Thu, 13 Aug 2020 14:20:03 GMT
set-cookie: u=scvxgt0uO5sbwF3H44Mb;Path=/;Domain=.creativecdn.com;Expires=Fri, 13-Aug-2021 14:20:03 GMT;Max-Age=31536000;Secure;SameSite=None ts=1597328403;Path=/;Domain=.creativecdn.com;Expires=Fri, 13-Aug-2021 14:20:03 GMT;Max-Age=31536000;Secure;SameSite=None
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sin.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp&tc=1
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-622239721

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab9ef55460049715061788e665e88f78b6c2f76368263feb1204e32e88c0e2a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35700
x-xss-protection: 0
last-modified: Thu, 13 Aug 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Aug 2020 14:20:02 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 56ms
17ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

88cf2c9a4c4bcef2aa64fb6ea0f337f78e9a7dc61d87993441369fa5cb429d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
x-amz-request-id: 7D0114D23C5AA0BB
x-amz-id-2: h0hcuIhALEnrTOEFZEcWXoE5fY/MBTIkzftOeMlka8D6r6IJ6IbmJGCzPFQnuzKWx/ZPCYdU1jQ=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 16 Sep 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 11 Aug 2020 09:21:22 GMT
server: ATS
etag: "4af30fdfb3f25202fae672877237b12e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: v0T4VwTcSKojm0k.rRPUA2jezlg4p0ZC
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 5573
content-type: application/javascript

GET
H/1.1 200 widget Show response
salesiq.zoho.com/ 104 KB
31 KB 628ms
308ms Script
text/javascript 204.141.42.111
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/widget

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.141.42.111 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

69c0eb863ddd5fe37ed39b0ae84f01ca9e0390c963940cf132ad9aa1fef98779

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
Date: Thu, 13 Aug 2020 14:20:03 GMT
Content-Encoding: gzip
Server: ZGS
vary: accept-encoding
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000
Expires: Thu, 13 Aug 2020 14:25:03 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/2f1d52102c1740ab95927f4a5a2b84ea/ 43 B
422 B 101ms
101ms Image
image/gif 3.221.154.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/2f1d52102c1740ab95927f4a5a2b84ea/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.221.154.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-221-154-44.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 14:20:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,74b4e223d1268d839b3ad7ff88ec2a9e,10.0.0.103,26230,185.217.171.12,,27308792488,1,1597328402.737,0.001,,.,0,0,0.000,0.000,-,0,0,197,180,90,10,26847,,,,,,-,
Content-Type: image/gif

GET
H2 200 eventTracking.htm
ade.clmbtech.com/cde/ 1 KB
1 KB 260ms
219ms Image
image/jpeg 2a02:26f0:6c00:19b::143a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/cde/eventTracking.htm?pixelId=8367&_w=1&rd=1597328402643

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:19b::143a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

91f41aca1c42388a52cffa41e75305c6e98ba8c97aaa68c62143b6b7de08d912

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
server: nginx
date: Thu, 13 Aug 2020 14:20:02 GMT
x-frame-options: sameorigin
content-type: image/jpeg
status: 200
content-disposition: inline;filename=f.txt
content-length: 1121
x-xss-protection: 1; mode=block

GET
H2 200 hotjar-200024.js Show response
static.hotjar.com/c/ 14 KB
4 KB 47ms
14ms Script
application/javascript 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-200024.js?sv=5

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),

Reverse DNS

Software

Resource Hash

08435b97f5550e2c0c4cb2aa1586a5baacecc406e35170b182f0fd8e4911effe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjarjs
age: 169
status: 200
section-io-cache: Hit
vary: Accept-Encoding
content-length: 3717
cache-control: max-age=60
etag: W/e8d0b83b4e29be466f50c13c4a3dc2f0
access-control-max-age: 600
section-io-origin-status: 304
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.019
accept-ranges: bytes
section-io-id: 7142492724f4fea8108fa5f017327d26
section-origin-responded: true

GET
H2 200 settings Show response
www.notifyvisitors.com/ext/v1/ 11 KB
4 KB 745ms
687ms Script
text/html 2600:9000:2182:7200:14:81fb:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.notifyvisitors.com/ext/v1/settings?bid_e=35D48324D3C04FCCC90B4AA741DC5A1D&bid=8420&t=420&iFrame=false&trafficSource=&link_referrer=&pageUrl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&path=%2Fstories%2Fsaveshlok&domain=https%3A%2F%2Fwww.ketto.org&gmOffset=7200&screenWidth=1600&screenHeight=1200&isPwa=0&cookieData=&storage=%7B%22session%22%3A%7B%7D%2C%22local%22%3A%7B%7D%7D&

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:7200:14:81fb:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c7bcb5e8207a02a29be1917135d9fc90c6e3a8c1e505b2150a2caea9541b05cc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:03 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: DUS51-C1
status: 200
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
via: 1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
x-amz-cf-id: lZ5Xpvjx8eNkxul0XXNAU20VfLZZMKZ3YBHbV4_4UIxPZjenw88XcA==
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK a Show response
wzrkt.com/ 320 B
874 B 658ms
259ms Script
text/javascript 13.227.234.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wzrkt.com/a?t=96&type=page&d=N4IgrgziBcIKYA8AucBOA7AhgGwPoGNs4A3NJTABxABpwBbGeOzAS2xvH0YEYBmTMAHMATAAZcEYhAAW2APYBrAtIwDBuAEYAWDiwAmjLQCUAbAFotAdgAcZo0a0AtDhUExutfK8bSkSChDQAPRBAO7hAHQKcH5yEXKogkEQSAkscBDJmKQy8goA%2FPgCEHAAvNgspKgAZBSYAJ50cOhIpQBmCXTVYEh0EnJgqPhliCiqeIQkZJTdvbhNeixgdKVwzGyzfUV0dSyC6KV8AIJCYrgAysTnsoq4AMIq6CfqAEI6tADqjkYA0vdHAFkAAowUChHYwUS0JDYLjQADaAF0AL7IoAA%3D&rn=1&i=1597328402&sn=0&r=1597328402675
Requested by: Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.227.234.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 587940cc4600dd6da6eb7113673c891753299d41fb7264c18f8c50c5a23658a2

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Aug 2020 14:20:03 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: BOM51-C1
Vary: Accept-Encoding, User-Agent
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=utf-8
Via: 1.1 50fa1d14eae868d4657ab6d25c868059.cloudfront.net (CloudFront)
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: mbRPrQX3ZcwYuAE6HzEq93T0ME2WkZnLZkcf8AKlS_UncdBTeyFvQw==
Expires: Thu, 01 Jan 1970 00:00:00 GMT, 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1522905606&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clev...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=260549908.1597328403&jid=399611943&_gid=1444898778.1597328403&gjid=2109953889&_v=j83&z=958939170
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=260549908.1597328403&jid=399611943&_v=j83&z=958939170
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=260549908.1597328403&jid=399611943&_v=j83&z=958939170&slf_rd=1&random=2515523741

42 B
106 B

19ms
19ms

Image
image/gif

2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=260549908.1597328403&jid=399611943&_v=j83&z=958939170&slf_rd=1&random=2515523741

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=260549908.1597328403&jid=399611943&_v=j83&z=958939170&slf_rd=1&random=2515523741
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 441308802710601 Show response
connect.facebook.net/signals/config/ 525 KB
133 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/441308802710601?v=2.9.23&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c3a50336baa56395e16841f3f3c64a42006e82c36f968c486a3eea88c5f6772

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 135549
x-xss-protection: 0
pragma: public
x-fb-debug: ggOW+d6kmocCEK8ckIw6BHtFKpv5orOFJ49QYz82EZlnQRP95tWvDopgtC6IVKu5ZadLUXVDK06n7kVYoDXBMw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 13 Aug 2020 14:20:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
280 B 191ms
191ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nys4q&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 171
pragma: no-cache
last-modified: Thu, 13 Aug 2020 14:20:02 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ec740113b4f1d3b556238ad7cebe19e7
x-transaction: 0073613d009e4b3f
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
166 B 175ms
175ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nys4q&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 155
pragma: no-cache
last-modified: Thu, 13 Aug 2020 14:20:02 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 03072eff39d08542c80a2fb0a9db5bf9
x-transaction: 0078cb57002ba114
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1271067/trc/3/ 766 B
1 KB 42ms
39ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1271067/trc/3/json?tim=1597328402718&data=%7B%22id%22%3A844%2C%22ii%22%3A%22%2Fstories%2Fsaveshlok%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1597328402714%2C%22cv%22%3A%2220200727-34-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dketto-inr-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22supv%22%3Atrue%2C%22mpv%22%3Atrue%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1271067/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e691dba18272d5abca333389db6c6d725213c335c23470dbe170eeae87b76d7a

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 19
date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
x-served-by: cache-hhn4020-HHN
server: nginx
x-timer: S1597328403.805354,VS0,VE19
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/ 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/?random=1597328402739&cv=9&fst=1597328402739&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=Crowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

729abc11d041d362732b31a687f73c565fef2944b2affccafa59253c26649aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1143
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/ 2 KB
1 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/?random=1597328402741&cv=9&fst=1597328402741&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=Crowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f670fe7c43817206441e4f123c6baa8238ee94b391cd86d1ca53aa308dcd0b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1123
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/ 2 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/?random=1597328402742&cv=9&fst=1597328402742&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=Crowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30d1d51a1902cd043f4b0429178be33b70350ef8aa435218ab837e1bcf0eb2df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1122
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel
tr.outbrain.com/ 43 B
275 B 378ms
93ms Image
image/gif 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/pixel?marketerId=00c4a3d639c5d8cf6adaf0b53603f6fcd9&obApiVersion=1.0-gtm&obtpVersion=1.2.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&optOut=false&bust=06567463659935899
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 14:20:03 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: 318892eaf5a4628d56b53c1e5a1742fb
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 351ms
87ms Image
image/gif 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=00c4a3d639c5d8cf6adaf0b53603f6fcd9&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&bust=012305172214439208
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 14:20:03 GMT
Cache-Control: no-cache
X-TraceId: 3d41f7e74ccb4a61f23dbe79ddcb010a
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 10111660.json Show response
s.yimg.com/wi/config/ 2 B
496 B 55ms
20ms XHR
application/json 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10111660.json

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:18:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 0D1D3D2390C296C4
x-amz-id-2: MH4FDcJOABQE/bFALPsB+FkdonyUHpkRq21OhSpuAM7IaQPzPn+yXXBOvwXwYfGfV3SEf8FxJbM=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 i
tr.snapchat.com/cm/ Frame C087 0
0 50ms
21ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=063d31e7-94b2-4f93-9267-59adb398a633

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=063d31e7-94b2-4f93-9267-59adb398a633
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Response headers

status: 200
server: nginx/1.17.3
date: Thu, 13 Aug 2020 14:20:02 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 modules.ff34de88541a59e5fddf.js Show response
script.hotjar.com/ 356 KB
70 KB 49ms
14ms Script
application/javascript 147.75.102.203
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.ff34de88541a59e5fddf.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-200024.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.203 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress15
Software: /
Resource Hash: 4797c570690878a0ca05e26697da5e8236ebab3ab80a3fa35f553a04774ca25b

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: br
age: 5436
status: 200
section-io-cache: Hit
content-length: 70958
last-modified: Thu, 13 Aug 2020 12:46:01 GMT
etag: "2f90f92b7560ea2bb374825e5ac38b18"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.109
section-io-id: a79165d76866fe3cfc7544451e0a759b
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H2 200 p
tr.snapchat.com/ 68 B
302 B 26ms
24ms Image
image/png 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=063d31e7-94b2-4f93-9267-59adb398a633&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&ts=1597328402775&rf=&v=1.5&if=false&bt=__LIVE__&intg=gtm&u_c1=957bb07f-62aa-415d-83e9-996022ad1b0d&m_sl=1798&m_rd=1814&m_pi=949&m_pl=1587&m_ic=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
via: 1.1 google
server: nginx/1.17.3
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 /
www.facebook.com/tr/ 44 B
310 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=441308802710601&ev=PageView&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&rl=&if=false&ts=1597328402794&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1597328402793.1271898743&it=1597328402695&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 13 Aug 2020 14:20:02 GMT

GET
H/1.1 200
OK 84435
stags.bluekai.com/site/ Frame 92F1 0
0 230ms
182ms Document
text/html 92.123.150.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/84435?ret=html&phint=__bk_t%3DCrowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&phint=__bk_k%3Dcrowdfunding%20india%2C%20crowdfunding%2C%20crowdfunding%20website%2C%20ketto%2C%20crowdsourcing&phint=__bk_l%3Dhttps%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&phint=__bk_v%3D3.1.5&limit=1&r=97821346
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.150.214 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-150-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: dae3
Date: Thu, 13 Aug 2020 14:20:03 GMT
Connection: keep-alive
X-N: S

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 30ms
29ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-622239721

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

92f410985c0233c9abcba33b98f05b3e24d5ea3e80f5083466d545e94d49ec43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11332
x-xss-protection: 0
server: cafe
etag: 5272426352805486351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Aug 2020 14:20:02 GMT

GET
H/1.1 200
OK sp.pl Show response
sp.analytics.yahoo.com/ 0
857 B 137ms
45ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2013%20Aug%202020%2014%3A20%3A02%20GMT&n=-2d&b=Crowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&.yp=10111660&f=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&enc=UTF-8&tagmgr=gtm

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 14:20:02 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Thu, 13 Aug 2020 14:20:02 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 05FC 0
0 51ms
15ms Document
text/html 147.75.33.229
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-200024.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.33.229 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress12
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Response headers

status: 200
date: Thu, 13 Aug 2020 14:20:02 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 12 Aug 2020 18:11:15 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.046
section-origin-responded: true
age: 26269
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 508532f769c2286c01f4ef1470ae0dc5

GET
H2 200 /
www.google.com/pagead/1p-user-list/782023289/ 42 B
110 B 22ms
22ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/782023289/?random=1597328402739&cv=9&fst=1597327200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=Crowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=4220238267&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/782023289/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/782023289/?random=1597328402739&cv=9&fst=1597327200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=Crowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=4220238267&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1201088/trc/3/ 743 B
781 B 54ms
53ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1201088/trc/3/json?tim=1597328402853&data=%7B%22id%22%3A272%2C%22ii%22%3A%22%2Fstories%2Fsaveshlok%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3A%22b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192%22%2C%22vi%22%3A1597328402714%2C%22cv%22%3A%2220200727-34-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dketto-inr-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22supv%22%3Atrue%2C%22mpv%22%3Atrue%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1271067/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 93f3767ec70abae9a044f7508b9053ad4107dac2d9133e55ecbce6c0fa3198d7

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 33
date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
x-served-by: cache-hhn4020-HHN
server: nginx
x-timer: S1597328403.954260,VS0,VE33
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 1x1.gif
a.mgid.com/ 43 B
157 B 146ms
146ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=321038&type=c&tg=&r=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:03 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c231315fe39c761-AMS
content-type: image/gif
cf-request-id: 0489ca41bb0000c7614e9fe200000001

GET
H2 200 /
www.google.com/pagead/1p-user-list/963384337/ 42 B
110 B 21ms
21ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963384337/?random=1597328402742&cv=9&fst=1597327200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=Crowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=2624452487&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/963384337/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963384337/?random=1597328402742&cv=9&fst=1597327200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=Crowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=2624452487&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/930975017/ 42 B
110 B 23ms
23ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930975017/?random=1597328402741&cv=9&fst=1597327200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=Crowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=2579873554&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/930975017/ 42 B
107 B 21ms
20ms Image
image/gif 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930975017/?random=1597328402741&cv=9&fst=1597327200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=Crowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=2579873554&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/622239721/ 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/622239721/?random=1597328402865&cv=9&fst=1597328402865&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=Crowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33350aac560a3d092cb443a9dbb6a6c9169ab50e73f065f20de9556a34b430f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1147
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 saveshlok Show response
www.ketto.org/api/fundraisers/ 14 KB
4 KB 1019ms
1018ms XHR
application/json 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ketto.org/api/fundraisers/saveshlok?with=viewmedicalbill;gallery;basicinfo;beneficiary.avtar;campaigner.avtar;manager.entity;likescount;banktransfer;cause;campaigner.social;theater;storyTitle;storyDescription;leaderboard;doctorDetails;hospitalOnly;videoAppeal;mediaBeneficiary;mswName;mswDate&currency=INR&page_type=stories&short_story=false

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-119.dus51.r.cloudfront.net

Software

nginx/1.11.9 /

Resource Hash

bd000acb594b72bceb7ebed5852b28bc94e91689f1d02b4a67c68f4ec5ad851d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization: Bearer false
Content-Type: application/json

Response headers

date: Thu, 13 Aug 2020 14:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.11.9
x-amz-cf-pop: DUS51-C1
status: 200
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control: no-cache, private
vary: Accept-Encoding
content-length: 3761
x-xss-protection: 1; mode=block
x-amz-cf-id: e-AQDnwyD0-pnt8KsWqSCqKVdQI1hU0rhZzG930EbsZxGrTS8EsqCg==

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lujVj9_mf.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 12 KB
12 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lujVj9_mf.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4c9d4f6fbcbe3b591646b902e33b914083d983374cf38cefcd6054ccc5dd3b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Origin: https://www.ketto.org

Response headers

date: Fri, 07 Aug 2020 05:10:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:25 GMT
server: sffe
age: 551377
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12352
x-xss-protection: 0
expires: Sat, 07 Aug 2021 05:10:25 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/622239721/ 42 B
110 B 24ms
23ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/622239721/?random=1597328402865&cv=9&fst=1597327200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=Crowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=2957018690&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/622239721/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/622239721/?random=1597328402865&cv=9&fst=1597327200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=Crowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=2957018690&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
61 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryWm6uQtdR3vKjlxZM

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 13 Aug 2020 14:20:03 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.ketto.org
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK crosdom.html
vts.zohopublic.com/ Frame 170D 0
0 1101ms
166ms Document
text/html 204.141.43.144
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vts.zohopublic.com/crosdom.html

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.141.43.144 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

AWServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Host: vts.zohopublic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Response headers

Last-Modified: Tue, 11 Aug 2020 09:12:42 PDT
Content-Type: text/html
Content-Length: 4295
Date: Thu, 13 Aug 2020 07:20:04 PDT
Connection: Keep-Alive
Server: AWServer
Strict-Transport-Security: max-age=15768000

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
82 B 143ms
142ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Bugsnag-Sent-At: 2020-08-13T14:20:03.316Z
Bugsnag-Api-Key: 0d02ac2f63382263e24f75c0adad288e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

status: 202
date: Thu, 13 Aug 2020 14:20:03 GMT
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 21
content-type: application/json

GET
H/1.1 200 getembeddetails.ls Show response
salesiq.zoho.com/ 32 KB
11 KB 267ms
267ms XHR
application/json 204.141.42.111
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/getembeddetails.ls?widgetcode=b6094acc00a47339ab1721bce0e4ec1b7c9655e6d748c965b8a9f3dfb00d5f3ee227628657475a895017d49e99cd163a&fetchavuid=true&fetchapilang=true&lang_browser=en&currdomain=https%3A%2F%2Fketto.org&pagetitle=Crowdfunding%20India%20-%20Best%20Crowdfunding%20Platform%20%26%20Website%20-%20Ketto

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.141.42.111 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

83b995d94c48213cd1c7840e2ebb03606ec7b8c1ff1e61e927237962889b20e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 14:20:03 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Server: ZGS
X-Frame-Options: SAMEORIGIN
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.ketto.org
Connection: keep-alive
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000
Access-Control-Allow-Credentials: true
vary: accept-encoding
X-XSS-Protection: 1

GET
H/1.1 200
OK pixel
tr.outbrain.com/ 43 B
275 B 360ms
91ms Image
image/gif 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/pixel?marketerId=00c4a3d639c5d8cf6adaf0b53603f6fcd9&obApiVersion=1.0-gtm&obtpVersion=1.2.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&optOut=false&bust=02264053142254956
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 14:20:03 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: 2d351e4f1df790a7cbc553ce49e780e1
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 89ms
88ms Image
image/gif 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=00c4a3d639c5d8cf6adaf0b53603f6fcd9&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&bust=01685312617108703
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 14:20:03 GMT
Cache-Control: no-cache
X-TraceId: 32d81d7731c7137251e05f1ff4dde5fb
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 664 B
485 B 23ms
23ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=326437&settings_type=2&vn=6.0&r=0.9129943826275817&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&exc=3|4|235|232|234|236
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/6.0/va-44ab19c220e47f67e9b7970ae24b5af7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 8d18ff776a7e0edabd3491428bdd57f746cfedcca1d68fb887db0ba3474e0dff

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 13 Aug 2020 14:20:03 GMT
content-encoding: gzip
server: gfra1
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google
content-type: application/javascript; charset=UTF-8

GET
H2 200 floatbutton_9a34f10066ee384f6018af3a89b5caef_.css
css.zohocdn.com/salesiq/https/styles/ 88 KB
16 KB 56ms
14ms Stylesheet
text/css 31.186.243.147
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/https/styles/floatbutton_9a34f10066ee384f6018af3a89b5caef_.css

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.186.243.147 , United Kingdom, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

482dc958407776ef68a7c028342c6ca937f7b3247775ea2515c1497d4c80114f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css
x-cache: HIT
status: 200
vary: Origin, Accept-Encoding
content-length: 15432
x-xss-protection: 1
x-sts-request-id: ex1-5f1eb4114d986f2a19996c3b
last-modified: Mon, 27 Jul 2020 08:51:03 GMT
server: ZGS
x-frame-options: SAMEORIGIN
etag: "23dc56399f38439843dfb9d31263c620"
strict-transport-security: max-age=15768000
content-language: en-US
access-control-allow-origin: *
cache-control: public, max-age=15552000, must-revalidate, proxy-revalidate
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 floatbutton_cbfca76155ec0e3a3030f32d11f9605d_.js Show response
js.zohocdn.com/salesiq/https/js/ 54 KB
12 KB 51ms
14ms Script
application/javascript 31.186.243.147
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/https/js/floatbutton_cbfca76155ec0e3a3030f32d11f9605d_.js

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.186.243.147 , United Kingdom, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

82a2a22fe2428db4e7e8eb0cf863ebbb81ff6594ee14a35e43f08b37ce0d65e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
status: 200
vary: Origin, Accept-Encoding
content-length: 11944
x-xss-protection: 1
x-sts-request-id: ex1-5f34ae384d986f2a19ae1c2b
last-modified: Wed, 12 Aug 2020 14:27:09 GMT
server: ZGS
x-frame-options: SAMEORIGIN
etag: "8b1169fe61e2048bb802d2e639f97e57"
strict-transport-security: max-age=15768000
content-language: en-US
access-control-allow-origin: *
cache-control: public, max-age=15552000, must-revalidate, proxy-revalidate
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 raised Show response
www.ketto.org/api/fundraisers/saveshlok/ 105 B
476 B 752ms
751ms XHR
application/json 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ketto.org/api/fundraisers/saveshlok/raised?currency=INR&page_type=stories

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-119.dus51.r.cloudfront.net

Software

nginx/1.11.9 /

Resource Hash

ff0a4dd9123853d9d6aa3f0342f55d6ab9504a3514ef348c8a9e57a8aeca030b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization: Bearer false
Content-Type: application/json

Response headers

date: Thu, 13 Aug 2020 14:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.11.9
x-amz-cf-pop: DUS51-C1
status: 200
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control: no-cache, private
vary: Accept-Encoding
content-length: 104
x-xss-protection: 1; mode=block
x-amz-cf-id: T27G-1UE__GnE_-0W1Rws3TZb4bfm4yZ30B5Moj_y0xJ4Vg-h27XNA==

GET
H2 403 / Show response
graph.facebook.com/v3.2/ 204 B
445 B 27ms
27ms XHR
application/json 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/v3.2/?id=https://www.ketto.org/stories/saveshlok&fields=engagement&access_token=412730782638081%7Cae3e4947d3bef0ab1ecb3804246c1304

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f30b16fcf42b5f4a96e66cb24265d091a3b51a2c47a2df99953d07e92b797bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization: Bearer false

Response headers

strict-transport-security: max-age=15552000; preload
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#4) Application request limit reached"
x-app-usage: {"call_count":193,"total_cputime":0,"total_time":24}
status: 403
x-fb-rev: 1002509378
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 204
pragma: no-cache
x-fb-debug: pyu/wbtfOURsuXkJe0GqrTK3vOVifuza5F2qUgr2kdSx25hzADO9nPiEYyAcGjxXfR9XBKFBpthj9k9YHepjqQ==
x-fb-trace-id: ALhlwojYmrM
date: Thu, 13 Aug 2020 14:20:03 GMT
content-type: application/json
access-control-allow-origin: *
x-fb-request-id: AYa5q2YlnPoy985L_Qu4BZU
cache-control: no-store
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 updates Show response
www.ketto.org/api/fundraisers/saveshlok/ 2 KB
1 KB 24ms
23ms XHR
application/json 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ketto.org/api/fundraisers/saveshlok/updates?with=owner.avtar;likesCount&limit=1&orderBy=creation_time&sortedBy=desc

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-119.dus51.r.cloudfront.net

Software

nginx/1.11.9 /

Resource Hash

e6470160a2d161fa92bf90f903191c19f8d2ee0f89892ac8d6a139c078de18ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization: Bearer false
Content-Type: application/json

Response headers

date: Thu, 13 Aug 2020 13:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1250
x-cache: Hit from cloudfront
status: 200
content-length: 1034
x-xss-protection: 1; mode=block
server: nginx/1.11.9
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control: no-cache, private
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: M-B-7zgFKjAzC0Hk1rQAeUSIuTSBtFfG5Ss59KOE1V8cXcQycDbtvQ==

GET
H2 200 system_event.php Show response
www.ketto.org/vars/ 16 B
698 B 914ms
913ms XHR
application/json 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/vars/system_event.php?eventName=pageView&page_name=stories&event_type_id=214585&event_type=campaign&info_3=stories&referrer_page=&ab_testname=&ab_value=&cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash: 39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
X-Requested-With: XMLHttpRequest
Authorization: Bearer false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:04 GMT
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
server: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
x-amz-cf-pop: DUS51-C1
pageurl-1: 1
x-powered-by: PHP/5.6.40
x-cache: Miss from cloudfront
content-type: application/json
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 16
x-amz-cf-id: cdA4lQ_iiXS33yrwuzJEg3RYQIT6VXyCKEd8xZGvKhvi2yacXccDrA==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 29ms
29ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

92f410985c0233c9abcba33b98f05b3e24d5ea3e80f5083466d545e94d49ec43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11332
x-xss-protection: 0
server: cafe
etag: 5272426352805486351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Aug 2020 14:20:03 GMT

GET
H2

200

activityi;dc_pre=CNWb74CwmOsCFdXKuwgdf_wINw;src=9811153;type=invmedia;cat=dv36000;ord=5236353721528;gtm=2wg871;auiddc=2099060509.1597328403;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3...
9811153.fls.doubleclick.net/ Frame F81D
Redirect Chain

https://9811153.fls.doubleclick.net/activityi;src=9811153;type=invmedia;cat=dv36000;ord=5236353721528;gtm=2wg871;auiddc=2099060509.1597328403;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok...
https://9811153.fls.doubleclick.net/activityi;dc_pre=CNWb74CwmOsCFdXKuwgdf_wINw;src=9811153;type=invmedia;cat=dv36000;ord=5236353721528;gtm=2wg871;auiddc=2099060509.1597328403;~oref=https%3A%2F%2Fw...

0
0

93ms
92ms

Document
text/html

172.217.23.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9811153.fls.doubleclick.net/activityi;dc_pre=CNWb74CwmOsCFdXKuwgdf_wINw;src=9811153;type=invmedia;cat=dv36000;ord=5236353721528;gtm=2wg871;auiddc=2099060509.1597328403;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9811153.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNWb74CwmOsCFdXKuwgdf_wINw;src=9811153;type=invmedia;cat=dv36000;ord=5236353721528;gtm=2wg871;auiddc=2099060509.1597328403;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkSlgJKtz6s2ch_cm5U4_5oY3Og9Idypqj4hCjVDWag3uiHHYjh7BCH3ia3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 13 Aug 2020 14:20:04 GMT
expires: Thu, 13 Aug 2020 14:20:04 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 425
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Thu, 13 Aug 2020 14:20:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9811153.fls.doubleclick.net/activityi;dc_pre=CNWb74CwmOsCFdXKuwgdf_wINw;src=9811153;type=invmedia;cat=dv36000;ord=5236353721528;gtm=2wg871;auiddc=2099060509.1597328403;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 985
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Thu, 13 Aug 2020 15:03:38 GMT

GET
H2 204 unip Show response
trc.taboola.com/1201088/log/3/ 0
289 B 28ms
28ms XHR
image/gif 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1201088/log/3/unip?en=view_content&tim=1597328403917&vi=1597328402714&ri=e1d290605b48f71acdfbfad37920971d&sd=v2_28e38451c5012d36b053bcc8727acb56_b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192_1597328402_1597328402_CNawjgYQwKdJGJrSxMG-LiABKAMwoQE4l-oLQJmXEEi-idoDUP___________wFYAGAAaOKmqpGyrZficA&ui=b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192&ref=null&cv=20200727-34-RELEASE
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Thu, 13 Aug 2020 14:20:03 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4020-HHN
pragma: no-cache
server: nginx
x-timer: S1597328404.930057,VS0,VE8
content-type: image/gif
access-control-allow-origin: https://www.ketto.org
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 tags
asia.creativecdn.com/ Frame 6B2B 0
0 177ms
176ms Document
text/html 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp_offer_214585
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: asia.creativecdn.com
:scheme: https
:path: /tags?id=pr_2WHipQMZZIb93rcciYUp_offer_214585
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: u=scvxgt0uO5sbwF3H44Mb; ts=1597328403
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4

Response headers

status: 200
date: Thu, 13 Aug 2020 14:20:04 GMT Thu, 13 Aug 2020 14:20:04 GMT
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding, User-Agent
content-encoding: gzip
content-length: 197

GET
H2 204 unip Show response
trc.taboola.com/1271067/log/3/ 0
57 B 26ms
26ms XHR
image/gif 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1271067/log/3/unip?en=view_content&tim=1597328403926&vi=1597328402714&ri=8356ed5d0b25b63656156245714fa64c&sd=v2_f23b23d5f0298d04d715a099783820b3_b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192_1597328402_1597328402_CNawjgYQm8pNGJrSxMG-LiABKAEwoQE4l-oLQJmXEEi-idoDUP___________wFYAGAAaOKmqpGyrZficA&ui=b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192&ref=null&cv=20200727-34-RELEASE
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Thu, 13 Aug 2020 14:20:03 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4020-HHN
pragma: no-cache
server: nginx
x-timer: S1597328404.937054,VS0,VE8
content-type: image/gif
access-control-allow-origin: https://www.ketto.org
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 contribute Show response
www.ketto.org/api/fundraisers/214585/ 404 B
624 B 434ms
434ms XHR
application/json 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ketto.org/api/fundraisers/214585/contribute?currency=INR&device=desktop&utm_medium=email

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-119.dus51.r.cloudfront.net

Software

nginx/1.11.9 /

Resource Hash

0c094478330cd4e765ade8edb0cd218e1a37c4631733bbfda97bbecf5d2de618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization: Bearer false
Content-Type: application/json

Response headers

date: Thu, 13 Aug 2020 14:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.11.9
x-amz-cf-pop: DUS51-C1
status: 200
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control: no-cache, private
vary: Accept-Encoding
content-length: 250
x-xss-protection: 1; mode=block
x-amz-cf-id: 5QHyDKEs-BlvIjKRE1zi32-PtziEHXrRDIGWuMykBVypQbpesQ99Mg==

GET
H2 200 mi-shine.png
d1vdjc70h9nzd9.cloudfront.net/images/ 4 KB
4 KB 66ms
15ms Image
image/png 2600:9000:2182:5a00:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/mi-shine.png
Requested by: Host: cdn.gumlet.com
URL: https://cdn.gumlet.com/gumlet.js/2.0/gumlet.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:5a00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 121b3bad035f5a87c185bb1ce9465eba6c0d8ca0fcf03fced81559192cb06d85

Request headers

Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 08 Aug 2020 12:57:47 GMT
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jan 2020 10:53:15 GMT
server: AmazonS3
age: 436938
etag: "37d16b2f8ba85dd0f6daa5db90b7f902"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 3890
x-amz-cf-id: V0YR4jVsW6rd8-BS7g8XdhseUTvdnCLXTeT9iX3BrmaGGuenJ7HbDw==

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 7ms
5ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=1522905606&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&ul=en-us&de=UTF-8&dt=My%20Son%20Urgently%20Needs%20A%20Liver%20Transplant%20But%20I%20Cannot%20Afford%20It.%20Please%20Help%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Campaign%20Viewed&ea=page_load&el=My%20son%20urgently%20needs%20a%20liver%20transplant%20but%20I%20cannot%20afford%20it.%20Please%20help&_u=aEDAAEAB~&jid=&gjid=&cid=260549908.1597328403&tid=UA-30181760-1&_gid=1444898778.1597328403&gtm=2wg871MJRMLZ&cd7=150&cd8=saveshlok&cd9=214585&z=554289556

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 03:22:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 125857
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=441308802710601&ev=ViewContent&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3...
https://cx.atdmt.com/?c=10142005414154234067&f=AYzffjIQYbmqxgnj4ZnL6G8a54QZICMWAwiveTfldQ7DLEboUYRoDwOXGIFjII9T1KnMlLJGEoWEsQ1t5oMIXLnv&id=441308802710601&l=3&v=0

43 B
422 B

42ms
25ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=10142005414154234067&f=AYzffjIQYbmqxgnj4ZnL6G8a54QZICMWAwiveTfldQ7DLEboUYRoDwOXGIFjII9T1KnMlLJGEoWEsQ1t5oMIXLnv&id=441308802710601&l=3&v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
x-fb-debug: TbN8ng+hxp6uQhQNQOvFG3l7K2FtQX2C1W/OHlxKmb2ewV1UXuOZ4tqLLEnhinDmUudLq4WnuXjVfx4kANSuBA==
content-encoding: br
x-content-type-options: nosniff
date: Thu, 13 Aug 2020 07:20:04 PDT
x-frame-options: DENY
content-type: image/gif
status: 200
cache-control: public, max-age=0
vary: Accept-Encoding
expires: Thu, 13 Aug 2020 07:20:04 PDT

Redirect headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:03 GMT
server: proxygen-bolt
status: 302
content-type: text/plain
location: https://cx.atdmt.com/?c=10142005414154234067&f=AYzffjIQYbmqxgnj4ZnL6G8a54QZICMWAwiveTfldQ7DLEboUYRoDwOXGIFjII9T1KnMlLJGEoWEsQ1t5oMIXLnv&id=441308802710601&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H/1.1 200
OK pixel
tr.outbrain.com/ 43 B
275 B 365ms
92ms Image
image/gif 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/pixel?marketerId=00c4a3d639c5d8cf6adaf0b53603f6fcd9&obApiVersion=1.0-gtm&obtpVersion=1.2.0&name=View-Content&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&optOut=false&bust=005609640853107756
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 14:20:04 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: 29f407e3953d7a05eac86b1bc2913460
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 82ee357093cf6dc217617d0a2373cca63fb9277a.jpg
prod_cdn.gumlet.io/media/campaign/214000/214585/image/ 35 KB
36 KB 14ms
12ms Image
image/webp 2600:9000:2182:a600:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod_cdn.gumlet.io/media/campaign/214000/214585/image/82ee357093cf6dc217617d0a2373cca63fb9277a.jpg?w=1140&dpr=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:a600:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e6c1135c61ca2ca2d84e25ff7b8bd01a9c9a1cbb76ef8209318e0b86d3fdecfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
etag: 58dd931c29af1e3824ee52819c10906d
x-gumlet-reqid: 5f354b9d418ef424d902f01b
age: 118
x-cache: Hit from cloudfront
status: 200
x-gumlet-runtime: 0.145
content-length: 35756
link: <https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/214000/214585/image/82ee357093cf6dc217617d0a2373cca63fb9277a.jpg>; rel="canonical"
date: Thu, 13 Aug 2020 14:18:05 GMT
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: GYWTslytKA9jP2WZj51I5kJxMdePAmeeIMpzv-3s6UI1YQ0CtLuIbA==

GET
H2 200 comments Show response
www.ketto.org/api/fundraisers/saveshlok/updates/30479/ 241 B
557 B 24ms
24ms XHR
application/json 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ketto.org/api/fundraisers/saveshlok/updates/30479/comments?limit=5

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-119.dus51.r.cloudfront.net

Software

nginx/1.11.9 /

Resource Hash

ade4cd23b2043cdc91091d110e7e661998056ea7052188dd5bd8ce203dcd61c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization: Bearer false
Content-Type: application/json

Response headers

date: Thu, 13 Aug 2020 13:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1250
x-cache: Hit from cloudfront
status: 200
content-length: 176
x-xss-protection: 1; mode=block
server: nginx/1.11.9
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control: no-cache, private
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: N6gaPFk8WRC3zRv-FDOz8_PqoYUUYFDJUXiuV8eSMjfZHANZMtZe1g==

GET
H2 200 js-sha256-v1.min.js Show response
sc-static.net/ 22 KB
8 KB 69ms
23ms Script
application/javascript 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/js-sha256-v1.min.js
Requested by: Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Origin: https://www.ketto.org

Response headers

date: Wed, 12 Aug 2020 19:09:26 GMT
content-encoding: gzip
age: 69039
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
server: AmazonS3
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Type
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: mAtQzVvG3fU5IX4LBuW0QwsiEl9WrDHVAXVpprhmqOTTmHvgVz4HbA==

GET
H2 200 default-campaign-picture.jpg
prod_cdn.gumlet.com/images/ 2 KB
2 KB 11ms
10ms Image
image/webp 2600:9000:2182:1400:9:d911:8400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod_cdn.gumlet.com/images/default-campaign-picture.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:1400:9:d911:8400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c56f6aeacbe5de60494b770ba1f0b7b42840dbd858df84b987058ad2299c68bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
etag: 25c90f093b36644477dcdabd2d09b371
x-gumlet-reqid: 5f320580160b5bc363bab950
age: 214676
x-cache: Hit from cloudfront
status: 200
x-gumlet-runtime: 0.037
content-length: 1592
link: <https://d1vdjc70h9nzd9.cloudfront.net/images/default-campaign-picture.jpg>; rel="canonical"
date: Tue, 11 Aug 2020 02:42:08 GMT
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: 0kdS1AmSesv_J2gdcR8tOdywyWS-q_-eZcC8Hhvbvy3v_G5ofk995Q==

GET
H2 200 ce6083eb90d4fd08533b79e4be021791eec56feb.jpg
prod_cdn.gumlet.io/media/campaign/214000/214585/image/ 11 KB
12 KB 12ms
11ms Image
image/webp 2600:9000:2182:a600:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod_cdn.gumlet.io/media/campaign/214000/214585/image/ce6083eb90d4fd08533b79e4be021791eec56feb.jpg?w=700&dpr=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:a600:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

66b6091465358294f525e3606a42d1a6c6a88af05941846b9da1b03473b6c028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
etag: 36d2c3014680a4f02873d8b8a3273262
x-gumlet-reqid: 5f354b9ddeebc15d6632d741
age: 119
x-cache: Hit from cloudfront
status: 200
x-gumlet-runtime: 0.137
content-length: 11578
link: <https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/214000/214585/image/ce6083eb90d4fd08533b79e4be021791eec56feb.jpg>; rel="canonical"
date: Thu, 13 Aug 2020 14:18:05 GMT
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: uDdhswUHOwkPqEIS76EHGkjbUTHu8UJHmxhWi4zq0Vo6vx0WGKQEYw==

GET
H2 200 ketto_assured_icon.png
prod_cdn.gumlet.io/images/ 2 KB
3 KB 10ms
10ms Image
image/webp 2600:9000:2182:a600:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod_cdn.gumlet.io/images/ketto_assured_icon.png?w=120&dpr=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:a600:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

86f47ef0cb1016d39dcb8f81ee7a53d5bb329f8e208817d185afed72c58fde53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
etag: a5c63b4b4ce4f1ee73e7bd725a91484b
x-gumlet-reqid: 5ef8ee152840c844daeab2bf
age: 3956222
x-cache: Hit from cloudfront
status: 200
x-gumlet-runtime: 0.868
content-length: 2254
date: Sun, 28 Jun 2020 19:23:02 GMT
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: DUS51-C1
link: <https://d1vdjc70h9nzd9.cloudfront.net/images/ketto_assured_icon.png>; rel="canonical"
x-amz-cf-id: rhqTuzkg8LVXJyhsnJzhgqI8Pg7tx-I7RXlmG88MPGcKfDX3KFYCLw==

GET
H2 200 5f043a497e46b.jpeg
prod_cdn.gumlet.io/media/campaign/214000/214585/image/ 3 KB
3 KB 11ms
10ms Image
image/webp 2600:9000:2182:a600:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod_cdn.gumlet.io/media/campaign/214000/214585/image/5f043a497e46b.jpeg?w=120&dpr=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:a600:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

82213a93f2eb396873026ed7abfca7a9d2d7352b583d500a3875a10a5d0e0515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
etag: 20ea5abcd8fe4e33dcbb6da0c8518caf
x-gumlet-reqid: 5f354b9d418ef440b602f01c
age: 119
x-cache: Hit from cloudfront
status: 200
x-gumlet-runtime: 0.373
content-length: 2578
link: <https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/214000/214585/image/5f043a497e46b.jpeg>; rel="canonical"
date: Thu, 13 Aug 2020 14:18:05 GMT
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: _v4yZr2qnRyyKdXudILLNybmyx7KfJekZWPXURtNKhC-8IQzyms3Cg==

GET
H2 200 comments Show response
www.ketto.org/api/fundraisers/saveshlok/ 4 KB
1 KB 23ms
23ms XHR
application/json 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ketto.org/api/fundraisers/saveshlok/comments?limit=5

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-119.dus51.r.cloudfront.net

Software

nginx/1.11.9 /

Resource Hash

5c0cdb02497d479fd79200227e0b817020bc99cd31d1d30bb25b2b98dce76e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization: Bearer false
Content-Type: application/json

Response headers

date: Thu, 13 Aug 2020 13:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1246
x-cache: Hit from cloudfront
status: 200
content-length: 1012
x-xss-protection: 1; mode=block
server: nginx/1.11.9
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control: no-cache, private
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: cgMjdkejz58JKjnJDxuyNF7FhMK0CHhYn0088ByO1wDeVTbbsXZehg==

GET
H2 200 upi-card-bg.png
prod_cdn.gumlet.io/images/payment_gateways/ 2 KB
3 KB 10ms
10ms Image
image/webp 2600:9000:2182:a600:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod_cdn.gumlet.io/images/payment_gateways/upi-card-bg.png?w=700&dpr=1.0

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/1.fcc86dcbba957cd7b13a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:a600:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

162b3d0b7d566a7abb6770f65918b2d72a8f22a463557cc3c04dad1760ce4e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
etag: 7f2c4acc58da4fa1852cd1c66809ddd8
x-gumlet-reqid: 5f30f7b9a0e02611bdde7634
age: 283739
x-cache: Hit from cloudfront
status: 200
x-gumlet-runtime: 0.023
content-length: 2268
link: <https://d1vdjc70h9nzd9.cloudfront.net/images/payment_gateways/upi-card-bg.png>; rel="canonical"
date: Mon, 10 Aug 2020 07:31:05 GMT
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: d8I-QgIvDJuBCjp9EKhLEBTijAbjMGe-rOdmcvvUfbHdxFu7RuXgRQ==

POST
H2 200 / Show response
notify.bugsnag.com/ 2 B
113 B 154ms
154ms XHR
text/plain 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Bugsnag-Sent-At: 2020-08-13T14:20:04.086Z
Bugsnag-Api-Key: 0d02ac2f63382263e24f75c0adad288e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 13 Aug 2020 14:20:04 GMT
via: 1.1 google
status: 200
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
bugsnag-event-id: 5f354c14005b7da1c4710000
alt-svc: clear
content-length: 2

GET
H2 200 f2c8111d98ce7c5ad7d96f7a1f359b4914c34bff.jpg
prod_cdn.gumlet.io/media/campaignuploads/ 33 KB
34 KB 15ms
14ms Image
image/webp 2600:9000:2182:a600:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod_cdn.gumlet.io/media/campaignuploads/f2c8111d98ce7c5ad7d96f7a1f359b4914c34bff.jpg?w=700&dpr=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:a600:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

02f8d032ebcc12bafd5cc2fc60b173021b76b1198f39313909517ce0a8010d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
etag: 4f449cf10da2ce68183a9bccabc90281
x-gumlet-reqid: 5f354b9ddeebc18c6d32d742
age: 119
x-cache: Hit from cloudfront
status: 200
x-gumlet-runtime: 0.132
content-length: 33928
link: <https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/f2c8111d98ce7c5ad7d96f7a1f359b4914c34bff.jpg>; rel="canonical"
date: Thu, 13 Aug 2020 14:18:05 GMT
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: sVZgm39euqeMItO7HaROjb17MWGXC1Nq5hGGihK_u5Rhm-t-IuVocw==

GET
H2 200 b29f3c2eef4a5c1f0f4dda75666788c355507c84.jpg
prod_cdn.gumlet.io/media/campaignuploads/ 17 KB
18 KB 12ms
12ms Image
image/webp 2600:9000:2182:a600:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod_cdn.gumlet.io/media/campaignuploads/b29f3c2eef4a5c1f0f4dda75666788c355507c84.jpg?w=700&dpr=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:a600:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a63312d5b120741b46406abd1afc93031ab0d3bf999fd29aaa892eb99d0457c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
etag: ecc9f2ad1772571c03a949e16b8b19b7
x-gumlet-reqid: 5f354b9d418ef4b60002f01e
age: 119
x-cache: Hit from cloudfront
status: 200
x-gumlet-runtime: 0.132
content-length: 17402
link: <https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/b29f3c2eef4a5c1f0f4dda75666788c355507c84.jpg>; rel="canonical"
date: Thu, 13 Aug 2020 14:18:05 GMT
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id: fkroUs4rfbRE3A8O75PlBmGPilO3N5q2ABeK2M-yMEqjQPltqadCog==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1522905606&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_cl...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=260549908.1597328403&jid=841014254&_gid=1444898778.1597328403&gjid=1198825188&_v=j83&z=1211612505
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=260549908.1597328403&jid=841014254&_v=j83&z=1211612505
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=260549908.1597328403&jid=841014254&_v=j83&z=1211612505&slf_rd=1&random=1733712864

42 B
106 B

17ms
16ms

Image
image/gif

2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=260549908.1597328403&jid=841014254&_v=j83&z=1211612505&slf_rd=1&random=1733712864

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=260549908.1597328403&jid=841014254&_v=j83&z=1211612505&slf_rd=1&random=1733712864
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/622239721/ 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/622239721/?random=1597328404112&cv=9&fst=1597328404112&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&ig=1&data=Event%3DCampaign%20Viewed&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=My%20Son%20Urgently%20Needs%20A%20Liver%20Transplant%20But%20I%20Cannot%20Afford%20It.%20Please%20Help%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afac4a054366eea43b10252a629955e34572d53f521b66479b8340f1fd81fd0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/622239721/ 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/622239721/?random=1597328404114&cv=9&fst=1597328404114&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=My%20Son%20Urgently%20Needs%20A%20Liver%20Transplant%20But%20I%20Cannot%20Afford%20It.%20Please%20Help%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85d47f6677d884be2a479925daa001c9454e84fd2d15ada45c7f68d94d301c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1153
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/ 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/?random=1597328404119&cv=9&fst=1597328404119&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=My%20Son%20Urgently%20Needs%20A%20Liver%20Transplant%20But%20I%20Cannot%20Afford%20It.%20Please%20Help%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7697fced6a9fbc1ab56709349fd0914186e9b7de96a58c371f28815fd0805ea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1202
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
tr.snapchat.com/ 68 B
273 B 27ms
27ms Image
image/png 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=063d31e7-94b2-4f93-9267-59adb398a633&ev=VIEW_CONTENT&pl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&ts=1597328404152&rf=&v=1.5&if=false&bt=__LIVE__&u_hem=FFF7b7416ec1f35b8a794c92887c2c62529b2179b6fa911173803c59c0c463ba572&u_c1=957bb07f-62aa-415d-83e9-996022ad1b0d&intg=gtm&m_sl=1798&m_rd=3191&m_pi=949&m_pl=1587&m_ic=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:04 GMT
via: 1.1 google
server: nginx/1.17.3
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 /
www.google.com/pagead/1p-user-list/622239721/ 42 B
112 B 22ms
22ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/622239721/?random=1597328404112&cv=9&fst=1597327200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&data=Event%3DCampaign%20Viewed&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=My%20Son%20Urgently%20Needs%20A%20Liver%20Transplant%20But%20I%20Cannot%20Afford%20It.%20Please%20Help%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=1548533653&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/622239721/ 42 B
107 B 20ms
20ms Image
image/gif 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/622239721/?random=1597328404112&cv=9&fst=1597327200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&data=Event%3DCampaign%20Viewed&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=My%20Son%20Urgently%20Needs%20A%20Liver%20Transplant%20But%20I%20Cannot%20Afford%20It.%20Please%20Help%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=1548533653&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/622239721/ 42 B
112 B 22ms
21ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/622239721/?random=1597328404114&cv=9&fst=1597327200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=My%20Son%20Urgently%20Needs%20A%20Liver%20Transplant%20But%20I%20Cannot%20Afford%20It.%20Please%20Help%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=3158155579&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/622239721/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/622239721/?random=1597328404114&cv=9&fst=1597327200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=My%20Son%20Urgently%20Needs%20A%20Liver%20Transplant%20But%20I%20Cannot%20Afford%20It.%20Please%20Help%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=3158155579&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/782023289/ 42 B
112 B 26ms
24ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/782023289/?random=1597328404119&cv=9&fst=1597327200000&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=My%20Son%20Urgently%20Needs%20A%20Liver%20Transplant%20But%20I%20Cannot%20Afford%20It.%20Please%20Help%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=430395838&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/782023289/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/782023289/?random=1597328404119&cv=9&fst=1597327200000&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&tiba=My%20Son%20Urgently%20Needs%20A%20Liver%20Transplant%20But%20I%20Cannot%20Afford%20It.%20Please%20Help%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=430395838&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1201088/log/3/ 0
423 B 52ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1201088/log/3/unip?en=pre_d_eng_tb&tos=1501&scd=34&ssd=1&est=1597328402717&ver=27&isls=true&src=i&invt=1500&tim=1597328404218&vi=1597328402714&ri=e1d290605b48f71acdfbfad37920971d&sd=v2_28e38451c5012d36b053bcc8727acb56_b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192_1597328402_1597328402_CNawjgYQwKdJGJrSxMG-LiABKAMwoQE4l-oLQJmXEEi-idoDUP___________wFYAGAAaOKmqpGyrZficA&ui=b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192&ref=null&cv=20200727-34-RELEASE
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:04 GMT
server: nginx
x-fastly-to-nlb-rtt: 1018
status: 204
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.ketto.org
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.111:10213

GET
H2 204 unip Show response
trc-events.taboola.com/1271067/log/3/ 0
422 B 52ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1271067/log/3/unip?en=pre_d_eng_tb&tos=1501&scd=34&ssd=1&est=1597328402717&ver=27&isls=true&src=i&invt=1500&tim=1597328404219&vi=1597328402714&ri=8356ed5d0b25b63656156245714fa64c&sd=v2_f23b23d5f0298d04d715a099783820b3_b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192_1597328402_1597328402_CNawjgYQm8pNGJrSxMG-LiABKAEwoQE4l-oLQJmXEEi-idoDUP___________wFYAGAAaOKmqpGyrZficA&ui=b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192&ref=null&cv=20200727-34-RELEASE
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:04 GMT
server: nginx
x-fastly-to-nlb-rtt: 1018
status: 204
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.ketto.org
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.20.14:10213

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
82 B 152ms
151ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
Bugsnag-Sent-At: 2020-08-13T14:20:04.399Z
Bugsnag-Api-Key: 0d02ac2f63382263e24f75c0adad288e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

status: 202
date: Thu, 13 Aug 2020 14:20:04 GMT
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.1/css/ 26 KB
3 KB 20ms
20ms Stylesheet
text/css 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.1/css/intlTelInput.css

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/vendor.37c718b3bdbd6d47e85c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cce6e5d4db8fd4dec2379cc054c78e777a327a933d6d9375f6474aa519892f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11290193
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0489ca47cf0000c2d16184b200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Sun, 23 Sep 2018 19:15:50 GMT
server: cloudflare
etag: W/"5ba7e666-69f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5c23131fbea8c2d1-FRA
expires: Tue, 03 Aug 2021 14:20:04 GMT

GET
H2 200 intlTelInput.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.7/js/ 27 KB
10 KB 23ms
23ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.7/js/intlTelInput.min.js

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/main.a0a3f74d8963da1927e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e633512e073479016d035b9de91da37671226b49e09dd2e874a738dfd334678

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11290161
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0489ca47da0000c2d16184d200000001
served-in-seconds: 0.011
timing-allow-origin: *
last-modified: Mon, 07 Jan 2019 10:15:55 GMT
server: cloudflare
etag: W/"5c3326db-6c25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5c23131fced3c2d1-FRA
expires: Tue, 03 Aug 2021 14:20:04 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
97 B 6ms
6ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=1522905606&t=pageview&_s=2&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&dp=%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&ul=en-us&de=UTF-8&dt=My%20Son%20Urgently%20Needs%20A%20Liver%20Transplant%20But%20I%20Cannot%20Afford%20It.%20Please%20Help%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAEAL~&jid=&gjid=&cid=260549908.1597328403&tid=UA-30181760-1&_gid=1444898778.1597328403&gtm=2wg871MJRMLZ&z=1954798762

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 03:22:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 125858
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 664 B
485 B 21ms
21ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=326437&settings_type=2&vn=6.0&r=0.168566951898643&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveshlok%3Fcause%3Dliver%26payment%3Dform%26utm_source%3Dexternal_clevertap%26utm_medium%3Demail%26utm_campaign%3D13Aug20_SvShlok_ChrnAug_B4&exc=3|4|235|232|234|236
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/6.0/va-44ab19c220e47f67e9b7970ae24b5af7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 87287e7fa9aa9c644b195b52188213316747e7559f4ad189bb30138c589d776f

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 13 Aug 2020 14:20:03 GMT
content-encoding: gzip
server: gfra1
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google
content-type: application/javascript; charset=UTF-8

GET
H2 200 utils.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.7/js/ 223 KB
49 KB 29ms
29ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.7/js/utils.js

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/main.a0a3f74d8963da1927e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

800604bedd860adda78f58db0fdd76818c0f4106cc377ab0422a893d13ef0e2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16264215
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0489ca48160000c2d161853200000001
served-in-seconds: 0.004
timing-allow-origin: *
last-modified: Mon, 07 Jan 2019 10:15:55 GMT
server: cloudflare
etag: W/"5c3326db-37cab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5c2313202f7cc2d1-FRA
expires: Tue, 03 Aug 2021 14:20:04 GMT

GET
H2 200 flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.1/img/ 61 KB
62 KB 16ms
15ms Image
image/png 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.1/img/flags.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ea8d05e18f46fab412dbab3be798047e20e1773a3efb25bec79ef836d199f4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.1/css/intlTelInput.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 16262680
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62930
cf-request-id: 0489ca48520000c2d161859200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Sun, 23 Sep 2018 19:15:50 GMT
server: cloudflare
etag: "5ba7e666-f5d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5c2313208836c2d1-FRA
expires: Tue, 03 Aug 2021 14:20:04 GMT

GET
H2 200 donors Show response
www.ketto.org/api/fundraisers/214585/ 2 KB
1 KB 439ms
439ms XHR
application/json 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ketto.org/api/fundraisers/214585/donors?with=donoravtar&currency=INR&orderBy=creation_date&sortedBy=Desc&conversion=1&limit=3

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-155-119.dus51.r.cloudfront.net

Software

nginx/1.11.9 /

Resource Hash

fa2436d9456a9faec2628549eb7c1f931a1c6e437fdf491581606633be97a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization: Bearer false
Content-Type: application/json

Response headers

date: Thu, 13 Aug 2020 14:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.11.9
x-amz-cf-pop: DUS51-C1
status: 200
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control: no-cache, private
vary: Accept-Encoding
content-length: 678
x-xss-protection: 1; mode=block
x-amz-cf-id: wa9g--xvvn5_N5KDvJmgJp-oZQK6ybLTzsXRulWRwhydFPcfEBvUmA==

GET
H2 200 1.png
prod_cdn.gumlet.io/images/random_supporters/ 3 KB
4 KB 15ms
15ms Image
image/webp 2600:9000:2182:a600:d:a7d1:b5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod_cdn.gumlet.io/images/random_supporters/1.png?w=480&dpr=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:a600:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

08e82109cf7c26963231bfd5522761be3d3577653510d3d8f4011b6fe1504461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
etag: 2b4131980276caf6302bbaaf92836e3d
x-gumlet-reqid: 5ef8f1db0f854118120bafab
age: 3955255
x-gumlet-oc: MISS
x-cache: Hit from cloudfront
status: 200
x-gumlet-runtime: 2.11
content-length: 3112
date: Sun, 28 Jun 2020 19:39:09 GMT
vary: accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=8640000
x-server: Gumlet
x-amz-cf-pop: DUS51-C1
link: <https://d1vdjc70h9nzd9.cloudfront.net/images/random_supporters/1.png>; rel="canonical"
x-amz-cf-id: w7H0gKZoCUx3xOf0W8X6aTd3JhCI2kGyPpcHUhSmcB10HwkzVZBA2Q==

GET
H2 204 unip Show response
trc-events.taboola.com/1201088/log/3/ 0
422 B 14ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1201088/log/3/unip?en=pre_d_eng_tb&tos=4502&scd=34&ssd=1&est=1597328402717&ver=27&isls=true&src=i&invt=3000&tim=1597328407219&vi=1597328402714&ri=e1d290605b48f71acdfbfad37920971d&sd=v2_28e38451c5012d36b053bcc8727acb56_b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192_1597328402_1597328402_CNawjgYQwKdJGJrSxMG-LiABKAMwoQE4l-oLQJmXEEi-idoDUP___________wFYAGAAaOKmqpGyrZficA&ui=b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192&ref=null&cv=20200727-34-RELEASE
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:07 GMT
server: nginx
x-fastly-to-nlb-rtt: 2342
status: 204
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.ketto.org
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.32.34:10213

GET
H2 204 unip Show response
trc-events.taboola.com/1271067/log/3/ 0
421 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1271067/log/3/unip?en=pre_d_eng_tb&tos=4502&scd=34&ssd=1&est=1597328402717&ver=27&isls=true&src=i&invt=3000&tim=1597328407220&vi=1597328402714&ri=8356ed5d0b25b63656156245714fa64c&sd=v2_f23b23d5f0298d04d715a099783820b3_b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192_1597328402_1597328402_CNawjgYQm8pNGJrSxMG-LiABKAEwoQE4l-oLQJmXEEi-idoDUP___________wFYAGAAaOKmqpGyrZficA&ui=b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192&ref=null&cv=20200727-34-RELEASE
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:07 GMT
server: nginx
x-fastly-to-nlb-rtt: 2342
status: 204
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.ketto.org
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.20.9:10213

GET
H2 200 newembedtheme_714b9745619d0d1f2eba0d69108c0341_.css
css.zohocdn.com/salesiq/https/styles/ Frame 57EF 170 KB
32 KB 20ms
18ms Stylesheet
text/css 31.186.243.147
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/https/styles/newembedtheme_714b9745619d0d1f2eba0d69108c0341_.css

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_cbfca76155ec0e3a3030f32d11f9605d_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.186.243.147 , United Kingdom, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

c81e1298449ad885352b9de05ea2f4967cbbe071b226d5b26374c9745108cf36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css
x-cache: HIT
status: 200
vary: Origin, Accept-Encoding
content-length: 31975
x-xss-protection: 1
x-sts-request-id: ex1-5f33c9f0571b62085385a3f9
last-modified: Wed, 12 Aug 2020 10:50:22 GMT
server: ZGS
x-frame-options: SAMEORIGIN
etag: "d34a082dc9ca866939c0527899e7d9c7"
strict-transport-security: max-age=15768000
content-language: en-US
access-control-allow-origin: *
cache-control: public, max-age=15552000, must-revalidate, proxy-revalidate
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK wmsliteapi.js Show response
js.zohostatic.com/ichat/May_30_2020_1_https/js/ Frame 57EF 13 KB
5 KB 471ms
139ms Script
application/javascript 204.141.32.123
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zohostatic.com/ichat/May_30_2020_1_https/js/wmsliteapi.js
Requested by: Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_cbfca76155ec0e3a3030f32d11f9605d_.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.141.32.123 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software: ZGS /
Resource Hash: b7c67909be928aae5939c02903dc19264309f09ea261c624d3ecc5d28b58230e

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 14:03:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 30 May 2020 10:09:02 GMT
Server: ZGS
ETag: "5ed230be-107b"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Content-Length: 4219
Expires: Fri, 13 Aug 2021 14:03:15 GMT

GET
H2 200 siqnewchatwindow_a9bb41d967a481da17a7ef00919df1bc_.js Show response
js.zohocdn.com/salesiq/https/js/ Frame 57EF 822 KB
176 KB 20ms
18ms Script
application/javascript 31.186.243.147
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/https/js/siqnewchatwindow_a9bb41d967a481da17a7ef00919df1bc_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_cbfca76155ec0e3a3030f32d11f9605d_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.186.243.147 , United Kingdom, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

cb86e051abfa4d696f926d5dacd211f51032437952539cef490b4b92071dd79c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
status: 200
vary: Origin, Accept-Encoding
content-length: 179762
x-xss-protection: 1
x-sts-request-id: ex1-5f33c9f0571b62085385a3f8
last-modified: Wed, 12 Aug 2020 10:50:18 GMT
server: ZGS
x-frame-options: SAMEORIGIN
etag: "d8d22ca48763f3748792461115bc9362"
strict-transport-security: max-age=15768000
content-language: en-US
access-control-allow-origin: *
cache-control: public, max-age=15552000, must-revalidate, proxy-revalidate
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 resource_5835cb94c1737abf883fb7e90860490b_.js Show response
js.zohocdn.com/salesiq/https/js/resource/embed/ Frame 57EF 35 KB
9 KB 40ms
39ms Script
application/javascript 31.186.243.147
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/https/js/resource/embed/resource_5835cb94c1737abf883fb7e90860490b_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_cbfca76155ec0e3a3030f32d11f9605d_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.186.243.147 , United Kingdom, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

25046d314ec169bbe85d9e1fde563ac2ef6fee790a493e73e52de2f3c4085d31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
status: 200
vary: Origin, Accept-Encoding
content-length: 8838
x-xss-protection: 1
x-sts-request-id: ex1-5f2d4509571b6208537fd066
last-modified: Fri, 07 Aug 2020 05:50:18 GMT
server: ZGS
x-frame-options: SAMEORIGIN
etag: "10465e3e46761f561b293d8905590b4b"
strict-transport-security: max-age=15768000
content-language: en-US
access-control-allow-origin: *
cache-control: public, max-age=15552000, must-revalidate, proxy-revalidate
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 embedmedia-rtc_027407e2541f3a9fb3e64d911042dfcb_.js Show response
js.zohocdn.com/salesiq/https/js/ Frame 57EF 110 KB
24 KB 40ms
39ms Script
application/javascript 31.186.243.147
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/https/js/embedmedia-rtc_027407e2541f3a9fb3e64d911042dfcb_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_cbfca76155ec0e3a3030f32d11f9605d_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.186.243.147 , United Kingdom, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

dfebf7198b4def8d55484919b7d254bdfb12c0a95f466bc6c78ba95b9d9b5bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
status: 200
vary: Origin, Accept-Encoding
content-length: 23743
x-xss-protection: 1
x-sts-request-id: ex1-5f33c9f04d986f2a19ad454c
last-modified: Wed, 12 Aug 2020 10:50:22 GMT
server: ZGS
x-frame-options: SAMEORIGIN
etag: "4116ccc6992cb7236c1e7b64003f34ea"
strict-transport-security: max-age=15768000
content-language: en-US
access-control-allow-origin: *
cache-control: public, max-age=15552000, must-revalidate, proxy-revalidate
accept-ranges: bytes
timing-allow-origin: *

GET
H2 204 unip Show response
trc-events.taboola.com/1201088/log/3/ 0
422 B 14ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1201088/log/3/unip?en=pre_d_eng_tb&tos=10504&scd=34&ssd=1&est=1597328402717&ver=27&isls=true&src=i&invt=6000&tim=1597328413221&vi=1597328402714&ri=e1d290605b48f71acdfbfad37920971d&sd=v2_28e38451c5012d36b053bcc8727acb56_b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192_1597328402_1597328402_CNawjgYQwKdJGJrSxMG-LiABKAMwoQE4l-oLQJmXEEi-idoDUP___________wFYAGAAaOKmqpGyrZficA&ui=b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192&ref=null&cv=20200727-34-RELEASE
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:13 GMT
server: nginx
x-fastly-to-nlb-rtt: 2182
status: 204
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.ketto.org
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.24.10:10213

GET
H2 204 unip Show response
trc-events.taboola.com/1271067/log/3/ 0
422 B 15ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1271067/log/3/unip?en=pre_d_eng_tb&tos=10504&scd=34&ssd=1&est=1597328402717&ver=27&isls=true&src=i&invt=6000&tim=1597328413222&vi=1597328402714&ri=8356ed5d0b25b63656156245714fa64c&sd=v2_f23b23d5f0298d04d715a099783820b3_b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192_1597328402_1597328402_CNawjgYQm8pNGJrSxMG-LiABKAEwoQE4l-oLQJmXEEi-idoDUP___________wFYAGAAaOKmqpGyrZficA&ui=b27cf425-b8db-4853-b22b-9135d28f5b5b-tuct62ed192&ref=null&cv=20200727-34-RELEASE
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.e3b2bdca3c43369eaa2e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ketto.org/stories/saveshlok?cause=liver&payment=form&utm_source=external_clevertap&utm_medium=email&utm_campaign=13Aug20_SvShlok_ChrnAug_B4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 14:20:13 GMT
server: nginx
x-fastly-to-nlb-rtt: 2182
status: 204
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.ketto.org
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.30.10:10213

Verdicts & Comments Add Verdict or Comment

347 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ketto.org/	1970-01-19 11:42:10	Name: _vwo_sn Value: 0%3A1
.ketto.org/	1970-01-23 03:18:08	Name: _vwo_uuid Value: D7525242CE14C66B975772ECA7133AFD6
.ketto.org/	1970-01-19 13:08:32	Name: _vwo_ds Value: 3%241597328401%3A2.56299905%3A%3A
.ketto.org/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.ketto.org/	1970-01-19 14:06:08	Name: _vis_opt_s Value: 1%7C
.ketto.org/	1970-01-19 20:29:10	Name: _vwo_uuid_v2 Value: D7525242CE14C66B975772ECA7133AFD6\|c811ca37ccda04e6e2e68065aa1aeb09

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://www.ketto.org/new/vendor.37c718b3bdbd6d47e85c.js(Line 1) Message: [bugsnag] Loaded!
console-api	error	URL: https://www.ketto.org/new/vendor.37c718b3bdbd6d47e85c.js(Line 1) Message: ERROR [object Object]
console-api	log	URL: https://www.ketto.org/new/vendor.37c718b3bdbd6d47e85c.js(Line 1) Message: dialoge type onpage

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9811153.fls.doubleclick.net
a.mgid.com
ade.clmbtech.com
ajax.googleapis.com
amplify.outbrain.com
amplifypixel.outbrain.com
analytics.twitter.com
asia.creativecdn.com
cdn.gumlet.com
cdn.taboola.com
cdnjs.cloudflare.com
connect.facebook.net
css.zohocdn.com
cx.atdmt.com
d1vdjc70h9nzd9.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
js.zohocdn.com
js.zohostatic.com
ketto.gumlet.io
notify.bugsnag.com
prod_cdn.gumlet.com
prod_cdn.gumlet.io
q.quora.com
s.yimg.com
salesiq.zoho.com
sc-static.net
script.hotjar.com
sessions.bugsnag.com
sin.creativecdn.com
sp.analytics.yahoo.com
stags.bluekai.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tags.bkrtx.com
tr.outbrain.com
tr.snapchat.com
trc-events.taboola.com
trc.taboola.com
u1699505.ct.sendgrid.net
vars.hotjar.com
vts.zohopublic.com
wizrocketmail.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.ketto.org
www.notifyvisitors.com
wzrkt.com
103.132.192.30
104.19.135.78
104.244.42.197
104.244.42.67
13.226.155.119
13.226.155.83
13.227.234.108
141.226.228.48
147.75.102.203
147.75.33.229
147.75.84.91
151.101.112.157
151.101.113.44
167.89.123.16
172.217.16.130
172.217.23.134
204.141.32.123
204.141.42.111
204.141.43.144
212.82.100.181
23.210.250.44
23.39.102.135
2600:1901:0:7a0b::
2600:1901:0:a5e4::
2600:9000:2182:1400:9:d911:8400:93a1
2600:9000:2182:1a00:d:a7d1:b5c0:93a1
2600:9000:2182:5a00:d:e617:f340:21
2600:9000:2182:7200:14:81fb:1e80:93a1
2600:9000:2182:a600:d:a7d1:b5c0:93a1
2600:9000:2182:ea00:11:c3fe:5b00:93a1
2606:4700::6811:4f6b
2a00:1288:f03d:1fa::4000
2a00:1450:4001:801::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:815::2008
2a00:1450:4001:816::200e
2a00:1450:4001:81c::2004
2a00:1450:4001:821::2003
2a00:1450:4001:821::200a
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9d
2a02:26f0:6c00:19b::143a
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.221.154.44
31.186.243.147
34.252.225.59
34.96.102.137
35.186.226.184
64.202.112.31
70.42.32.63
92.123.150.214
02874782bb9e7d9ecfbd6e7083304b6f6e533771ca9e2856b4f70e891ba7bfed
02f8d032ebcc12bafd5cc2fc60b173021b76b1198f39313909517ce0a8010d0d
03105f6d7c6a3d4004b7b82f144215dda56b85b9ba2d1dad03f2c6389659f676
0504480ecbd55fe67ce48d0235fb1a1311c01fe598e8ef496df7e75c8c4ac2f1
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
08435b97f5550e2c0c4cb2aa1586a5baacecc406e35170b182f0fd8e4911effe
08e82109cf7c26963231bfd5522761be3d3577653510d3d8f4011b6fe1504461
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c094478330cd4e765ade8edb0cd218e1a37c4631733bbfda97bbecf5d2de618
0c3a50336baa56395e16841f3f3c64a42006e82c36f968c486a3eea88c5f6772
0f30b16fcf42b5f4a96e66cb24265d091a3b51a2c47a2df99953d07e92b797bc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
121b3bad035f5a87c185bb1ce9465eba6c0d8ca0fcf03fced81559192cb06d85
162b3d0b7d566a7abb6770f65918b2d72a8f22a463557cc3c04dad1760ce4e6a
17d81106176fdcddbcb848b8527dd2514831e000cabce15dc66b96c7212f73b7
1fc90ca7cad373bbb2464bc5cf020c039a70652527015c24a61f1da4c0e9d11a
234897b4e97c5735d806e0e5d979d9a4c36dd131ca4d95b4b3fe61dbcc348827
243e0b681fb1f68f609106841a1a20a953c9c1d92523721ba4360492102aaca8
25046d314ec169bbe85d9e1fde563ac2ef6fee790a493e73e52de2f3c4085d31
25f36c05d70e31e1c49176074f12f940a0e43627a489c5a03d0519bc01729d4f
277dfd85f30b874c8f063fd4c0fc7719182340778939ea8a61f47e99e4aac3cf
28091b54019c34e19809a4cded415e4077c0f78a8fcc797dc483f55f51ade723
28f6272f5b11edbe9648c1b85a1ff6d3c95750eff95f044038992aee28d80e38
29b516aee6a400f25664f52b1919736ae13dca09da5edf0290aed5e92b206ed7
2a8ec8465298b1d2cd779b04471b720b19f06ba579fc63cc32291f2506039232
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
30d1d51a1902cd043f4b0429178be33b70350ef8aa435218ab837e1bcf0eb2df
330c6994f421612a2a17b91f08e16a970dd2158a4632e9c133a393be9cefbf99
33350aac560a3d092cb443a9dbb6a6c9169ab50e73f065f20de9556a34b430f8
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98
39bb79ed3db8305d9cd99fc04e9a8a8bda8028a050daa5228fd351a61053f60e
3ea8d05e18f46fab412dbab3be798047e20e1773a3efb25bec79ef836d199f4a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9
4797c570690878a0ca05e26697da5e8236ebab3ab80a3fa35f553a04774ca25b
482dc958407776ef68a7c028342c6ca937f7b3247775ea2515c1497d4c80114f
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
49779bb3198780ade3bb1f170b8fb26dcb5f353df156bf7de9e972ead6a078f8
4c31458398fbaa943006ea3d1bad6a3f7d3a4e0ca0219864ee88f1bab618b64f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
587940cc4600dd6da6eb7113673c891753299d41fb7264c18f8c50c5a23658a2
5bc846e0c0546c77193d2a3def464945d5c38716b6ed55312b8a33083a5db264
5c0cdb02497d479fd79200227e0b817020bc99cd31d1d30bb25b2b98dce76e28
5e633512e073479016d035b9de91da37671226b49e09dd2e874a738dfd334678
642adb175a5076ac41f5956704c9f2dc445b9eb8464230967dd3a08d015348de
66b6091465358294f525e3606a42d1a6c6a88af05941846b9da1b03473b6c028
69c0eb863ddd5fe37ed39b0ae84f01ca9e0390c963940cf132ad9aa1fef98779
6b3a3c33d38c05b3a3fcd41e055290f200a958b67f00979b9a83f7af8ac5b33b
6b5e89ff4b46e5bd5ce4901f44203e73839865bd0f57fa9a955da009f05fb1a0
6d8fa57ccd272aee1e6fb084f258335213c527b8e0fe81082ba6f29e0010ac96
706768e4b131b180c185e87060ad8927da59d9f131ca9541cd8132a83330a8f6
729abc11d041d362732b31a687f73c565fef2944b2affccafa59253c26649aff
7697fced6a9fbc1ab56709349fd0914186e9b7de96a58c371f28815fd0805ea5
77668a022770d9f1a81b773aa4fbad6af9ac5ed2397d6be3d9a6778296fcfb96
790fa159386b80e1ff4677d65fc9eb7c59f9b86c4ee6e9de737d6964867af4b8
800604bedd860adda78f58db0fdd76818c0f4106cc377ab0422a893d13ef0e2f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82213a93f2eb396873026ed7abfca7a9d2d7352b583d500a3875a10a5d0e0515
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
82a2a22fe2428db4e7e8eb0cf863ebbb81ff6594ee14a35e43f08b37ce0d65e9
82ca7b137491e17a1fa14c7ba83766bbc3f9f715c8a9d9847feaf0010859f16b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b995d94c48213cd1c7840e2ebb03606ec7b8c1ff1e61e927237962889b20e4
85d47f6677d884be2a479925daa001c9454e84fd2d15ada45c7f68d94d301c02
86f47ef0cb1016d39dcb8f81ee7a53d5bb329f8e208817d185afed72c58fde53
87287e7fa9aa9c644b195b52188213316747e7559f4ad189bb30138c589d776f
88cf2c9a4c4bcef2aa64fb6ea0f337f78e9a7dc61d87993441369fa5cb429d32
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
8d18ff776a7e0edabd3491428bdd57f746cfedcca1d68fb887db0ba3474e0dff
8f670fe7c43817206441e4f123c6baa8238ee94b391cd86d1ca53aa308dcd0b8
91f41aca1c42388a52cffa41e75305c6e98ba8c97aaa68c62143b6b7de08d912
92f410985c0233c9abcba33b98f05b3e24d5ea3e80f5083466d545e94d49ec43
93f3767ec70abae9a044f7508b9053ad4107dac2d9133e55ecbce6c0fa3198d7
9d1d20907ba83d3f3470e59e4304e94a093514d204330dde7afea7056c13febd
a38063da0192b10a1ad5fc0496eb659d23ab881775c8c13072e08f4f55622eca
a63312d5b120741b46406abd1afc93031ab0d3bf999fd29aaa892eb99d0457c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab9ef55460049715061788e665e88f78b6c2f76368263feb1204e32e88c0e2a9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ade4cd23b2043cdc91091d110e7e661998056ea7052188dd5bd8ce203dcd61c5
af7142db88c7b9ba5a90d1a46d506c76b9b889749fe6227729144b44a6afd736
afac4a054366eea43b10252a629955e34572d53f521b66479b8340f1fd81fd0e
b07c6fb64749e8a8fa27e5d80bdfdb3c6b0661840b7a6af095e657a1cdecc3bc
b08a2fde13d4e5798529ef923dc39f8fdbba7691008326e0c1125587f87b1b08
b40bfe50830f45c243236a827a53b30bce8813079d74a09617aad75ae29b00e3
b46c117bfc3a32a93541c04e6f8a70dcddab81a10a40237f422804adad586b2a
b76bb0ad5be77742c6e2dc706c1a00073520da9304b49112e9e8f8ea84c76f9c
b7c67909be928aae5939c02903dc19264309f09ea261c624d3ecc5d28b58230e
b8a7340f118b98b851eac48a14c594e09b93bfebf7b0781fdb025e8bf1bdbce9
b903728b3ff98aab1c6356338720eb0d520a0b9aa23130389c2646deb9848888
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
bd000acb594b72bceb7ebed5852b28bc94e91689f1d02b4a67c68f4ec5ad851d
c0161becb5fafacfce1ed84b0cb433d722cd05f49a9bddd970f3beda387f4ac1
c4c9d4f6fbcbe3b591646b902e33b914083d983374cf38cefcd6054ccc5dd3b3
c56f6aeacbe5de60494b770ba1f0b7b42840dbd858df84b987058ad2299c68bf
c65e707014518bf83814ceca1d50249f336f9eb87347a9176fa766d00c72f6cd
c7bcb5e8207a02a29be1917135d9fc90c6e3a8c1e505b2150a2caea9541b05cc
c81e1298449ad885352b9de05ea2f4967cbbe071b226d5b26374c9745108cf36
cb86e051abfa4d696f926d5dacd211f51032437952539cef490b4b92071dd79c
cce6e5d4db8fd4dec2379cc054c78e777a327a933d6d9375f6474aa519892f9c
d488038bd69e57cecd9b5910a143e6a7e418f858c4101bbc88e74252be078e42
d640a627d56a7bb8741578125551070487b6a02ba6c1e28a21b2f092cb4a992f
d6ed48e4bef4d7de32b9ea692990250e7a08d451bf24d8fe029c7437dc7cfc6d
dc40471ec2ae90745cd787eb699d7c5e676b60bae632c48e7428db65d81a4106
ddf9e4c59117c33761b90b8c4ab5d53aa27f942544e71a8938872b5504fa0786
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfebf7198b4def8d55484919b7d254bdfb12c0a95f466bc6c78ba95b9d9b5bba
e089a756827b3e7edb64f412a3de03e42bfa9d9eb1361dbb55b2d0ce311bf15f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6470160a2d161fa92bf90f903191c19f8d2ee0f89892ac8d6a139c078de18ad
e691dba18272d5abca333389db6c6d725213c335c23470dbe170eeae87b76d7a
e6c1135c61ca2ca2d84e25ff7b8bd01a9c9a1cbb76ef8209318e0b86d3fdecfa
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ee8a320f2202a43715db883d97dcc60c206a4a3a2f307a9d26699b63ac4054f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c51dbc8dd33c7b5eb59543fded056ae773509cf1379dad184e1e63c1edca1d
f58ffeb33ac7096e1667d2bb0573f4575001e0ce128d249804e96c8022996d51
fa2436d9456a9faec2628549eb7c1f931a1c6e437fdf491581606633be97a668
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
fcb21c496f2ce2f6906ea1b01a25329abacc8010449ba4dd37619ac3e0bbce32
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514
ff0a4dd9123853d9d6aa3f0342f55d6ab9504a3514ef348c8a9e57a8aeca030b
ff7f060e074279be23a8e06fe67eaf945adf1e9acc29c30900ff562009720d11

www.ketto.org Open in urlscan Pro 13.226.155.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

174 Requests

100 %HTTPS

44 %IPv6

42 Domains

58 Subdomains

52 IPs

10 Countries

2396 kBTransfer

8580 kBSize

6 Cookies

13 Outgoing links

Page URL History

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ketto.org Open in urlscan Pro
13.226.155.119 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

100 %
HTTPS

44 %
IPv6

42
Domains

58
Subdomains

52
IPs

10
Countries

2396 kB
Transfer

8580 kB
Size

6
Cookies

174 HTTP transactions
1 data transactions