urlscan.io logo urlscan.io
SecurityTrails logo

www.ketto.org Open in urlscan Pro
13.226.155.29  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lite.livenutralite.com/lt.php?tid=LR4CAFdQAVcAVBhTUwFcG1BXWgAdDlgJAhwHVFBWVQZSAQUIVwJIAARRDA9SBAAbUAFZAR0CAA9UHApRAgIdU...
Effective URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_ds...
Submission: On August 14 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 55 IPs in 9 countries across 43 domains to perform 187 HTTP transactions. The main IP is 13.226.155.29, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.ketto.org.
TLS certificate: Issued by Amazon on October 26th 2019. Valid for: a year.
This is the only time www.ketto.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 116.203.184.43 24940 (HETZNER-AS)
1 1 107.180.46.212 26496 (AS-26496-...)
40 13.226.155.29 16509 (AMAZON-02)
2 2600:9000:218... 16509 (AMAZON-02)
1 2600:9000:218... 16509 (AMAZON-02)
10 34.96.102.137 15169 (GOOGLE)
8 2600:1901:0:7... 15169 (GOOGLE)
9 2600:9000:218... 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:218... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:a... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.226.155.53 16509 (AMAZON-02)
2 151.101.13.44 54113 (FASTLY)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 172.217.21.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.19.132.78 13335 (CLOUDFLAR...)
2 13.226.155.119 16509 (AMAZON-02)
1 23.210.250.44 16625 (AKAMAI-AS)
1 151.101.112.157 54113 (FASTLY)
1 23.10.68.93 16625 (AKAMAI-AS)
2 4 103.132.192.30 138552 (RTBHOUSE-...)
2 2a00:1288:f03... 10310 (YAHOO-1)
2 204.141.42.111 2639 (ZOHO-AS)
1 3.219.203.195 14618 (AMAZON-AES)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 147.75.32.125 54825 (PACKET)
1 2600:9000:218... 16509 (AMAZON-02)
1 2 172.217.21.198 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 64.202.112.159 22075 (AS-OUTBRAIN)
4 151.101.113.44 54113 (FASTLY)
1 54.192.183.28 16509 (AMAZON-02)
1 147.75.33.131 54825 (PACKET)
5 2a00:1450:400... 15169 (GOOGLE)
1 92.123.150.214 16625 (AKAMAI-AS)
1 104.244.42.67 13414 (TWITTER)
1 104.244.42.197 13414 (TWITTER)
3 35.186.226.184 15169 (GOOGLE)
1 147.75.33.229 54825 (PACKET)
1 212.82.100.181 34010 (YAHOO-IRD)
1 204.141.43.144 2639 (ZOHO-AS)
9 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
6 31.186.243.147 2639 (ZOHO-AS)
4 141.226.228.48 200478 (TABOOLA-AS)
1 204.141.42.123 2639 (ZOHO-AS)
187 55
1    116.203.184.43 (Germany)

ASN24940 (HETZNER-AS, DE)
lite.livenutralite.com
1    107.180.46.212 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
conversions.traceinsta.com
40    13.226.155.29 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-29.dus51.r.cloudfront.net
www.ketto.org
2    2600:9000:2182:a600:9:d911:8400:93a1 (United States)

ASN16509 (AMAZON-02, US)
prod_cdn.gumlet.com
1    2600:9000:2182:7a00:11:c3fe:5b00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.gumlet.com
10    34.96.102.137 (United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
8    2600:1901:0:7a0b:: (United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
9    2600:9000:2182:9200:d:a7d1:b5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
prod_cdn.gumlet.io
2    2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)
graph.facebook.com
1    2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2600:9000:2182:1600:d:a7d1:b5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
ketto.gumlet.io
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:1901:0:a5e4:: (United States)

ASN15169 (GOOGLE, US)
notify.bugsnag.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.226.155.53 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-53.dus51.r.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
2    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f194.1e100.net
www.googleadservices.com
1    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)
a.mgid.com
2    13.226.155.119 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-119.dus51.r.cloudfront.net
sc-static.net
1    23.210.250.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-44.deploy.static.akamaitechnologies.com
amplify.outbrain.com
1    151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    23.10.68.93 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-10-68-93.deploy.static.akamaitechnologies.com
tags.bkrtx.com
4    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
asia.creativecdn.com
sin.creativecdn.com
2    2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)
s.yimg.com
2    204.141.42.111 (United States)

ASN2639 (ZOHO-AS, US)
salesiq.zoho.com
1    3.219.203.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-203-195.compute-1.amazonaws.com
q.quora.com
1    2a02:26f0:6c00::210:bb20 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
ade.clmbtech.com
2    147.75.32.125 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress4
static.hotjar.com
vc.hotjar.io
1    2600:9000:2182:4a00:14:81fb:1e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.notifyvisitors.com
2    172.217.21.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f198.1e100.net
9811153.fls.doubleclick.net
3    2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
amplifypixel.outbrain.com
4    151.101.113.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
1    54.192.183.28 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-183-28.ccu50.r.cloudfront.net
wzrkt.com
1    147.75.33.131 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress9
script.hotjar.com
5    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleadservices.com
googleads.g.doubleclick.net
1    92.123.150.214 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-150-214.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
3    35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
1    147.75.33.229 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress12
vars.hotjar.com
1    212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
1    204.141.43.144 (United States)

ASN2639 (ZOHO-AS, US)
vts.zohopublic.com
9    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    31.186.243.147 (United Kingdom)

ASN2639 (ZOHO-AS, US)
css.zohocdn.com
js.zohocdn.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
1    204.141.42.123 (United States)

ASN2639 (ZOHO-AS, US)
js.zohostatic.com
Apex Domain
Subdomains		 Transfer
40 ketto.org
www.ketto.org
940 KB
12 doubleclick.net
9811153.fls.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
13 KB
11 gumlet.io
prod_cdn.gumlet.io
ketto.gumlet.io
84 KB
10 google.de
www.google.de
1 KB
10 google.com
www.google.com
1 KB
10 taboola.com
cdn.taboola.com
trc.taboola.com
trc-events.taboola.com
46 KB
10 bugsnag.com
sessions.bugsnag.com
notify.bugsnag.com
456 B
10 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com
101 KB
6 zohocdn.com
css.zohocdn.com
js.zohocdn.com
268 KB
6 outbrain.com
amplify.outbrain.com
tr.outbrain.com
amplifypixel.outbrain.com
4 KB
6 facebook.com
graph.facebook.com
www.facebook.com
956 B
5 google-analytics.com
www.google-analytics.com
20 KB
4 creativecdn.com
asia.creativecdn.com
sin.creativecdn.com
913 B
4 facebook.net
connect.facebook.net
227 KB
4 googletagmanager.com
www.googletagmanager.com
173 KB
4 gstatic.com
fonts.gstatic.com
119 KB
3 snapchat.com
tr.snapchat.com
587 B
3 cloudflare.com
cdnjs.cloudflare.com
62 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
74 KB
3 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
7 KB
3 gumlet.com
prod_cdn.gumlet.com
cdn.gumlet.com
10 KB
2 zoho.com
salesiq.zoho.com
42 KB
2 yimg.com
s.yimg.com
6 KB
2 sc-static.net
sc-static.net
14 KB
2 mgid.com
a.mgid.com
4 KB
2 googleadservices.com
www.googleadservices.com
24 KB
1 zohostatic.com
js.zohostatic.com
5 KB
1 hotjar.io
vc.hotjar.io
116 B
1 zohopublic.com
vts.zohopublic.com
1 yahoo.com
sp.analytics.yahoo.com
870 B
1 t.co
t.co
448 B
1 twitter.com
analytics.twitter.com
652 B
1 bluekai.com
stags.bluekai.com
1 wzrkt.com
wzrkt.com
861 B
1 notifyvisitors.com
www.notifyvisitors.com
4 KB
1 clmbtech.com
ade.clmbtech.com
1 KB
1 quora.com
q.quora.com
422 B
1 bkrtx.com
tags.bkrtx.com
11 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
15 KB
1 traceinsta.com
conversions.traceinsta.com
458 B
1 livenutralite.com
lite.livenutralite.com
529 B
0 Failed
function sub() { [native code] }. Failed
187 43
Domain Requested by
40 www.ketto.org www.ketto.org
10 www.google.de
10 www.google.com 1 redirects
10 dev.visualwebsiteoptimizer.com www.ketto.org
dev.visualwebsiteoptimizer.com
9 googleads.g.doubleclick.net www.googleadservices.com
9 prod_cdn.gumlet.io www.ketto.org
8 sessions.bugsnag.com www.ketto.org
5 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
4 trc-events.taboola.com www.ketto.org
4 js.zohocdn.com salesiq.zoho.com
js.zohocdn.com
4 www.facebook.com www.ketto.org
connect.facebook.net
4 trc.taboola.com cdn.taboola.com
www.ketto.org
4 connect.facebook.net www.ketto.org
connect.facebook.net
4 www.googletagmanager.com www.ketto.org
www.googletagmanager.com
4 fonts.gstatic.com fonts.googleapis.com
3 tr.snapchat.com
3 tr.outbrain.com
3 cdnjs.cloudflare.com www.ketto.org
2 css.zohocdn.com salesiq.zoho.com
js.zohocdn.com
2 amplifypixel.outbrain.com
2 9811153.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 salesiq.zoho.com www.ketto.org
2 s.yimg.com www.ketto.org
2 sin.creativecdn.com www.googletagmanager.com
2 asia.creativecdn.com 2 redirects
2 sc-static.net www.googletagmanager.com
sc-static.net
2 a.mgid.com www.googletagmanager.com
2 www.googleadservices.com www.googletagmanager.com
2 cdn.taboola.com www.googletagmanager.com
www.ketto.org
2 notify.bugsnag.com www.ketto.org
2 fonts.googleapis.com ajax.googleapis.com
2 ketto.gumlet.io www.ketto.org
2 graph.facebook.com www.ketto.org
2 prod_cdn.gumlet.com www.ketto.org
1 js.zohostatic.com js.zohocdn.com
1 vc.hotjar.io www.ketto.org
1 vts.zohopublic.com salesiq.zoho.com
1 sp.analytics.yahoo.com s.yimg.com
1 vars.hotjar.com static.hotjar.com
1 t.co
1 analytics.twitter.com static.ads-twitter.com
1 stags.bluekai.com tags.bkrtx.com
1 script.hotjar.com static.hotjar.com
1 wzrkt.com d2r1yp2w7bby2u.cloudfront.net
1 stats.g.doubleclick.net 1 redirects
1 www.notifyvisitors.com www.ketto.org
1 static.hotjar.com www.ketto.org
1 ade.clmbtech.com
1 q.quora.com
1 tags.bkrtx.com www.googletagmanager.com
1 static.ads-twitter.com www.ketto.org
1 amplify.outbrain.com www.googletagmanager.com
1 d2r1yp2w7bby2u.cloudfront.net www.ketto.org
1 ajax.googleapis.com www.ketto.org
1 cdn.gumlet.com www.ketto.org
1 conversions.traceinsta.com 1 redirects
1 lite.livenutralite.com 1 redirects
0 data Failed
187 58
Subject Issuer Validity Valid
ketto.org
Amazon		 2019-10-26 -
2020-11-26		 a year crt.sh
*.gumlet.com
Amazon		 2020-04-04 -
2021-05-04		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2020-06-19 -
2022-07-06		 2 years crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-18 -
2021-05-18		 a year crt.sh
*.gumlet.io
Amazon		 2020-06-20 -
2021-07-20		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.taboola.com
DigiCert SHA2 Secure Server CA		 2020-08-10 -
2021-12-31		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-09 -
2021-07-09		 a year crt.sh
sc-static.net
DigiCert SHA2 Secure Server CA		 2019-03-11 -
2021-03-15		 2 years crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2020-03-09 -
2021-06-08		 a year crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-08-14 -
2020-08-18		 a year crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2020-02-28 -
2021-05-29		 a year crt.sh
*.creativecdn.com
RapidSSL RSA CA 2018		 2019-01-11 -
2021-04-11		 2 years crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-08-06 -
2020-09-20		 a month crt.sh
*.zoho.com
Thawte RSA CA 2018		 2020-05-31 -
2021-05-31		 a year crt.sh
*.quora.com
Let's Encrypt Authority X3		 2020-08-02 -
2020-10-31		 3 months crt.sh
colombiaonline.com
Let's Encrypt Authority X3		 2020-07-21 -
2020-10-19		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2020-06-17 -
2020-09-15		 3 months crt.sh
notifyvisitors.com
Amazon		 2020-08-12 -
2021-09-11		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-12 -
2022-08-17		 2 years crt.sh
www.google.de
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
wzrkt.com
Amazon		 2020-05-19 -
2021-06-19		 a year crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2020-06-18 -
2020-09-16		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1		 2020-04-14 -
2021-04-10		 a year crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-01-02 -
2020-12-28		 a year crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
tr.snapchat.com
DigiCert SHA2 Secure Server CA		 2019-02-19 -
2021-02-23		 2 years crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2020-06-16 -
2020-09-14		 3 months crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-03-04 -
2020-08-31		 6 months crt.sh
*.zohopublic.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-04 -
2021-03-04		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.zohocdn.com
Let's Encrypt Authority X3		 2020-07-29 -
2020-10-27		 3 months crt.sh
vc.hotjar.io
Let's Encrypt Authority X3		 2020-07-14 -
2020-10-12		 3 months crt.sh
*.zohostatic.com
Thawte RSA CA 2018		 2020-05-31 -
2021-05-31		 a year crt.sh

This page contains 9 frames:

Primary Page: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Frame ID: 2AB6E1E966743A355C572F3758E1B27D
Requests: 170 HTTP requests in this frame

Frame: https://sin.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp&tc=1
Frame ID: 5E11F833D588CAAD613071C376D5FD10
Requests: 1 HTTP requests in this frame

Frame: https://9811153.fls.doubleclick.net/activityi;dc_pre=CPn-jJ2qm-sCFVEEiwodhHsHAQ;src=9811153;type=invmedia;cat=dv36000;ord=9403763649457;gtm=2wg871;auiddc=1857669504.1597429932;~oref=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1
Frame ID: 7A72EE1129D5D71D16399273DBBB2B56
Requests: 1 HTTP requests in this frame

Frame: https://sin.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp_offer_206351&tc=1
Frame ID: 0D49951031B411757274E5D4A43EB48D
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/84435?ret=html&phint=__bk_t%3DI%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&phint=__bk_k%3DI%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20lymphoblastic%20leukemia%20Treatment%2C%20Vinod%20Nakti%2C%20Ketto%2C%20crowdfunding%20platform%20in%20India%2C%20raise%20funds%2C%20fundraiser&phint=__bk_l%3Dhttps%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&phint=__bk_v%3D3.1.5&limit=1&r=25780875
Frame ID: 2B97A21A8A331135E0DDED4F8546BD82
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=063d31e7-94b2-4f93-9267-59adb398a633
Frame ID: 31110127ECF562E6C6A1E125D2BB1E61
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 8206F187916DE4DAE5DCDD9D1C573DE3
Requests: 1 HTTP requests in this frame

Frame: https://vts.zohopublic.com/crosdom.html
Frame ID: 9E68232E759D1C751BFA68969021960D
Requests: 1 HTTP requests in this frame

Frame: https://css.zohocdn.com/salesiq/https/styles/newembedtheme_714b9745619d0d1f2eba0d69108c0341_.css
Frame ID: 572345912850EE3676CC2CAFB43BD109
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://lite.livenutralite.com/lt.php?tid=LR4CAFdQAVcAVBhTUwFcG1BXWgAdDlgJAhwHVFBWVQZSAQUIVwJIAARRDA9SBAAbU... HTTP 303
    https://conversions.traceinsta.com/clickResource.aspx?offer_id=452&aff_id=84 HTTP 302
    https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&ut... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

187
Requests

99 %
HTTPS

47 %
IPv6

43
Domains

58
Subdomains

55
IPs

9
Countries

2281 kB
Transfer

8581 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lite.livenutralite.com/lt.php?tid=LR4CAFdQAVcAVBhTUwFcG1BXWgAdDlgJAhwHVFBWVQZSAQUIVwJIAARRDA9SBAAbUAFZAR0CAA9UHApRAgIdUgdSUQFdAwRbA1RUS1cGBwFUDQELHVJUXwIcBwBRAh1cVFQAHFYMUVRTVQQBBAdWDg HTTP 303
    https://conversions.traceinsta.com/clickResource.aspx?offer_id=452&aff_id=84 HTTP 302
    https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72
  • https://asia.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp HTTP 302
  • https://sin.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp&tc=1
Request Chain 81
  • https://9811153.fls.doubleclick.net/activityi;src=9811153;type=invmedia;cat=dv36000;ord=9403763649457;gtm=2wg871;auiddc=1857669504.1597429932;~oref=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1 HTTP 302
  • https://9811153.fls.doubleclick.net/activityi;dc_pre=CPn-jJ2qm-sCFVEEiwodhHsHAQ;src=9811153;type=invmedia;cat=dv36000;ord=9403763649457;gtm=2wg871;auiddc=1857669504.1597429932;~oref=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1
Request Chain 82
  • https://asia.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp_offer_206351 HTTP 302
  • https://sin.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp_offer_206351&tc=1
Request Chain 107
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=591214109&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&ul=en-us&de=UTF-8&dt=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAL~&jid=1661265729&gjid=1705609034&cid=1276580915.1597429932&tid=UA-30181760-1&_gid=1642791541.1597429932&_r=1&gtm=2wg871MJRMLZ&z=2017006611 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=1276580915.1597429932&jid=1661265729&_gid=1642791541.1597429932&gjid=1705609034&_v=j83&z=2017006611 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1276580915.1597429932&jid=1661265729&_v=j83&z=2017006611 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1276580915.1597429932&jid=1661265729&_v=j83&z=2017006611&slf_rd=1&random=2655009917

187 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request savevinod
www.ketto.org/fundraiser/
Redirect Chain
  • http://lite.livenutralite.com/lt.php?tid=LR4CAFdQAVcAVBhTUwFcG1BXWgAdDlgJAhwHVFBWVQZSAQUIVwJIAARRDA9SBAAbUAFZAR0CAA9UHApRAgIdUgdSUQFdAwRbA1RUS1cGBwFUDQELHVJUXwIcBwBRAh1cVFQAHFYMUVRTVQQBBAdWDg
  • https://conversions.traceinsta.com/clickResource.aspx?offer_id=452&aff_id=84
  • https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17bb6d7d5216426a5809ea3cdfd712c8dad4f898c99beef7f6cd76bb6836a687

Request headers

:method
GET
:authority
www.ketto.org
:scheme
https
:path
/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html
date
Fri, 14 Aug 2020 16:50:16 GMT
last-modified
Fri, 14 Aug 2020 16:49:53 GMT
etag
W/"6b55b0d7b8682a1a142fa577ebbd5cf1"
cache-control
max-age=31536000
expires
Fri, 21 Mar 2042 23:59:59 GMT
x-amz-version-id
null
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Error from cloudfront
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
7Ufb8DMt3TrSRijh4vDj6RYNivJZAvsu_dEcv7ngiO0rdZZCsaw7Ew==
age
6114

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Set-Cookie
aff_id=84; path=/ aff_id=84; path=/
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Date
Fri, 14 Aug 2020 18:32:09 GMT
Content-Length
264
logo-light-bg.svg
prod_cdn.gumlet.com/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod_cdn.gumlet.com/images/logo-light-bg.svg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:a600:9:d911:8400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b08a2fde13d4e5798529ef923dc39f8fdbba7691008326e0c1125587f87b1b08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
etag
a618249d409a096d254911e4f00fb0d1
x-gumlet-reqid
5f23b211079c4c6c07d7777c
age
1255064
x-cache
Hit from cloudfront
status
200
x-gumlet-runtime
0.061
access-control-allow-origin
*
date
Fri, 31 Jul 2020 05:54:25 GMT
vary
accept
content-type
image/svg+xml
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
cache-control
public, max-age=8640000, s-maxage=8640000
x-server
Gumlet
x-amz-cf-pop
DUS51-C1
link
<https://d1vdjc70h9nzd9.cloudfront.net/images/logo-light-bg.svg>; rel="canonical"
x-amz-cf-id
AIShEklErzIbBD8kXoECv2GIMyIiQ0gUFzIoh8M_FMy5rM1fqOv11A==
runtime.332c0d8c97d8dd323138.js
www.ketto.org/new/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5155943531c964c616ba1c144a3d012bca02587c820c7ae2a6fe5f4914b53443

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:24:34 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:53 GMT
server
AmazonS3
age
456
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
aeIISbB9opphNOGv4OQ7dyRIi2xdNBThcffjQ88pszUl8YfXxzCszA==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
polyfills.322ccf2294111b9a8acf.js
www.ketto.org/new/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a8d8d20668c37cd7274a877dba671f3aa09f47005310c522091919df9d26450

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:41:56 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:53 GMT
server
AmazonS3
age
3014
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
miB_OkjB7nWNlaUqutevM8ansHxko28NQUxyWRCk1SAgwCY6PwyRwA==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
styles.df309e2f2f81ae34f75d.js
www.ketto.org/new/ 		313 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/styles.df309e2f2f81ae34f75d.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e5e69b3bd8524275320d79691d09aaba7d7d9d869cf91c53252d1d2c8595d87

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:41:56 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:53 GMT
server
AmazonS3
age
3014
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
eC_-zB71wNvWUHgoSEdXAeW7NSpWdH4BHjmtwSJwXei486WpQV-LzA==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
scripts.9ddf727ecc94cd123172.js
www.ketto.org/new/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/scripts.9ddf727ecc94cd123172.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29b516aee6a400f25664f52b1919736ae13dca09da5edf0290aed5e92b206ed7

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:41:56 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:53 GMT
server
AmazonS3
age
3014
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
RUyM5vZ0-dAi-30ExFQAvI8tD-iGlKAdvtQlpSEiV9muDvXQpwAQbw==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
vendor.200914911de94f95615a.js
www.ketto.org/new/ 		2 MB
458 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/vendor.200914911de94f95615a.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12bf7d43ba2eb8c2e321c57ea2d8c15db35e7e61aafecf5908188a9f688bdac7

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:41:56 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:53 GMT
server
AmazonS3
age
3014
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
Xb75fcFEtZhklagwaA1PcGSuovb7Lwu3Yo49KFd0pyDhbdHfA58sXw==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
main.7d94bcd077df7bd8ba82.js
www.ketto.org/new/ 		474 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/main.7d94bcd077df7bd8ba82.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09a09b9e2e6bd0d0f04c4d41a65e288a1bb1091ceb9990395b4a84dd248c2445

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:24:34 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:53 GMT
server
AmazonS3
age
456
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
6mDLZDVm7Kxk0jqkHBCV7T0P9nBNWMlmucNXg6ENaTYt1R7BdEXobQ==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
vwo.js
www.ketto.org/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/assets/js/vwo.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17d81106176fdcddbcb848b8527dd2514831e000cabce15dc66b96c7212f73b7

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:41:56 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:51 GMT
server
AmazonS3
age
3014
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
jsptt5PeGqKiPBZ0l9TSQpzaqogunNCn9Mcgqqec4-Y5lxNzRuRwfQ==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
gumlet.min.js
cdn.gumlet.com/gumlet.js/2.0/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gumlet.com/gumlet.js/2.0/gumlet.min.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7a00:11:c3fe:5b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
790fa159386b80e1ff4677d65fc9eb7c59f9b86c4ee6e9de737d6964867af4b8

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 12:38:46 GMT
content-encoding
gzip
last-modified
Sun, 28 Jun 2020 19:11:17 GMT
server
AmazonS3
age
21204
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
G3Wq1uOZ4qX4zQqlP1NceiIgug5LR_9LmR4CJAzsjF2FM5v_RMUooA==
via
1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
spinner.svg
www.ketto.org/assets/images/ 		855 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ketto.org/assets/images/spinner.svg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
330c6994f421612a2a17b91f08e16a970dd2158a4632e9c133a393be9cefbf99

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:01:08 GMT
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
age
5462
x-cache
Hit from cloudfront
status
200
content-length
855
last-modified
Fri, 14 Aug 2020 16:49:50 GMT
server
AmazonS3
etag
"cded618b6ad289ddd62ee325c973c092"
x-amz-version-id
null
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
image/svg+xml
x-amz-cf-id
f1sIy54doVYvpvlopVT5-QY2PdeS4p-DvxQ4x_R6yyHTXXs-SVNm0g==
expires
Fri, 21 Mar 2042 23:59:59 GMT
truncated
/ 		58 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/webp
j.php
dev.visualwebsiteoptimizer.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&f=1&r=0.5336409919095053
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/assets/js/vwo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
af794b0eedf53ca14150e0aaa8c987d161914d459d7334a373ee7d9454e446ef

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:10 GMT
content-encoding
gzip
server
gfra1
content-type
application/javascript; charset=UTF-8
status
200
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google
va-44ab19c220e47f67e9b7970ae24b5af7.js
dev.visualwebsiteoptimizer.com/6.0/ 		195 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/6.0/va-44ab19c220e47f67e9b7970ae24b5af7.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&f=1&r=0.5336409919095053
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
706768e4b131b180c185e87060ad8927da59d9f131ca9541cd8132a83330a8f6

Request headers

Origin
https://www.ketto.org
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:09 GMT
content-encoding
br
last-modified
Fri, 14 Aug 2020 10:09:29 GMT
server
gfra1
status
200
etag
"5f3662d9-e242"
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57922
via
1.1 google
track-44ab19c220e47f67e9b7970ae24b5af7.js
dev.visualwebsiteoptimizer.com/6.0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/6.0/track-44ab19c220e47f67e9b7970ae24b5af7.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&f=1&r=0.5336409919095053
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
6b3a3c33d38c05b3a3fcd41e055290f200a958b67f00979b9a83f7af8ac5b33b

Request headers

Origin
https://www.ketto.org
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:09 GMT
content-encoding
br
last-modified
Fri, 14 Aug 2020 10:09:29 GMT
server
gfra1
status
200
etag
"5f3662d9-e12"
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3602
via
1.1 google
opa-a4111607dc5ce718c2993c75e25e5d78.js
dev.visualwebsiteoptimizer.com/analysis/3.0/ 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/3.0/opa-a4111607dc5ce718c2993c75e25e5d78.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&f=1&r=0.5336409919095053
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
9d1d20907ba83d3f3470e59e4304e94a093514d204330dde7afea7056c13febd

Request headers

Origin
https://www.ketto.org
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:10 GMT
content-encoding
br
last-modified
Tue, 21 Jul 2020 12:27:40 GMT
server
gfra1
status
200
etag
"5f16df3c-5558"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21848
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=326437&d=ketto.org&u=D35CCE63F00B8B4E7D8C7017DCEB8C0AD&h=148e3c17ca415570ce24c767293813b7&t=false&r=0.3794822549028798
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:09 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
13.58af89580acc9ee4e561.js
www.ketto.org/new/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/13.58af89580acc9ee4e561.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b5e89ff4b46e5bd5ce4901f44203e73839865bd0f57fa9a955da009f05fb1a0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:24:35 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:40 GMT
server
AmazonS3
age
456
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
OuiP6cTkFLZSrf8WJTiclJR2p0WtOdFpE2hUeuwfp9fe5cuYH-D_aQ==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Server
2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://www.ketto.org
Sec-Fetch-Mode
cors

Response headers

status
200
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Fri, 14 Aug 2020 18:32:10 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ 		21 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Bugsnag-Sent-At
2020-08-14T18:32:10.366Z
Bugsnag-Api-Key
0d02ac2f63382263e24f75c0adad288e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

status
202
date
Fri, 14 Aug 2020 18:32:10 GMT
via
1.1 google
access-control-allow-origin
*
alt-svc
clear
content-length
21
content-type
application/json
1.fcc86dcbba957cd7b13a.js
www.ketto.org/new/ 		134 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/1.fcc86dcbba957cd7b13a.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c65e707014518bf83814ceca1d50249f336f9eb87347a9176fa766d00c72f6cd

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:42:08 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:40 GMT
server
AmazonS3
age
3002
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
XFu_PKLyOfa5MMUlJ8WP4hnfjhrOpB2LOAews-k6XgSMb8DgWAzYLQ==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
2.88dc38da15625f8c24af.js
www.ketto.org/new/ 		65 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/2.88dc38da15625f8c24af.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b46c117bfc3a32a93541c04e6f8a70dcddab81a10a40237f422804adad586b2a

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:24:36 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:41 GMT
server
AmazonS3
age
455
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
M3COmxPXMBMY3ViEro6fJddRF0U3w-uzDSW7ymGerwg5yaYgvKOUJg==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
3.d37f8603b4fa54d80faa.js
www.ketto.org/new/ 		348 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/3.d37f8603b4fa54d80faa.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02874782bb9e7d9ecfbd6e7083304b6f6e533771ca9e2856b4f70e891ba7bfed

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:42:09 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:41 GMT
server
AmazonS3
age
3002
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
x1Ppl_svFLVcOuQlvIgal_OQwhOw8xCL4T0fpJddYM-V0fSf7Oj9Zg==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
4.5a38cf0f60f44e61eb5f.js
www.ketto.org/new/ 		137 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/4.5a38cf0f60f44e61eb5f.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff7f060e074279be23a8e06fe67eaf945adf1e9acc29c30900ff562009720d11

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:42:09 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:42 GMT
server
AmazonS3
age
3002
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
SOvaz7HBcEBagwtR2xy1sH_TlIwHZC70lsWslZD1KERaYQwqPUSgIQ==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
5.eabbb489516a2d8e3ca8.js
www.ketto.org/new/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/5.eabbb489516a2d8e3ca8.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6138f8a45236b17262de84bfebb83dee850c8b9a6ec4bf0966299f038dc0d38

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:24:36 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:43 GMT
server
AmazonS3
age
455
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
eTFg_jnUcM7yo5kBmQq_obAFeKrbwXWTax33_Hf-vG5SQG800frduQ==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
6.93e8e2a0da0ccbefdc31.js
www.ketto.org/new/ 		75 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/6.93e8e2a0da0ccbefdc31.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3dcd375d9df1f93f1fb70ca5fca9ebeb890234108f548482e62d9a1a0aea1180

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:42:09 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:43 GMT
server
AmazonS3
age
3002
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
oLIhurCX3d29Obixs0xbx71h7eikZuHiGUmfCSXM3rcqhv9iQZfWyQ==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
7.dfa6f9a87af54a78b431.js
www.ketto.org/new/ 		97 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/7.dfa6f9a87af54a78b431.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03105f6d7c6a3d4004b7b82f144215dda56b85b9ba2d1dad03f2c6389659f676

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:42:09 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:43 GMT
server
AmazonS3
age
3002
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
dbagnzHIn6ELo2SSgj5eAe8mLJlkXSr2cU4WXA86iYV9QyzH_c4JoA==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
9.9b320109729015dea4ff.js
www.ketto.org/new/ 		34 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/9.9b320109729015dea4ff.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c965ca7196899feb988531f68796bc31c2bc695448a28dff41a0ab97ce6cf1ae

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:24:36 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:43 GMT
server
AmazonS3
age
455
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
Glnx7HkY6UW2PY6EMaXWBLnxbqjRw9HgBMCd4tIBEkNUyapVhw95AQ==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
10.5e3e329408cbc701ee0a.js
www.ketto.org/new/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/10.5e3e329408cbc701ee0a.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0504480ecbd55fe67ce48d0235fb1a1311c01fe598e8ef496df7e75c8c4ac2f1

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:42:09 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:40 GMT
server
AmazonS3
age
3002
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
MTQ6OEVfyDAvB_4MVoM-XbkfVJ8axGhnhrKfamq-B4lKXXzg3BmgOQ==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
16.ff28a08f1028265d7c7c.js
www.ketto.org/new/ 		149 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/16.ff28a08f1028265d7c7c.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9730ec41e740f87fcd9fa540ecd9e9acd0c83157a286b64771dec1796e9425c

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:42:09 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:40 GMT
server
AmazonS3
age
3002
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
M8vAEgTRkMXb6FIfufV1Zp18hSNKAKzj4rt3aY2tBbPlBJNwv0MqdQ==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
common.4459d9fc2aaea29d7d27.js
www.ketto.org/new/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/common.4459d9fc2aaea29d7d27.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e7f8809736fb650456026093e40140bfd61f988f9007eea4d9f8266aa4ac769

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:42:09 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:52 GMT
server
AmazonS3
age
3002
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
v_nVNFCRSm1ubN7u_VkW27M5Gr7Wq0Ahq4nnfbMSS-2PslsXsIrANw==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
22.28ffd0e9ca8798da5286.js
www.ketto.org/new/ 		270 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/22.28ffd0e9ca8798da5286.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ec47255bd358d62e4d8a4ee9b15a3a1e8effb49fdd41dbfcce9f622218cf6f3

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:24:36 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:41 GMT
server
AmazonS3
age
455
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
cnd690ioTbcIEMVzxi1DLVDheq8Hg36pY9vEcSOxiaL5_F9dL9Giug==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
worker-1acd6955248e984d8c16ea37afb8cbb7.js
dev.visualwebsiteoptimizer.com/analysis/ 		47 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/worker-1acd6955248e984d8c16ea37afb8cbb7.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:09 GMT
content-encoding
br
last-modified
Mon, 16 Mar 2020 04:40:32 GMT
server
gfra1
status
200
etag
"5e6f0340-351f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13599
via
1.1 google
settings.js
dev.visualwebsiteoptimizer.com/ 		3 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=326437&settings_type=1&vn=6.0&r=0.36046739519117676&exc=3|4|235
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/6.0/va-44ab19c220e47f67e9b7970ae24b5af7.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
fa84bff77e9d4858d44a35012e74a85b98343ba75c3eafd0012bd1554257ba8d

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 14 Aug 2020 18:32:09 GMT
content-encoding
gzip
server
gfra1
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google
content-type
application/javascript; charset=UTF-8
logo-light-bg.svg
prod_cdn.gumlet.io/images/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod_cdn.gumlet.io/images/logo-light-bg.svg?w=1140&dpr=1.0
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:9200:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
277dfd85f30b874c8f063fd4c0fc7719182340778939ea8a61f47e99e4aac3cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
etag
f8677c4b980b9e7389a746b527977499
x-gumlet-reqid
5ef8ed1d2840c86f7bea9364
age
4057997
x-cache
Hit from cloudfront
status
200
x-gumlet-runtime
0.041
content-length
29654
date
Sun, 28 Jun 2020 19:18:53 GMT
vary
accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=8640000
x-server
Gumlet
x-amz-cf-pop
DUS51-C1
link
<https://d1vdjc70h9nzd9.cloudfront.net/images/logo-light-bg.svg>; rel="canonical"
x-amz-cf-id
7aNEjfJyTwL8LbPCOxqNJcWUBmIB3UogwRk25hIBzJD4crRktaNmmQ==
14.a9f303fe0d0edce9356b.js
www.ketto.org/new/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/14.a9f303fe0d0edce9356b.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a8ec8465298b1d2cd779b04471b720b19f06ba579fc63cc32291f2506039232

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:42:10 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:40 GMT
server
AmazonS3
age
3001
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
ddYss0D4SQxXiN8UgdKMFLpqbo1mCuePR3HOi7Y8GRn6NrtpASJ1pg==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
47.826064a5c0c62bf77781.js
www.ketto.org/new/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/47.826064a5c0c62bf77781.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e2968b0596e2cfd746c4df153f7835f92eeff22a90348b23a8189d126808ab6

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:42:10 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:43 GMT
server
AmazonS3
age
3001
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
dNyFylwab6MOLqA5WjG6Ao_fyjo3XXzQtop6Vsz-TRMiWZdoeWf6cw==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Server
2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://www.ketto.org
Sec-Fetch-Mode
cors

Response headers

status
200
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Fri, 14 Aug 2020 18:32:10 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
graph.facebook.com/v3.2/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/v3.2/?id=https://www.ketto.org/fundraiser/savevinod&fields=engagement&access_token=337663723602820%7C05e102ad2bd04e00dbbbcab86bbae92f
Protocol
H2
Server
2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization
Origin
https://www.ketto.org
Sec-Fetch-Mode
cors

Response headers

status
200
access-control-allow-methods
GET, POST, DELETE, OPTIONS
x-app-usage
{"call_count":146,"total_cputime":0,"total_time":22}
content-type
application/json; charset=UTF-8
facebook-api-version
v3.2
strict-transport-security
max-age=15552000; preload
pragma
no-cache
x-fb-rev
1002516948
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-max-age
300
access-control-allow-headers
authorization
x-fb-trace-id
G6GbfFzClBy
x-fb-request-id
ANfnLhZV9BYtmXacKGS35I6
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-fb-debug
bMTLF7zmQ1TRM1Kvp1Kqnch3bR5gINQrXsBExbiE/1QcLiNpEE7D2OjLj//xX/eGd3XHihHTsaT5OjzYZLK4bQ==
content-length
0
date
Fri, 14 Aug 2020 18:32:10 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
49.3970c9c281830c93e053.js
www.ketto.org/new/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/49.3970c9c281830c93e053.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.332c0d8c97d8dd323138.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f431fff08ac8e685361a0fad9137bac98ae35869bd4ab871753c674eb2f36b34

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:24:37 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:42 GMT
server
AmazonS3
age
454
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
ZvU_a4GFWwiU0FbflX4LjujRax4iTDDjZIJEpllaSDgyV1VIsQCZKw==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
auth.php
www.ketto.org/vars/ 		3 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/vars/auth.php
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Authorization
Bearer false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:11 GMT
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
x-amz-cf-pop
DUS51-C1
pageurl-1
1
x-powered-by
PHP/5.6.40
x-cache
Miss from cloudfront
content-type
application/json
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
3
x-amz-cf-id
PtbmzJKdHPvWwdtMdEcQ6vFHGd1__F6tE17YSVL2k5mnICNMia5JKQ==
expires
Thu, 19 Nov 1981 08:52:00 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/main.7d94bcd077df7bd8ba82.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 12 Aug 2020 06:52:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
214758
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Aug 2021 06:52:52 GMT
/
sessions.bugsnag.com/ 		21 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Bugsnag-Sent-At
2020-08-14T18:32:10.596Z
Bugsnag-Api-Key
0d02ac2f63382263e24f75c0adad288e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

status
202
date
Fri, 14 Aug 2020 18:32:10 GMT
via
1.1 google
access-control-allow-origin
*
alt-svc
clear
content-length
21
content-type
application/json
/
graph.facebook.com/v3.2/ 		204 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/v3.2/?id=https://www.ketto.org/fundraiser/savevinod&fields=engagement&access_token=337663723602820%7C05e102ad2bd04e00dbbbcab86bbae92f
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
56c347dea31d42addb47370bb5c9bb7d7817f203c3aa8499780f5ec25e7a85a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization
Bearer false

Response headers

strict-transport-security
max-age=15552000; preload
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#4) Application request limit reached"
x-app-usage
{"call_count":146,"total_cputime":0,"total_time":22}
status
403
x-fb-rev
1002516948
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
204
pragma
no-cache
x-fb-debug
HaD47+d9665ERxwwJYftYQr8usvO9yVujIQfgT4RQXWoQAZi8RI+JRulijpvBfgpRqFPlqdhJG6JJ4d1RIl6FA==
x-fb-trace-id
C9PJkkFvKzd
date
Fri, 14 Aug 2020 18:32:10 GMT
content-type
application/json
access-control-allow-origin
*
x-fb-request-id
A2hmdSGl6bxtaQw4u66-uIK
cache-control
no-store
facebook-api-version
v3.2
expires
Sat, 01 Jan 2000 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		664 B
484 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=326437&settings_type=2&vn=6.0&r=0.38679873174411394&u=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&exc=3|4|235
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/6.0/va-44ab19c220e47f67e9b7970ae24b5af7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
87c1cf898465b652c7d037e67aa0289426367727457346c810dce0fc362a7105

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 14 Aug 2020 18:32:09 GMT
content-encoding
gzip
server
gfra1
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google
content-type
application/javascript; charset=UTF-8
iplocation
www.ketto.org/api/third_party/ 		195 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/api/third_party/iplocation
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
nginx/1.11.9 /
Resource Hash
0d8b242bae3b42d161a018d43f7b60366bd0fa44e638bcf0fefdd04807ac5374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Authorization
Bearer false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Aug 2020 18:32:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.11.9
x-amz-cf-pop
DUS51-C1
status
200
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control
no-cache, private
vary
Accept-Encoding
content-length
157
x-xss-protection
1; mode=block
x-amz-cf-id
13A7GCXAfWKyz0pAty4Yb0fb44dK1F6nFc26-iAKFuz3vXPAP2nkeA==
logo-light-bg.svg
prod_cdn.gumlet.com/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod_cdn.gumlet.com/images/logo-light-bg.svg?w=80
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:a600:9:d911:8400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b08a2fde13d4e5798529ef923dc39f8fdbba7691008326e0c1125587f87b1b08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
etag
a618249d409a096d254911e4f00fb0d1
x-gumlet-reqid
5ece37b3fa07a15e2d34b970
age
6856951
x-cache
Hit from cloudfront
status
200
x-gumlet-runtime
0.076
access-control-allow-origin
*
date
Wed, 27 May 2020 09:49:39 GMT
vary
accept
content-type
image/svg+xml
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
cache-control
public, max-age=8640000, s-maxage=8640000
x-server
Gumlet
x-amz-cf-pop
DUS51-C1
link
<https://d1vdjc70h9nzd9.cloudfront.net/images/logo-light-bg.svg>; rel="canonical"
x-amz-cf-id
VuMMaamtUov-o1OcIX-G9ZYCPy8BU0iKudOnfMM236Xj30oa67P0UA==
icomoon.8efc2e3a756630532397.ttf
www.ketto.org/new/ 		29 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/new/icomoon.8efc2e3a756630532397.ttf?i2iup6
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Origin
https://www.ketto.org
Referer
https://www.ketto.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
gzip
last-modified
Fri, 14 Aug 2020 16:49:53 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
null
status
200
cache-control
max-age=31536000
content-type
application/font-sfnt
x-amz-cf-id
NTKDRveFtqKCRh7oHhPdePSLdL5PRsx2oPAuDg1hhk7Ng3g3n7Umew==
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
expires
Fri, 21 Mar 2042 23:59:59 GMT
logo-light-bg.svg
prod_cdn.gumlet.io/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod_cdn.gumlet.io/images/logo-light-bg.svg?w=80&dpr=1.0
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:9200:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b08a2fde13d4e5798529ef923dc39f8fdbba7691008326e0c1125587f87b1b08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
etag
a618249d409a096d254911e4f00fb0d1
x-gumlet-reqid
5ef8ed1d2840c86efaea936a
age
4057996
x-cache
Hit from cloudfront
status
200
x-gumlet-runtime
0.199
access-control-allow-origin
*
date
Sun, 28 Jun 2020 19:18:54 GMT
vary
accept
content-type
image/svg+xml
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
cache-control
public, max-age=8640000, s-maxage=8640000
x-server
Gumlet
x-amz-cf-pop
DUS51-C1
link
<https://d1vdjc70h9nzd9.cloudfront.net/images/logo-light-bg.svg>; rel="canonical"
x-amz-cf-id
gHiUwGIRv2Y1LNXWXo35cB1wNgDQjqr4KIWuJvNib9YpYvoUf4TopA==
logo-dark-bg.svg
prod_cdn.gumlet.io/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod_cdn.gumlet.io/images/logo-dark-bg.svg?w=80&dpr=1.0
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:9200:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb7277a979d49784c392a01f1d9e12d590c848f73e246ad1dd128d5e653c02f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
etag
b7863d2fd08753226399c203e49faba3
x-gumlet-reqid
5ef8ed1e0f854105670b33db
age
4057996
x-gumlet-oc
HIT
x-cache
Hit from cloudfront
status
200
x-gumlet-runtime
0.6
access-control-allow-origin
*
date
Sun, 28 Jun 2020 19:18:54 GMT
vary
accept
content-type
image/svg+xml
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
cache-control
public, max-age=8640000, s-maxage=8640000
x-server
Gumlet
x-amz-cf-pop
DUS51-C1
link
<https://d1vdjc70h9nzd9.cloudfront.net/images/logo-dark-bg.svg>; rel="canonical"
x-amz-cf-id
E3PPoF-H6SQGnEvBNAplkFts1Q15qKaV428r0suCYjU_c0BpQZyVIA==
footer-secured-card.png
ketto.gumlet.io/assets/images/homepage/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ketto.gumlet.io/assets/images/homepage/footer-secured-card.png?w=576&dpr=1.0
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:1600:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bde3528e96f1c3b956575d5fcd4c0d7928e77159c856fcbf2f9300913f65a22a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
etag
fe2151e015370ed0d3f4d5627f0e0762
x-gumlet-reqid
5f2baff22517dc5b0bfec4a4
age
731320
x-cache
Hit from cloudfront
status
200
x-gumlet-runtime
0.041
content-length
9462
date
Thu, 06 Aug 2020 07:23:30 GMT
vary
accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=8640000
x-server
Gumlet
x-amz-cf-pop
DUS51-C1
link
<https://www.ketto.org/assets/images/homepage/footer-secured-card.png>; rel="canonical"
x-amz-cf-id
ZrVdmpmtEufSKxOBf4f7KhC3zLxfMD-2OGcaobbfchUsE_A-zlUfhw==
css
fonts.googleapis.com/ 		8 KB
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d640a627d56a7bb8741578125551070487b6a02ba6c1e28a21b2f092cb4a992f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 Aug 2020 16:37:27 GMT
server
ESF
date
Fri, 14 Aug 2020 18:32:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Aug 2020 18:32:10 GMT
css
fonts.googleapis.com/ 		596 B
448 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Material+Icons&display=swap
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
82ca7b137491e17a1fa14c7ba83766bbc3f9f715c8a9d9847feaf0010859f16b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 Aug 2020 18:32:10 GMT
server
ESF
date
Fri, 14 Aug 2020 18:32:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Aug 2020 18:32:10 GMT
/
notify.bugsnag.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://notify.bugsnag.com/
Protocol
H2
Server
2600:1901:0:a5e4:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://www.ketto.org
Sec-Fetch-Mode
cors

Response headers

status
200
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version
access-control-allow-methods
POST
access-control-allow-origin
*
date
Fri, 14 Aug 2020 18:32:10 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
notify.bugsnag.com/ 		2 B
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notify.bugsnag.com/
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:a5e4:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version
4
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Bugsnag-Sent-At
2020-08-14T18:32:10.835Z
Bugsnag-Api-Key
0d02ac2f63382263e24f75c0adad288e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Aug 2020 18:32:11 GMT
via
1.1 google
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
bugsnag-event-id
5f36d8ab005b7e4eeea00000
alt-svc
clear
content-length
2
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ketto.org
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 09:29:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:19 GMT
server
sffe
age
291757
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13324
x-xss-protection
0
expires
Wed, 11 Aug 2021 09:29:33 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v54/ 		80 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v54/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Material+Icons&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ketto.org
Referer
https://fonts.googleapis.com/css?family=Material+Icons&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 22:40:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 28 Jul 2020 01:58:14 GMT
server
sffe
age
330725
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81824
x-xss-protection
0
expires
Tue, 10 Aug 2021 22:40:05 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ketto.org
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 07 Aug 2020 08:34:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:17 GMT
server
sffe
age
640665
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12976
x-xss-protection
0
expires
Sat, 07 Aug 2021 08:34:25 GMT
gtm.js
www.googletagmanager.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
39277aea7e267a43c1539b79d6035bbb8b3810357f1a33353018282b04c9c06b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:11 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69402
x-xss-protection
0
last-modified
Fri, 14 Aug 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Aug 2020 18:32:11 GMT
a.js
d2r1yp2w7bby2u.cloudfront.net/js/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-53.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a38063da0192b10a1ad5fc0496eb659d23ab881775c8c13072e08f4f55622eca

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 14 Aug 2020 18:26:05 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 06 Jul 2020 18:46:24 GMT
Server
AmazonS3
Age
690
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
Cache-Control
max-age=1800, private
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
c3pR10lMemV7aS7c2JvQsgXPwBKJe1Cu_XQ-V5CkOMPbNlt458wUmA==
savevinod
www.ketto.org/api/fundraisers/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/api/fundraisers/savevinod?with=viewmedicalbill;gallery;basicinfo;beneficiary.avtar;campaigner.avtar;activeteam.member.avtar;activeteam.member.sociallinks;organiser;tipModel;rewards;likescount;banktransfer;cause;campaigner.social;campaigner.aggFundraiser;campaigner.aggdonation;mediaBeneficiary;matchingDonor;googleIndex&currency=EUR&page_type=campaign
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
nginx/1.11.9 /
Resource Hash
a027bca296eceea8c751681833d5de45ba89aee6412fea44b151e682dbc960c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Authorization
Bearer false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Aug 2020 18:30:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
x-cache
Hit from cloudfront
status
200
content-length
1837
x-xss-protection
1; mode=block
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control
no-cache, private
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
dXCF6RVnRF8pxIYaEHEpgL4FnrE-wQ324x26J6b1SqxjVTzrwNabag==
tfa.js
cdn.taboola.com/libtrc/unip/1271067/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1271067/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b76bb0ad5be77742c6e2dc706c1a00073520da9304b49112e9e8f8ea84c76f9c

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
ig0nyOy57rSICaLHV1dhhnnI1bYSJ19Q
content-encoding
gzip
etag
"e741f07b18153520f5aefb6e02382a65"
age
0
x-cache
HIT
status
200
x-amz-replication-status
COMPLETED
content-length
21096
x-amz-id-2
xAf1TXD3doOKpPd+krqNZJi6pxtpZQKQIoVNlbmr0SayRNpTKBLSi4XjSX5S9GyLR+GZKPeJdIA=
x-served-by
cache-fra19175-FRA
last-modified
Mon, 27 Jul 2020 20:22:31 GMT
server
AmazonS3
x-timer
S1597429932.684546,VS0,VE104
date
Fri, 14 Aug 2020 18:32:11 GMT
vary
Accept-Encoding
x-amz-request-id
84928371BDF4BD4F
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
78
x-cache-hits
1
fbevents.js
connect.facebook.net/en_US/ 		134 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34269
x-xss-protection
0
pragma
public
x-fb-debug
UzU3jke8Qmo9JEVNDv1j1hj22z3doiRXiIU/TeEUBxM8f8n1c8FpAueJv674gLpIimnFpCjuvleUWole3w7G6w==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 14 Aug 2020 18:32:11 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
92f410985c0233c9abcba33b98f05b3e24d5ea3e80f5083466d545e94d49ec43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11332
x-xss-protection
0
server
cafe
etag
5272426352805486351
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 14 Aug 2020 18:32:11 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
7110
date
Fri, 14 Aug 2020 16:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Fri, 14 Aug 2020 18:33:41 GMT
mgsensor.js
a.mgid.com/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mgid.com/mgsensor.js?d=1597429931593&source=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b07c6fb64749e8a8fa27e5d80bdfdb3c6b0661840b7a6af095e657a1cdecc3bc

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
889db4d5-42fd-44b7-be51-f1ae428304da
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
048fd7768300000847a49e0200000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
5c2cc1d0d8330847-CDG
scevent.min.js
sc-static.net/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-119.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:11 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
DUS51-C1
status
200
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
5415
via
1.1 c51e3be89c14e3f859ea898f7e36eced.cloudfront.net (CloudFront)
x-amz-cf-id
uZE-OLnQa1-cWq7220A_4llerYBVdMZmN69Jc4g_sQIiV1C0CigsVQ==
obtp.js
amplify.outbrain.com/cp/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-44.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c0161becb5fafacfce1ed84b0cb433d722cd05f49a9bddd970f3beda387f4ac1

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 14 Aug 2020 18:32:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Jul 2020 06:46:19 GMT
Server
AkamaiNetStorage
ETag
"0e73951387d5f29371176e76c57bc02c:1595832379.898009"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2622
Expires
Fri, 14 Aug 2020 18:52:11 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:11 GMT
content-encoding
gzip
age
75606
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1958
x-served-by
cache-hhn4060-HHN
last-modified
Mon, 10 Aug 2020 18:10:59 GMT
x-timer
S1597429932.687312,VS0,VE0
etag
"a4cc3f907681b24a3efd540acd5d2996+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-782023289
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4a84e415abb3f7df331968fdf75c28d1b0db7935219abe78aced71ece15f5600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:11 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35753
x-xss-protection
0
last-modified
Fri, 14 Aug 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Aug 2020 18:32:11 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1201088/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1201088/tfa.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25f36c05d70e31e1c49176074f12f940a0e43627a489c5a03d0519bc01729d4f

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
av_XXdGEG931XGhjlYFT3JFqkNCDLgBl
content-encoding
gzip
etag
"f98cc2169c896daadce460efaac5bb70"
age
0
x-cache
HIT
status
200
x-amz-replication-status
COMPLETED
content-length
21093
x-amz-id-2
PAlY2YwdjxsdSuLZefZ/Xihk6K84wlIcGZCDm5sMD6J+LfvyR7ppo824dUXc2rPeeGgjyNedAwE=
x-served-by
cache-fra19175-FRA
last-modified
Mon, 27 Jul 2020 20:28:36 GMT
server
AmazonS3
x-timer
S1597429932.684695,VS0,VE97
date
Fri, 14 Aug 2020 18:32:11 GMT
vary
Accept-Encoding
x-amz-request-id
D9A1113B45F714D4
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
78
x-cache-hits
1
bk-coretag.js
tags.bkrtx.com/js/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.10.68.93 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-10-68-93.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
1fc90ca7cad373bbb2464bc5cf020c039a70652527015c24a61f1da4c0e9d11a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 16 Jun 2020 22:42:47 GMT
Server
nginx/1.15.8
ETag
W/"5ee94ae7-784f"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Date
Fri, 14 Aug 2020 18:32:11 GMT
Connection
keep-alive
Content-Length
10653
Expires
Fri, 21 Aug 2020 18:32:11 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-9811153
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0501f6b372fbd170f6feefd1db0d4a1f2e76ef02f93a5dd91031194299f612cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:11 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35740
x-xss-protection
0
last-modified
Fri, 14 Aug 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Aug 2020 18:32:11 GMT
tags
sin.creativecdn.com/ Frame 5E11
Redirect Chain
  • https://asia.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp
  • https://sin.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp&tc=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sin.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp&tc=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
sin.creativecdn.com
:scheme
https
:path
/tags?id=pr_2WHipQMZZIb93rcciYUp&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ts=1597429932; u=y8YNJ5Z9XD5U9YocMqyJ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1

Response headers

status
200
date
Fri, 14 Aug 2020 18:32:12 GMT Fri, 14 Aug 2020 18:32:12 GMT
content-type
text/html;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
vary
Accept-Encoding, User-Agent
content-encoding
gzip
content-length
129

Redirect headers

status
302
date
Fri, 14 Aug 2020 18:32:12 GMT
set-cookie
u=J72ja1lYxo2RvS3vjLzX;Path=/;Domain=.creativecdn.com;Expires=Sat, 14-Aug-2021 18:32:12 GMT;Max-Age=31536000;Secure;SameSite=None ts=1597429932;Path=/;Domain=.creativecdn.com;Expires=Sat, 14-Aug-2021 18:32:12 GMT;Max-Age=31536000;Secure;SameSite=None
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sin.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp&tc=1
content-length
0
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-622239721
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a43314c34f0f99c963ea0b070e868a8cf7bda97a15d17295d7d6687ceb3fddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:11 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35751
x-xss-protection
0
last-modified
Fri, 14 Aug 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Aug 2020 18:32:11 GMT
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
88cf2c9a4c4bcef2aa64fb6ea0f337f78e9a7dc61d87993441369fa5cb429d32
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion
1
date
Fri, 14 Aug 2020 18:13:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1144
x-amz-server-side-encryption
AES256
status
200
vary
Origin, Accept-Encoding
content-length
5573
x-amz-id-2
OkLfUMt5OJ809AZFs5op3eg2kILSXc5wFS4fUPy8u2obSU/kwxTOKwRxG/SPsSgw2xt5exxDlv0=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 16 Sep 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 11 Aug 2020 09:21:22 GMT
server
ATS
etag
"4af30fdfb3f25202fae672877237b12e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
9N5REGDQ1T2N9K8W
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
v0T4VwTcSKojm0k.rRPUA2jezlg4p0ZC
accept-ranges
bytes
content-type
application/javascript
widget
salesiq.zoho.com/ 		104 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://salesiq.zoho.com/widget
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.141.42.111 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
69c0eb863ddd5fe37ed39b0ae84f01ca9e0390c963940cf132ad9aa1fef98779
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
Date
Fri, 14 Aug 2020 18:32:12 GMT
Content-Encoding
gzip
Server
ZGS
vary
accept-encoding
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000
Expires
Fri, 14 Aug 2020 18:37:12 GMT
pixel
q.quora.com/_/ad/2f1d52102c1740ab95927f4a5a2b84ea/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/2f1d52102c1740ab95927f4a5a2b84ea/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.203.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-203-195.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 14 Aug 2020 18:32:12 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Q-Stat
,73cefde72af65df3037946d0010963ac,10.0.0.108,35838,82.102.18.114,,27329876290,1,1597429932.124,0.002,,.,0,0,0.000,0.004,-,0,0,197,201,100,10,26847,,,,,,-,
Content-Type
image/gif
eventTracking.htm
ade.clmbtech.com/cde/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.clmbtech.com/cde/eventTracking.htm?pixelId=8367&_w=1&rd=1597429931610
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
91f41aca1c42388a52cffa41e75305c6e98ba8c97aaa68c62143b6b7de08d912
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
x-content-type-options
nosniff
server
nginx
date
Fri, 14 Aug 2020 18:32:11 GMT
x-frame-options
sameorigin
content-type
image/jpeg
status
200
content-disposition
inline;filename=f.txt
content-length
1121
x-xss-protection
1; mode=block
hotjar-200024.js
static.hotjar.com/c/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-200024.js?sv=5
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress4
Software
/
Resource Hash
0cf8316d1c0bd99f64b6324e04fef377b8673bc58a4a94082c74c6ca95c95efd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:11 GMT
content-encoding
br
x-content-type-options
nosniff
section-io-tag
hotjarjs
age
0
status
200
section-io-cache
Miss
vary
Accept-Encoding
cache-control
max-age=60
etag
W/415e99c9043425fa5842146cf6cd821e
access-control-max-age
600
section-io-origin-status
200
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.019
section-io-id
5ff88b325c7cc574cef275883c0e3fd3
accept-ranges
bytes
content-type
application/javascript
section-origin-responded
true
settings
www.notifyvisitors.com/ext/v1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.notifyvisitors.com/ext/v1/settings?bid_e=35D48324D3C04FCCC90B4AA741DC5A1D&bid=8420&t=420&iFrame=false&trafficSource=&link_referrer=&pageUrl=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&path=%2Ffundraiser%2Fsavevinod&domain=https%3A%2F%2Fwww.ketto.org&gmOffset=7200&screenWidth=1600&screenHeight=1200&isPwa=0&cookieData=_vis_opt_test_cookie%3D1%3B%20_vwo_uuid%3DD35CCE63F00B8B4E7D8C7017DCEB8C0AD%3B%20_vwo_ds%3D3%25241597429930%253A85.16953196%253A%253A%3B%20_vwo_sn%3D0%253A1%3B%20_gcl_au%3D1.1.1857669504.1597429932%3B%20utm_source%3Dexternal_dst%3B%20utm_medium%3Demail%3B%20utm_campaign%3Dsavevinod%3B%20utm_term%3Dp1&storage=%7B%22session%22%3A%7B%7D%2C%22local%22%3A%7B%7D%7D&
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:4a00:14:81fb:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d919097bd77765df86dedf74a1f363adb9ac1f4099cfe882bbb8995d223b48d2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
DUS51-C1
status
200
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
via
1.1 c51e3be89c14e3f859ea898f7e36eced.cloudfront.net (CloudFront)
x-amz-cf-id
xngBCQWo37fce-WP7ju0l2QoRn9yeIMT7K8GkJsMo3anRqOxbIpD-Q==
x-xss-protection
1; mode=block
raised
www.ketto.org/api/fundraisers/savevinod/ 		106 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/api/fundraisers/savevinod/raised?currency=EUR&page_type=campaign
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
nginx/1.11.9 /
Resource Hash
513df0b5429c2ba8ecb2a8cbac3dbf5379c08906226ac2b312da271ef2a67bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Authorization
Bearer false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.11.9
x-amz-cf-pop
DUS51-C1
status
200
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control
no-cache, private
vary
Accept-Encoding
content-length
106
x-xss-protection
1; mode=block
x-amz-cf-id
vukTse7UTWlscruhAsAlG6IOJg9pVR7uTyx4_3rfLJl84sFegU-Dww==
activityi;dc_pre=CPn-jJ2qm-sCFVEEiwodhHsHAQ;src=9811153;type=invmedia;cat=dv36000;ord=9403763649457;gtm=2wg871;auiddc=1857669504.1597429932;~oref=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevino...
9811153.fls.doubleclick.net/ Frame 7A72
Redirect Chain
  • https://9811153.fls.doubleclick.net/activityi;src=9811153;type=invmedia;cat=dv36000;ord=9403763649457;gtm=2wg871;auiddc=1857669504.1597429932;~oref=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevi...
  • https://9811153.fls.doubleclick.net/activityi;dc_pre=CPn-jJ2qm-sCFVEEiwodhHsHAQ;src=9811153;type=invmedia;cat=dv36000;ord=9403763649457;gtm=2wg871;auiddc=1857669504.1597429932;~oref=https%3A%2F%2Fw...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9811153.fls.doubleclick.net/activityi;dc_pre=CPn-jJ2qm-sCFVEEiwodhHsHAQ;src=9811153;type=invmedia;cat=dv36000;ord=9403763649457;gtm=2wg871;auiddc=1857669504.1597429932;~oref=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
172.217.21.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f198.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9811153.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CPn-jJ2qm-sCFVEEiwodhHsHAQ;src=9811153;type=invmedia;cat=dv36000;ord=9403763649457;gtm=2wg871;auiddc=1857669504.1597429932;~oref=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 14 Aug 2020 18:32:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
459
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 14-Aug-2020 18:47:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 14 Aug 2020 18:32:11 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9811153.fls.doubleclick.net/activityi;dc_pre=CPn-jJ2qm-sCFVEEiwodhHsHAQ;src=9811153;type=invmedia;cat=dv36000;ord=9403763649457;gtm=2wg871;auiddc=1857669504.1597429932;~oref=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tags
sin.creativecdn.com/ Frame 0D49
Redirect Chain
  • https://asia.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp_offer_206351
  • https://sin.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp_offer_206351&tc=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sin.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp_offer_206351&tc=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
sin.creativecdn.com
:scheme
https
:path
/tags?id=pr_2WHipQMZZIb93rcciYUp_offer_206351&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ts=1597429932; u=y8YNJ5Z9XD5U9YocMqyJ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1

Response headers

status
200
date
Fri, 14 Aug 2020 18:32:12 GMT Fri, 14 Aug 2020 18:32:12 GMT
content-type
text/html;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
vary
Accept-Encoding, User-Agent
content-encoding
gzip
content-length
193

Redirect headers

status
302
date
Fri, 14 Aug 2020 18:32:12 GMT
set-cookie
u=y8YNJ5Z9XD5U9YocMqyJ;Path=/;Domain=.creativecdn.com;Expires=Sat, 14-Aug-2021 18:32:12 GMT;Max-Age=31536000;Secure;SameSite=None ts=1597429932;Path=/;Domain=.creativecdn.com;Expires=Sat, 14-Aug-2021 18:32:12 GMT;Max-Age=31536000;Secure;SameSite=None
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sin.creativecdn.com/tags?id=pr_2WHipQMZZIb93rcciYUp_offer_206351&tc=1
content-length
0
system_event.php
www.ketto.org/vars/ 		16 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/vars/system_event.php?eventName=campaign_viewed&event_type=campaign&event_type_id=206351&page_name=campaign&referrer_page=&ab_testname=&ab_value=&payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization
Bearer false

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:12 GMT
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
x-amz-cf-pop
DUS51-C1
pageurl-1
1
x-powered-by
PHP/5.6.40
x-cache
Miss from cloudfront
content-type
application/json
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
16
x-amz-cf-id
QZD_Ow3xqy2_xXllj9szm0xbDZ5md9tFGq7aaZXv0OXWZLe2rfEmjw==
expires
Thu, 19 Nov 1981 08:52:00 GMT
system_event.php
www.ketto.org/vars/ 		16 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/vars/system_event.php?eventName=pageView&event_type=campaign&event_type_id=206351&page_name=campaign&info_3=campaign&referrer_page=&ab_testname=&ab_value=&payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization
Bearer false

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:12 GMT
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
x-amz-cf-pop
DUS51-C1
pageurl-1
1
x-powered-by
PHP/5.6.40
x-cache
Miss from cloudfront
content-type
application/json
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
16
x-amz-cf-id
Kxn5FJgiqgaHP8pUAdry3UhGs5tucgezLPqT_oRd6BCMt9gy3vEdFw==
expires
Thu, 19 Nov 1981 08:52:00 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/main.7d94bcd077df7bd8ba82.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c55e6b4bdfe4dd6cdf789c8a25d028a23c4c9b8907a3c5effd20019c9201a2b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
2a3kryQyhSH6I/06nASfdA==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
etag
"82ad38d27c00411e8dec2350da9c8e1f"
x-fb-debug
vYM6CGJ2tky1I3drqp6fazLVlnJ3vdNeBloLt0ZcU+haZL+FeO+Z99iOjFP4YfAg/VlruRXo26KsmIhMFbNCvA==
x-fb-trip-id
664085054
x-fb-content-md5
4a1a21d273a26f5f315d363bcb6820bd
x-frame-options
DENY
date
Fri, 14 Aug 2020 18:32:11 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 14 Aug 2020 18:37:42 GMT
supporting_fundraisers
www.ketto.org/api/fundraisers/206351/ 		238 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/api/fundraisers/206351/supporting_fundraisers?with=raised;entity.avtar&limit=5&page=1&currency=EUR
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
nginx/1.11.9 /
Resource Hash
97cd49864560d22ff6b0f4e9c5ad0bf458ba722ef100167f1cb7b9b8008628f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Authorization
Bearer false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Aug 2020 18:30:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
x-cache
Hit from cloudfront
status
200
content-length
169
x-xss-protection
1; mode=block
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control
no-cache, private
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
JJuO37HYds1W-bCOyaxsvmYbRrhdpBKW-kCDe4jU3o9qI3sCuWLesw==
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ketto.org
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 11 Aug 2020 01:52:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:07 GMT
server
sffe
age
319199
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13108
x-xss-protection
0
expires
Wed, 11 Aug 2021 01:52:12 GMT
contribute
www.ketto.org/api/fundraisers/206351/ 		393 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/api/fundraisers/206351/contribute?currency=EUR
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
nginx/1.11.9 /
Resource Hash
8344eb22ba02e162d00fc025368140810c5f31224dd28c496f44524784691ad5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Authorization
Bearer false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Aug 2020 18:30:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
x-cache
Hit from cloudfront
status
200
content-length
254
x-xss-protection
1; mode=block
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control
no-cache, private
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
fmvJWD1Ek6Bwg61uE9gQMGE2a71D95PgZRqrfj4ZaJdqbVskb62v2w==
transparent.png
www.ketto.org/assets/images/ 		0
0
donors
www.ketto.org/api/fundraisers/savevinod/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/api/fundraisers/savevinod/donors?search=is_anonymous:0&limit=5&orderBy=donated_amount&sortedBy=desc&showError=false
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
nginx/1.11.9 /
Resource Hash
f8c17cba121381e714dbe5db4a85fcbba0b074fe21f95b568a92c604a7984581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Authorization
Bearer false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.11.9
x-amz-cf-pop
DUS51-C1
status
200
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control
no-cache, private
vary
Accept-Encoding
content-length
789
x-xss-protection
1; mode=block
x-amz-cf-id
s9Kp8fGAVQy8hg2z2GOBbA9HdVHdm-cW1IOfSQdc6ffQOUGP0N0MQg==
topshares
www.ketto.org/api/fundraisers/206351/ 		699 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/api/fundraisers/206351/topshares?limit=5
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
nginx/1.11.9 /
Resource Hash
cd5f808e3663bcca56971fbcd718c4f716f126437e0cff67a912a4ec7c8425ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Authorization
Bearer false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Aug 2020 18:30:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
x-cache
Hit from cloudfront
status
200
content-length
382
x-xss-protection
1; mode=block
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control
no-cache, private
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
tPWyG3JOAAEUqWvgBU97BB27j3o4Huz7urs-0CnSUmjIcwspF7_8Vg==
donors
www.ketto.org/api/fundraisers/savevinod/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/api/fundraisers/savevinod/donors?with=activation;comments;matchingDonation&limit=5&page=1&orderBy=donated_amount&sortedBy=desc&showError=false
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
nginx/1.11.9 /
Resource Hash
7fe98c695098de4558e2ccb69004791f97e1a4d3fe674d86365001dc11d2a734
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Authorization
Bearer false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.11.9
x-amz-cf-pop
DUS51-C1
status
200
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
application/json
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control
no-cache, private
vary
Accept-Encoding
content-length
1056
x-xss-protection
1; mode=block
x-amz-cf-id
ptxRPAYcqMkq69nYYJnsRQG6F6hx9c6DgHUW7zUZ_1lqncawsS3XmQ==
comments
www.ketto.org/api/fundraisers/savevinod/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/api/fundraisers/savevinod/comments?limit=10
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
nginx/1.11.9 /
Resource Hash
756e6298846a50ce305feb76264834e4ea33b968d7ddca1f1cd5810ce17c48d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Authorization
Bearer false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Aug 2020 18:30:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
x-cache
Hit from cloudfront
status
200
content-length
1701
x-xss-protection
1; mode=block
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control
no-cache, private
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
D4lAUAxtRhW0wnQnfHqLqnGGUN4KCokRNeLxh6f2dKevvsx2USgUNA==
updates
www.ketto.org/api/fundraisers/savevinod/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/api/fundraisers/savevinod/updates?with=owner.avtar;comments;likesCount&limit=2&orderBy=creation_time&sortedBy=desc
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
nginx/1.11.9 /
Resource Hash
3ee7161181afa416d0ebe6ad270e1202e8d14f0d802ef72dfd944dc4cbebe72c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Authorization
Bearer false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Aug 2020 18:30:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
x-cache
Hit from cloudfront
status
200
content-length
919
x-xss-protection
1; mode=block
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control
no-cache, private
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
9n2sorIc63I0RjvHzVrljUmze_b3IdjXxFPmE4BhIMfiCB4YkdWfOQ==
verifiednew.png
ketto.gumlet.io/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ketto.gumlet.io/assets/images/verifiednew.png?w=160&dpr=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:1600:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9ba29d8b3f76a11913e3ecfcb2881886a94fc163ef43cee5f1303085b05bcada
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
etag
aca64ae74d0deff470a64402ffedb25a
x-gumlet-reqid
5ef8ed672840c846b4ea9ba6
age
4057925
x-gumlet-oc
HIT
x-cache
Hit from cloudfront
status
200
x-gumlet-runtime
0.381
content-length
2156
date
Sun, 28 Jun 2020 19:20:07 GMT
vary
accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=8640000
x-server
Gumlet
x-amz-cf-pop
DUS51-C1
link
<https://www.ketto.org/assets/images/verifiednew.png>; rel="canonical"
x-amz-cf-id
sPnbnDjT3t8yGVsA-z5Y1ES0iRZTIfJdUpKaHhSYfFuHNomzMVgqzg==
5ee1d5ee37832.jpeg
prod_cdn.gumlet.io/media/campaign/206000/206351/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod_cdn.gumlet.io/media/campaign/206000/206351/image/5ee1d5ee37832.jpeg?w=300&dpr=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:9200:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
db8b216d30b0e81f129a25f3d9584be62a434752f6ac1c8687062ffe51efa65b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
etag
5eeedef1bb5034a318ee17a5616fa14e
x-gumlet-reqid
5f36d835ab4421abca77cb2d
age
119
x-cache
Hit from cloudfront
status
200
x-gumlet-runtime
0.142
vary
accept
content-length
3118
link
<https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/206000/206351/image/5ee1d5ee37832.jpeg>; rel="canonical"
date
Fri, 14 Aug 2020 18:30:13 GMT
access-control-max-age
1728000
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=8640000
x-server
Gumlet
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id
O-auThgh13GhqTXGF_ZdAPHAQD8ppchKIjJnV4EXZRU6kcYd_7OaUA==
5ee1d5f2e631f.jpeg
prod_cdn.gumlet.io/media/campaign/206000/206351/image/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod_cdn.gumlet.io/media/campaign/206000/206351/image/5ee1d5f2e631f.jpeg?w=750&dpr=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:9200:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
51d5890f7df99a32c05b5b8ca8d73bfcfd104d967e1f31fb483e2325fbb5607a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
etag
5cb8d2e335ba1819cfb91960213e4df3
x-gumlet-reqid
5f3048c49d469d1fef53724c
age
430056
x-cache
Hit from cloudfront
status
200
x-gumlet-runtime
0.152
content-length
25458
link
<https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/206000/206351/image/5ee1d5f2e631f.jpeg>; rel="canonical"
date
Sun, 09 Aug 2020 19:04:36 GMT
vary
accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=8640000
x-server
Gumlet
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id
tPMP4cgVGAYf6fWj6tfuErzRlqg9Wm-68of_ei3qzJbz97cZbxKnbA==
5ee1db07c920e.jpeg
prod_cdn.gumlet.io/media/campaign/206000/206351/image/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod_cdn.gumlet.io/media/campaign/206000/206351/image/5ee1db07c920e.jpeg?w=100&dpr=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:9200:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ed0f466e5c44092712e5a38ba7d28bdc2ec723c8021061367be609b51e413053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
etag
26f2e7d6247ab78f1a8eb3206f3b10fb
x-gumlet-reqid
5f36d83525e4306d4e5bc0b6
age
119
x-cache
Hit from cloudfront
status
200
x-gumlet-runtime
0.319
vary
accept
content-length
2018
link
<https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/206000/206351/image/5ee1db07c920e.jpeg>; rel="canonical"
date
Fri, 14 Aug 2020 18:30:13 GMT
access-control-max-age
1728000
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=8640000
x-server
Gumlet
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id
P__Zpxk1Lmukb844Xzyl-llq1usjwhEzXbqc6ibOkUxr4BS3_0couQ==
5ee1db1a021f0.jpeg
prod_cdn.gumlet.io/media/campaign/206000/206351/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod_cdn.gumlet.io/media/campaign/206000/206351/image/5ee1db1a021f0.jpeg?w=100&dpr=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:9200:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
41b568e968c08fc3a5a347bd3d84db33cb7e98438f08d3c8f4a9889e2a3fba6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
etag
6154791dff28476a0509bdf7f9d5ca49
x-gumlet-reqid
5f36d835ded4765016ff7e51
age
119
x-cache
Hit from cloudfront
status
200
x-gumlet-runtime
0.027
vary
accept
content-length
1834
link
<https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/206000/206351/image/5ee1db1a021f0.jpeg>; rel="canonical"
date
Fri, 14 Aug 2020 18:30:13 GMT
access-control-max-age
1728000
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=8640000
x-server
Gumlet
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id
vKFmKC8tb-Tdih2wF_0GpKY3w7m3mkeVEdjik-7EqKN1A0jx7vweRQ==
5ee1db4d61989.jpeg
prod_cdn.gumlet.io/media/campaign/206000/206351/image/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod_cdn.gumlet.io/media/campaign/206000/206351/image/5ee1db4d61989.jpeg?w=100&dpr=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:9200:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9a3932f28efb422f36033362a44764f876d09b6a6e786b09fecdc016b7865091
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
etag
e3ba5d42fc206f7a87485dbb8f8c1975
x-gumlet-reqid
5f36d835ded476f380ff7e50
age
119
x-cache
Hit from cloudfront
status
200
x-gumlet-runtime
0.124
vary
accept
content-length
2302
link
<https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/206000/206351/image/5ee1db4d61989.jpeg>; rel="canonical"
date
Fri, 14 Aug 2020 18:30:13 GMT
access-control-max-age
1728000
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=8640000
x-server
Gumlet
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id
1SMcGmWwNSTQY7UmzAtcsBIJBkY6k64ont2hPTXVuGm6QYPFSeOAhA==
/
sessions.bugsnag.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Server
2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://www.ketto.org
Sec-Fetch-Mode
cors

Response headers

status
200
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Fri, 14 Aug 2020 18:32:12 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ 		21 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Bugsnag-Sent-At
2020-08-14T18:32:12.119Z
Bugsnag-Api-Key
0d02ac2f63382263e24f75c0adad288e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

status
202
date
Fri, 14 Aug 2020 18:32:12 GMT
via
1.1 google
access-control-allow-origin
*
alt-svc
clear
content-length
21
content-type
application/json
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.1/css/ 		26 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.1/css/intlTelInput.css
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cce6e5d4db8fd4dec2379cc054c78e777a327a933d6d9375f6474aa519892f9c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.ketto.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
11391721
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
048fd778930000d6cd893cb200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Sun, 23 Sep 2018 19:15:50 GMT
server
cloudflare
etag
W/"5ba7e666-69f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5c2cc1d41d48d6cd-FRA
expires
Wed, 04 Aug 2021 18:32:12 GMT
intlTelInput.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.7/js/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.7/js/intlTelInput.min.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/main.7d94bcd077df7bd8ba82.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e633512e073479016d035b9de91da37671226b49e09dd2e874a738dfd334678
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
11391689
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
048fd778a70000d6cd893ce200000001
served-in-seconds
0.011
timing-allow-origin
*
last-modified
Mon, 07 Jan 2019 10:15:55 GMT
server
cloudflare
etag
W/"5c3326db-6c25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5c2cc1d43db5d6cd-FRA
expires
Wed, 04 Aug 2021 18:32:12 GMT
png;base64,
data:image/ 		0
0
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 17:59:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1942
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Fri, 14 Aug 2020 18:59:50 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=591214109&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3D...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=1276580915.1597429932&jid=1661265729&_gid=1642791541.1597429932&gjid=1705609034&_v=j83&z=2017006611
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1276580915.1597429932&jid=1661265729&_v=j83&z=2017006611
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1276580915.1597429932&jid=1661265729&_v=j83&z=2017006611&slf_rd=1&random=2655009917
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1276580915.1597429932&jid=1661265729&_v=j83&z=2017006611&slf_rd=1&random=2655009917
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1276580915.1597429932&jid=1661265729&_v=j83&z=2017006611&slf_rd=1&random=2655009917
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=591214109&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&ul=en-us&de=UTF-8&dt=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Campaign%20Viewed&ea=page_load&el=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20lymphoblastic%20leukemia%20Treatment&_u=YEDAAEAL~&jid=&gjid=&cid=1276580915.1597429932&tid=UA-30181760-1&_gid=1642791541.1597429932&gtm=2wg871MJRMLZ&cd7=150&cd8=savevinod&cd9=206351&cd10=ad&z=592061122
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Aug 2020 05:42:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
219009
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
441308802710601
connect.facebook.net/signals/config/ 		525 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/441308802710601?v=2.9.23&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7c695d9789ba783d8e1b5baaf2443a5900bf358f907181497d4dfd0664bd868
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
135496
x-xss-protection
0
pragma
public
x-fb-debug
uaU/6409+oTu2iVR5xmVLu2NIS/P3EjIc7r8M/0ldTzWW9Sec7sUhtn+UARd5Qtq7h7RH0JpTrmAXwVzM1e6+g==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 14 Aug 2020 18:32:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
10111660.json
s.yimg.com/wi/config/ 		2 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10111660.json
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:26:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319
status
200
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
D051839B13A267BB
x-amz-id-2
srkgUvlCUMfIvryjSgYZ1CkBjXGixHOm63VfN9dJW62CHe4mrMTPvEHyoFDecDd0kkJwpj7CTkA=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
22
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/?random=1597429932413&cv=9&fst=1597429932413&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a33f02ebe6efe031be014c0bbd9afdd1a6ffc4d72b8183b6f9cc794f8d7a986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1173
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/622239721/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/622239721/?random=1597429932421&cv=9&fst=1597429932421&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c41098571bc690aaf6e50aa3cf589fe3d64d6e71a25f32007501052f1bc8b631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1118
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/?random=1597429932427&cv=9&fst=1597429932427&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6017284e0a28ad4de960ac1a84895ff33affa3dcedd1eed83e10281842a6ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1118
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/622239721/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/622239721/?random=1597429932428&cv=9&fst=1597429932428&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&ig=1&data=Event%3DCampaign%20Viewed&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c49714c8bf7f84acc1bfc94e4deac9be7ab6e541ad284b5fd84c8cc221a675d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1139
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/?random=1597429932432&cv=9&fst=1597429932432&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d51429fd2b1c769c26d925b62ffa12bc250dda9a3c287ba93c3eab42eb8b3992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1119
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
tr.outbrain.com/ 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/pixel?marketerId=00c4a3d639c5d8cf6adaf0b53603f6fcd9&obApiVersion=1.0-gtm&obtpVersion=1.2.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&optOut=false&bust=01856095145893375
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 14 Aug 2020 18:32:12 GMT
Cache-Control
no-cache
Connection
close
X-TraceId
5b1baa1f970b68132791e8fc4ff18bc3
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
pixel
amplifypixel.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplifypixel.outbrain.com/pixel?mid=00c4a3d639c5d8cf6adaf0b53603f6fcd9&dl=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&bust=033510981190914935
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 14 Aug 2020 18:32:12 GMT
Cache-Control
no-cache
X-TraceId
94ac174aa6a26751d01063a40a693001
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
pixel
tr.outbrain.com/ 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/pixel?marketerId=00c4a3d639c5d8cf6adaf0b53603f6fcd9&obApiVersion=1.0-gtm&obtpVersion=1.2.0&name=View-Content&dl=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&optOut=false&bust=034998072862379215
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 14 Aug 2020 18:32:12 GMT
Cache-Control
no-cache
Connection
close
X-TraceId
dfa64ce4c89c7bbaac68bb14c1d32ed9
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
json
trc.taboola.com/1271067/trc/3/ 		737 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1271067/trc/3/json?tim=1597429932449&data=%7B%22id%22%3A896%2C%22ii%22%3A%22%2Ffundraiser%2Fsavevinod%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1597429932442%2C%22cv%22%3A%2220200727-34-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dketto2-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22supv%22%3Atrue%2C%22mpv%22%3Atrue%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1201088/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a7b50dfcab566a113cdaae1110936451ea77f572d3e9e21aeb392485295f542

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
gzip
access-control-allow-origin
*
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
x-served-by
cache-hhn4032-HHN
server
nginx
x-timer
S1597429933.539113,VS0,VE15
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
a
wzrkt.com/ 		312 B
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wzrkt.com/a?t=96&type=page&d=N4IgrgziBcIKYA8AucBOA7AhgGwPoBMIkQAacAWxnnMwEttTwBjKiTANzndvQHt9GtAbAAsAJQBsAWhEB2ABxSxYkQC1GABwDmMAIxkm2qgAskSDRGgB6KwHd7AOgDWcM7we9UWqwDMw6fFQ6CDQrNk5uPnwAfg1MAE9yOHQkAF4fT3IAMjAkclwmTHI42i10VPCuHn4cvNwk%2FFowclS4Gnpa%2FIheMFQmOFbkNCw8QiRO3BRUFo1dRgB1VTEAaVwAYQBBAFkABRhQW2KYAAYyJGwWaABtAF0AXzugA%3D%3D&rn=1&i=1597429932&sn=0&r=1597429932509
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.183.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-183-28.ccu50.r.cloudfront.net
Software
/
Resource Hash
4a59ca491e6c4a6722969a7fc5b9007bf21d4cdcf067411dd4ab14ff044e4457

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Aug 2020 18:32:13 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
CCU50-C1
Vary
Accept-Encoding, User-Agent
X-Cache
Miss from cloudfront
Content-Type
text/javascript;charset=utf-8
Via
1.1 92cc0439118c9e0fcd36aef16b426b2a.cloudfront.net (CloudFront)
Cache-Control
no-cache, no-store
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
InmNhU-2Xijj3Nt6cRQDLGJq-p_dAYUZa5IAl0JTjyZ7BAQhynufWQ==
Expires
Thu, 01 Jan 1970 00:00:00 GMT, 0
all.js
connect.facebook.net/en_US/ 		194 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=7ab56c1fb6c0d122ff6c75bccd9d2857&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
07f5a5f5b67808234afebb80fd75e40c06f77207095b66ce7427997ad819da56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.ketto.org
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ubV2WLyEdQ0aYpl8AaBgjg==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
59455
etag
"a6dcdd62636bdda27e90edf23a3e6581"
x-fb-debug
4ufphz4rcU/8UiGo5tb315aSAGMFcYF9R5A9JxLXkqKI1v5vD73VNlVkk3Fui5kdl8L6a56gU4qePPKTqwjzgA==
x-fb-trip-id
664085054
x-fb-content-md5
3c4baa300852a62c699614e4c37a257c
x-frame-options
DENY
date
Fri, 14 Aug 2020 18:32:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Sat, 14 Aug 2021 17:36:36 GMT
comments
www.ketto.org/api/fundraisers/savevinod/updates/28204/ 		241 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/api/fundraisers/savevinod/updates/28204/comments?limit=5
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-29.dus51.r.cloudfront.net
Software
nginx/1.11.9 /
Resource Hash
6fd3d4cf960299fedbb7546cbe23a19b636220e05499d6c978bdaeb4d6430147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Authorization
Bearer false
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Aug 2020 18:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
x-cache
Hit from cloudfront
status
200
content-length
176
x-xss-protection
1; mode=block
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
via
1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control
no-cache, private
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
RxfvvYut_zu1PBzGYq6eiQx1sTGXzFCvHLsbiPS-HhfwpnWojKRKFQ==
settings.js
dev.visualwebsiteoptimizer.com/ 		664 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=326437&settings_type=2&vn=6.0&r=0.35652803241966113&u=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&exc=3|4|235|232|234|236
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/6.0/va-44ab19c220e47f67e9b7970ae24b5af7.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
26fc65d7f799be0ee7d6d4998f67bb94c4a22767ae7af31000fda43506a2901a

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 14 Aug 2020 18:32:11 GMT
content-encoding
gzip
server
gfra1
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google
content-type
application/javascript; charset=UTF-8
modules.fde1c85c7473045cc873.js
script.hotjar.com/ 		356 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.fde1c85c7473045cc873.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-200024.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress9
Software
/
Resource Hash
ddfaf0eb6f2f170c6df090e1e32e9edf711892f7f6cc8ad3bb6375538f111b82

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
br
age
28076
status
200
section-io-cache
Hit
content-length
71116
last-modified
Fri, 14 Aug 2020 10:40:59 GMT
etag
"8ab31851630d21db2d3cce076a2f447c"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.090
section-io-id
3efec95f8f13c848df2693751a7d02a4
accept-ranges
bytes
content-type
application/javascript
section-origin-responded
true
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-782023289
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92f410985c0233c9abcba33b98f05b3e24d5ea3e80f5083466d545e94d49ec43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11332
x-xss-protection
0
server
cafe
etag
5272426352805486351
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 14 Aug 2020 18:32:12 GMT
84435
stags.bluekai.com/site/ Frame 2B97 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://stags.bluekai.com/site/84435?ret=html&phint=__bk_t%3DI%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&phint=__bk_k%3DI%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20lymphoblastic%20leukemia%20Treatment%2C%20Vinod%20Nakti%2C%20Ketto%2C%20crowdfunding%20platform%20in%20India%2C%20raise%20funds%2C%20fundraiser&phint=__bk_l%3Dhttps%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&phint=__bk_v%3D3.1.5&limit=1&r=25780875
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.150.214 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-150-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
stags.bluekai.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1

Response headers

Content-Type
text/html
Content-Length
71
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server
5608
Date
Fri, 14 Aug 2020 18:32:12 GMT
Connection
keep-alive
X-N
S
5334c4de22bc0143499bfc38fff0260ee7fc0741.jpg
prod_cdn.gumlet.io/media/individual/876000/876229/image/ 		814 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod_cdn.gumlet.io/media/individual/876000/876229/image/5334c4de22bc0143499bfc38fff0260ee7fc0741.jpg?w=50&dpr=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:9200:d:a7d1:b5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2b925539d5d7ce5faaf577626312488f1f175172b92ae4d198a5e0c984998905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-gumlet-pc
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
etag
03458087e622a4bd908ebd3fb017acf9
x-gumlet-reqid
5f36d836ded47667e3ff7e5a
age
118
x-cache
Hit from cloudfront
status
200
x-gumlet-runtime
0.142
vary
accept
content-length
814
link
<https://d1vdjc70h9nzd9.cloudfront.net/media/individual/876000/876229/image/5334c4de22bc0143499bfc38fff0260ee7fc0741.jpg>; rel="canonical"
date
Fri, 14 Aug 2020 18:30:14 GMT
access-control-max-age
1728000
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=8640000, s-maxage=8640000
x-server
Gumlet
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id
yuW3KJmMNY0bLy5CC4Kdlx_vHeN2UZGwU4uwqvVbWp1bb0t8TROxPQ==
adsct
analytics.twitter.com/i/ 		31 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nys4q&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
115
pragma
no-cache
last-modified
Fri, 14 Aug 2020 18:32:12 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
348af216d72db49369c361b1fcaacadb
x-transaction
00bb9aa600660dd9
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nys4q&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
118
pragma
no-cache
last-modified
Fri, 14 Aug 2020 18:32:12 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
f34e5ca485c54f3da5a1fa7f600cafba
x-transaction
0062be980051ec73
expires
Tue, 31 Mar 1981 05:00:00 GMT
1x1.gif
a.mgid.com/ 		43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=321038&type=c&tg=&r=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:12 GMT
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
5c2cc1d7cfee0847-CDG
content-type
image/gif
cf-request-id
048fd77ae000000847a4a41200000001
i
tr.snapchat.com/cm/ Frame 3111 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=063d31e7-94b2-4f93-9267-59adb398a633
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=063d31e7-94b2-4f93-9267-59adb398a633
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1

Response headers

status
200
server
nginx/1.17.3
date
Fri, 14 Aug 2020 18:32:13 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ 		68 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=063d31e7-94b2-4f93-9267-59adb398a633&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&ts=1597429932825&rf=&v=1.5&if=false&bt=__LIVE__&intg=gtm&u_c1=c3d3ad4f-f7a4-409b-82b2-6eb3cb45cdd6&m_sl=6573&m_rd=6761&m_pi=4308&m_pl=5431&m_ic=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:12 GMT
via
1.1 google
server
nginx/1.17.3
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 8206 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-200024.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.229 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress12
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1

Response headers

status
200
date
Fri, 14 Aug 2020 18:32:12 GMT
content-type
text/html
content-length
851
last-modified
Thu, 13 Aug 2020 13:57:17 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.045
section-origin-responded
true
age
40921
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
bc789f6a529e7c7a7e06e40be794d523
sp.pl
sp.analytics.yahoo.com/ 		0
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2014%20Aug%202020%2018%3A32%3A12%20GMT&n=-2d&b=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&.yp=10111660&f=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&enc=UTF-8&tagmgr=gtm
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 14 Aug 2020 18:32:12 GMT
X-Content-Type-Options
nosniff
Age
0
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
ATS
X-Frame-Options
DENY
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
no-cache, private, must-revalidate
Accept-Ranges
bytes
Expires
Fri, 14 Aug 2020 18:32:12 GMT
utils.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.7/js/ 		223 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/14.0.7/js/utils.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/main.7d94bcd077df7bd8ba82.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
800604bedd860adda78f58db0fdd76818c0f4106cc377ab0422a893d13ef0e2f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
16365743
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
048fd77b630000d6cd8900b200000001
served-in-seconds
0.004
timing-allow-origin
*
last-modified
Mon, 07 Jan 2019 10:15:55 GMT
server
cloudflare
etag
W/"5c3326db-37cab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5c2cc1d89879d6cd-FRA
expires
Wed, 04 Aug 2021 18:32:12 GMT
js-sha256-v1.min.js
sc-static.net/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/js-sha256-v1.min.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Origin
https://www.ketto.org
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 13 Aug 2020 19:10:26 GMT
content-encoding
gzip
age
84107
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 05 Apr 2019 00:32:08 GMT
server
AmazonS3
etag
W/"68f2467c84878293c9ee497dbc99a17f"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Type
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
-Ze1AVE6WRwQcavxXJ9c5NoMV0BtVSC25JGBYrSgOsg5uHyaFislyQ==
crosdom.html
vts.zohopublic.com/ Frame 9E68 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vts.zohopublic.com/crosdom.html
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.141.43.144 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
AWServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Host
vts.zohopublic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1

Response headers

Last-Modified
Thu, 13 Aug 2020 23:52:28 PDT
Content-Type
text/html
Content-Length
4295
Date
Fri, 14 Aug 2020 11:32:13 PDT
Connection
Keep-Alive
Server
AWServer
Strict-Transport-Security
max-age=15768000
/
sessions.bugsnag.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Server
2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://www.ketto.org
Sec-Fetch-Mode
cors

Response headers

status
200
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Fri, 14 Aug 2020 18:32:13 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ 		21 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
Bugsnag-Sent-At
2020-08-14T18:32:12.953Z
Bugsnag-Api-Key
0d02ac2f63382263e24f75c0adad288e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

status
202
date
Fri, 14 Aug 2020 18:32:13 GMT
via
1.1 google
access-control-allow-origin
*
alt-svc
clear
content-length
21
content-type
application/json
getembeddetails.ls
salesiq.zoho.com/ 		32 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://salesiq.zoho.com/getembeddetails.ls?widgetcode=b6094acc00a47339ab1721bce0e4ec1b7c9655e6d748c965b8a9f3dfb00d5f3ee227628657475a895017d49e99cd163a&fetchavuid=true&fetchapilang=true&lang_browser=en&currdomain=https%3A%2F%2Fketto.org&pagetitle=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.141.42.111 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
41469ad284d7d852dbdb252c1ffc9f87e4886060d58abe0e849c0b948caac077
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 14 Aug 2020 18:32:13 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin
Server
ZGS
X-Frame-Options
SAMEORIGIN
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.ketto.org
Connection
keep-alive
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000
Access-Control-Allow-Credentials
true
vary
accept-encoding
X-XSS-Protection
1
pixel
tr.outbrain.com/ 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/pixel?marketerId=00c4a3d639c5d8cf6adaf0b53603f6fcd9&obApiVersion=1.0-gtm&obtpVersion=1.2.0&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&optOut=false&bust=047254697907620846
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 14 Aug 2020 18:32:13 GMT
Cache-Control
no-cache
Connection
close
X-TraceId
e7c7333e5a715bb2e2f08eb52e23d67c
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
pixel
amplifypixel.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplifypixel.outbrain.com/pixel?mid=00c4a3d639c5d8cf6adaf0b53603f6fcd9&dl=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&bust=0612899427675099
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 14 Aug 2020 18:32:13 GMT
Cache-Control
no-cache
X-TraceId
fc8a3897466bc4b7706fd18ba263e16c
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
unip
trc.taboola.com/1271067/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1271067/log/3/unip?en=view_content&tim=1597429932904&vi=1597429932442&ri=1d3c52cdc9065e13f538ee269b47453f&sd=v2_61c7a792f73e978d88e0c112c00b2361_8221cc00-7cee-43df-baf5-95662606ccee-tuct6305e2c_1597429932_1597429932_CNawjgYQm8pNGJrD-fG-LiABKAEwSjjE1whA94sQSNuF2ANQ46EPWABgAGjipqqRsq2X4nA&ui=8221cc00-7cee-43df-baf5-95662606ccee-tuct6305e2c&ref=null&cv=20200727-34-RELEASE
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Fri, 14 Aug 2020 18:32:13 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-hhn4032-HHN
pragma
no-cache
server
nginx
x-timer
S1597429933.015132,VS0,VE8
content-type
image/gif
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
json
trc.taboola.com/1201088/trc/3/ 		736 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1201088/trc/3/json?tim=1597429933000&data=%7B%22id%22%3A224%2C%22ii%22%3A%22%2Ffundraiser%2Fsavevinod%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3A%228221cc00-7cee-43df-baf5-95662606ccee-tuct6305e2c%22%2C%22vi%22%3A1597429932442%2C%22cv%22%3A%2220200727-34-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dketto2-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22supv%22%3Atrue%2C%22mpv%22%3Atrue%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1201088/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f87cca9f04141732bd28eb8ac5c5325cc3edf721b1dfe16fab48dc108b236d7d

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
22
date
Fri, 14 Aug 2020 18:32:13 GMT
content-encoding
gzip
access-control-allow-origin
*
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
x-served-by
cache-hhn4032-HHN
server
nginx
x-timer
S1597429933.025184,VS0,VE22
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/622239721/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/622239721/?random=1597429933064&cv=9&fst=1597429933064&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
805d679fc05656d2d48c625d78e8304c9a59c90c072b44178abc67f82e9d226b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1143
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/?random=1597429933067&cv=9&fst=1597429933067&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b8dfa0df8e13cc260c1e6bd170f230e000852ac86c667e9d9f907698ea669db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1142
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		664 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=326437&settings_type=2&vn=6.0&r=0.09132773561022312&u=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&exc=3|4|235|232|234|236
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/6.0/va-44ab19c220e47f67e9b7970ae24b5af7.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
2da6f31d355efa94789f1639a7e522b81e0b0d455da9d66f151c2208dfc32f8d

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 14 Aug 2020 18:32:13 GMT
content-encoding
gzip
server
gfra1
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google
content-type
application/javascript; charset=UTF-8
collect
www.google-analytics.com/ 		35 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=591214109&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&ul=en-us&de=UTF-8&dt=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=Product%20View&_u=aGDAAEAL~&jid=&gjid=&cid=1276580915.1597429932&tid=UA-30181760-1&_gid=1642791541.1597429932&gtm=2wg871MJRMLZ&pal=campaign&pa=detail&pr1nm=savevinod&pr1id=206351&pr1ca=ad&pr1va=150&z=673927980
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Aug 2020 05:42:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
219010
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/782023289/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/782023289/?random=1597429932413&cv=9&fst=1597428000000&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=1392863369&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/782023289/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/782023289/?random=1597429932413&cv=9&fst=1597428000000&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=1392863369&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/622239721/ 		42 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/622239721/?random=1597429932421&cv=9&fst=1597428000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=3550494906&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/622239721/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/622239721/?random=1597429932421&cv=9&fst=1597428000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=3550494906&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/963384337/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/963384337/?random=1597429932427&cv=9&fst=1597428000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=3685986316&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/963384337/ 		42 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/963384337/?random=1597429932427&cv=9&fst=1597428000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=3685986316&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/622239721/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/622239721/?random=1597429932428&cv=9&fst=1597428000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&data=Event%3DCampaign%20Viewed&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=2996640836&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/622239721/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/622239721/?random=1597429932428&cv=9&fst=1597428000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&data=Event%3DCampaign%20Viewed&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=2996640836&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/930975017/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/930975017/?random=1597429932432&cv=9&fst=1597428000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=1968541295&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/930975017/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/930975017/?random=1597429932432&cv=9&fst=1597428000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg871&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=1968541295&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=441308802710601&ev=PageView&dl=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&rl=&if=false&ts=1597429933226&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1597429933225.432651726&it=1597429932405&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:13 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 14 Aug 2020 18:32:13 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=441308802710601&ev=ViewContent&dl=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&rl=&if=false&ts=1597429933230&sw=1600&sh=1200&v=2.9.23&r=stable&ec=1&o=30&fbp=fb.1.1597429933225.432651726&it=1597429932405&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:13 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 14 Aug 2020 18:32:13 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=287403324698248&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&sdk=joey&wants_cookie_data=false
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
FYzBUzdQLjMP+wb0Yij5s8W0EVKKSRj4WtPh4DTEHZP6wsYhfylR+0fx0KIDHgKSmuYL+6NrxdAVWPFn6jAGvQ==
fb-s
unknown
status
200
date
Fri, 14 Aug 2020 18:32:13 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ketto.org
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
floatbutton_9a34f10066ee384f6018af3a89b5caef_.css
css.zohocdn.com/salesiq/https/styles/ 		88 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.zohocdn.com/salesiq/https/styles/floatbutton_9a34f10066ee384f6018af3a89b5caef_.css
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.186.243.147 , United Kingdom, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
482dc958407776ef68a7c028342c6ca937f7b3247775ea2515c1497d4c80114f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/css
x-cache
HIT
status
200
vary
Origin, Accept-Encoding
content-length
15432
x-xss-protection
1
x-sts-request-id
ex1-5f1eb4114d986f2a19996c3b
last-modified
Mon, 27 Jul 2020 08:51:03 GMT
server
ZGS
x-frame-options
SAMEORIGIN
etag
"23dc56399f38439843dfb9d31263c620"
strict-transport-security
max-age=15768000
content-language
en-US
access-control-allow-origin
*
cache-control
public, max-age=15552000, must-revalidate, proxy-revalidate
accept-ranges
bytes
timing-allow-origin
*
floatbutton_cbfca76155ec0e3a3030f32d11f9605d_.js
js.zohocdn.com/salesiq/https/js/ 		54 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zohocdn.com/salesiq/https/js/floatbutton_cbfca76155ec0e3a3030f32d11f9605d_.js
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.186.243.147 , United Kingdom, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
82a2a22fe2428db4e7e8eb0cf863ebbb81ff6594ee14a35e43f08b37ce0d65e9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:13 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript
x-cache
HIT
status
200
vary
Origin, Accept-Encoding
content-length
11944
x-xss-protection
1
x-sts-request-id
ex1-5f34ae384d986f2a19ae1c2b
last-modified
Wed, 12 Aug 2020 14:27:09 GMT
server
ZGS
x-frame-options
SAMEORIGIN
etag
"8b1169fe61e2048bb802d2e639f97e57"
strict-transport-security
max-age=15768000
content-language
en-US
access-control-allow-origin
*
cache-control
public, max-age=15552000, must-revalidate, proxy-revalidate
accept-ranges
bytes
timing-allow-origin
*
200024
vc.hotjar.io/sessions/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/200024?s=0.25
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress4
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 14 Aug 2020 18:32:13 GMT
access-control-allow-origin
*
section-io-id
ba08724641a7ae8dd1be55489b02853d
section-origin-responded
true
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/?random=1597429933394&cv=9&fst=1597429933394&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a89d40d5e47bd72115236ff1c2823cadd9f806c9b724b0315b293643cf409091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1146
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/622239721/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/622239721/?random=1597429933397&cv=9&fst=1597429933397&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39d680608912d99a0e18c8ac3d1ead7a72b9688f6d94a8ac4656a4c6588ebb3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1144
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unip
trc.taboola.com/1201088/log/3/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1201088/log/3/unip?en=view_content&tim=1597429932921&vi=1597429932442&ri=122c129f8c0480756b9dab9dd27ca82b&sd=v2_5454cc342744942af6fd076061dc15d0_8221cc00-7cee-43df-baf5-95662606ccee-tuct6305e2c_1597429933_1597429933_CNawjgYQwKdJGJrD-fG-LiABKAMwSjjE1whA94sQSNuF2ANQ46EPWABgAGjipqqRsq2X4nA&ui=8221cc00-7cee-43df-baf5-95662606ccee-tuct6305e2c&ref=null&cv=20200727-34-RELEASE
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Fri, 14 Aug 2020 18:32:13 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-hhn4032-HHN
pragma
no-cache
server
nginx
x-timer
S1597429933.428800,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
p
tr.snapchat.com/ 		68 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=063d31e7-94b2-4f93-9267-59adb398a633&ev=VIEW_CONTENT&pl=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&ts=1597429933432&rf=&v=1.5&if=false&bt=__LIVE__&u_hem=FFF7b7416ec1f35b8a794c92887c2c62529b2179b6fa911173803c59c0c463ba572&u_c1=c3d3ad4f-f7a4-409b-82b2-6eb3cb45cdd6&intg=gtm&m_sl=6573&m_rd=7368&m_pi=4308&m_pl=5431&m_ic=0
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:13 GMT
via
1.1 google
server
nginx/1.17.3
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
/
www.google.com/pagead/1p-user-list/782023289/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/782023289/?random=1597429933067&cv=9&fst=1597428000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=2023324715&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/782023289/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/782023289/?random=1597429933067&cv=9&fst=1597428000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=2023324715&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/622239721/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/622239721/?random=1597429933064&cv=9&fst=1597428000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=2403149307&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/622239721/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/622239721/?random=1597429933064&cv=9&fst=1597428000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=2403149307&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/782023289/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/782023289/?random=1597429933394&cv=9&fst=1597428000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=896868251&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/782023289/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/782023289/?random=1597429933394&cv=9&fst=1597428000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=896868251&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/622239721/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/622239721/?random=1597429933397&cv=9&fst=1597428000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=2492847862&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/622239721/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/622239721/?random=1597429933397&cv=9&fst=1597428000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa871&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Ffundraiser%2Fsavevinod%3Fpayment%3Dform%26utm_campaign%3Dsavevinod%26utm_medium%3Demail%26utm_source%3Dexternal_dst%26utm_term%3Dp1&tiba=I%20Need%20Your%20Urgent%20Support%20For%20My%20Acute%20Lymphoblastic%20Leukemia%20Treatment%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=2492847862&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
38 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary8l3o2FTZv7EHlGwF

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Fri, 14 Aug 2020 18:32:13 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.ketto.org
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
unip
trc-events.taboola.com/1201088/log/3/ 		0
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1201088/log/3/unip?en=pre_d_eng_tb&tos=1503&scd=46&ssd=1&est=1597429932446&ver=27&isls=true&src=i&invt=1500&tim=1597429933949&vi=1597429932442&ri=122c129f8c0480756b9dab9dd27ca82b&sd=v2_5454cc342744942af6fd076061dc15d0_8221cc00-7cee-43df-baf5-95662606ccee-tuct6305e2c_1597429933_1597429933_CNawjgYQwKdJGJrD-fG-LiABKAMwSjjE1whA94sQSNuF2ANQ46EPWABgAGjipqqRsq2X4nA&ui=8221cc00-7cee-43df-baf5-95662606ccee-tuct6305e2c&ref=null&cv=20200727-34-RELEASE
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:14 GMT
server
nginx
x-fastly-to-nlb-rtt
51802
status
204
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.40.0.117:10213
unip
trc-events.taboola.com/1271067/log/3/ 		0
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1271067/log/3/unip?en=pre_d_eng_tb&tos=1503&scd=46&ssd=1&est=1597429932446&ver=27&isls=true&src=i&invt=1500&tim=1597429933949&vi=1597429932442&ri=1d3c52cdc9065e13f538ee269b47453f&sd=v2_61c7a792f73e978d88e0c112c00b2361_8221cc00-7cee-43df-baf5-95662606ccee-tuct6305e2c_1597429932_1597429932_CNawjgYQm8pNGJrD-fG-LiABKAEwSjjE1whA94sQSNuF2ANQ46EPWABgAGjipqqRsq2X4nA&ui=8221cc00-7cee-43df-baf5-95662606ccee-tuct6305e2c&ref=null&cv=20200727-34-RELEASE
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:14 GMT
server
nginx
x-fastly-to-nlb-rtt
51802
status
204
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.30.10:10213
unip
trc-events.taboola.com/1201088/log/3/ 		0
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1201088/log/3/unip?en=pre_d_eng_tb&tos=4504&scd=46&ssd=1&est=1597429932446&ver=27&isls=true&src=i&invt=3000&tim=1597429936950&vi=1597429932442&ri=122c129f8c0480756b9dab9dd27ca82b&sd=v2_5454cc342744942af6fd076061dc15d0_8221cc00-7cee-43df-baf5-95662606ccee-tuct6305e2c_1597429933_1597429933_CNawjgYQwKdJGJrD-fG-LiABKAMwSjjE1whA94sQSNuF2ANQ46EPWABgAGjipqqRsq2X4nA&ui=8221cc00-7cee-43df-baf5-95662606ccee-tuct6305e2c&ref=null&cv=20200727-34-RELEASE
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:17 GMT
server
nginx
x-fastly-to-nlb-rtt
54937
status
204
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.24.10:10213
unip
trc-events.taboola.com/1271067/log/3/ 		0
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1271067/log/3/unip?en=pre_d_eng_tb&tos=4504&scd=46&ssd=1&est=1597429932446&ver=27&isls=true&src=i&invt=3000&tim=1597429936951&vi=1597429932442&ri=1d3c52cdc9065e13f538ee269b47453f&sd=v2_61c7a792f73e978d88e0c112c00b2361_8221cc00-7cee-43df-baf5-95662606ccee-tuct6305e2c_1597429932_1597429932_CNawjgYQm8pNGJrD-fG-LiABKAEwSjjE1whA94sQSNuF2ANQ46EPWABgAGjipqqRsq2X4nA&ui=8221cc00-7cee-43df-baf5-95662606ccee-tuct6305e2c&ref=null&cv=20200727-34-RELEASE
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.322ccf2294111b9a8acf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Aug 2020 18:32:17 GMT
server
nginx
x-fastly-to-nlb-rtt
54937
status
204
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.40.20.11:10213
newembedtheme_714b9745619d0d1f2eba0d69108c0341_.css
css.zohocdn.com/salesiq/https/styles/ Frame 5723 		170 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.zohocdn.com/salesiq/https/styles/newembedtheme_714b9745619d0d1f2eba0d69108c0341_.css
Requested by
Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_cbfca76155ec0e3a3030f32d11f9605d_.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.186.243.147 , United Kingdom, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
c81e1298449ad885352b9de05ea2f4967cbbe071b226d5b26374c9745108cf36
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/css
x-cache
HIT
status
200
vary
Origin, Accept-Encoding
content-length
31975
x-xss-protection
1
x-sts-request-id
ex1-5f33c9f0571b62085385a3f9
last-modified
Wed, 12 Aug 2020 10:50:22 GMT
server
ZGS
x-frame-options
SAMEORIGIN
etag
"d34a082dc9ca866939c0527899e7d9c7"
strict-transport-security
max-age=15768000
content-language
en-US
access-control-allow-origin
*
cache-control
public, max-age=15552000, must-revalidate, proxy-revalidate
accept-ranges
bytes
timing-allow-origin
*
wmsliteapi.js
js.zohostatic.com/ichat/May_30_2020_1_https/js/ Frame 5723 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zohostatic.com/ichat/May_30_2020_1_https/js/wmsliteapi.js
Requested by
Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_cbfca76155ec0e3a3030f32d11f9605d_.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.141.42.123 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
b7c67909be928aae5939c02903dc19264309f09ea261c624d3ecc5d28b58230e

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 14 Aug 2020 18:32:19 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 May 2020 10:09:02 GMT
Server
ZGS
ETag
"5ed230be-107b"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
4219
Expires
Sat, 14 Aug 2021 18:32:19 GMT
siqnewchatwindow_a9bb41d967a481da17a7ef00919df1bc_.js
js.zohocdn.com/salesiq/https/js/ Frame 5723 		822 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zohocdn.com/salesiq/https/js/siqnewchatwindow_a9bb41d967a481da17a7ef00919df1bc_.js
Requested by
Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_cbfca76155ec0e3a3030f32d11f9605d_.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.186.243.147 , United Kingdom, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
cb86e051abfa4d696f926d5dacd211f51032437952539cef490b4b92071dd79c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript
x-cache
HIT
status
200
vary
Origin, Accept-Encoding
content-length
179762
x-xss-protection
1
x-sts-request-id
ex1-5f33c9f0571b62085385a3f8
last-modified
Wed, 12 Aug 2020 10:50:18 GMT
server
ZGS
x-frame-options
SAMEORIGIN
etag
"d8d22ca48763f3748792461115bc9362"
strict-transport-security
max-age=15768000
content-language
en-US
access-control-allow-origin
*
cache-control
public, max-age=15552000, must-revalidate, proxy-revalidate
accept-ranges
bytes
timing-allow-origin
*
resource_5835cb94c1737abf883fb7e90860490b_.js
js.zohocdn.com/salesiq/https/js/resource/embed/ Frame 5723 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zohocdn.com/salesiq/https/js/resource/embed/resource_5835cb94c1737abf883fb7e90860490b_.js
Requested by
Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_cbfca76155ec0e3a3030f32d11f9605d_.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.186.243.147 , United Kingdom, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
25046d314ec169bbe85d9e1fde563ac2ef6fee790a493e73e52de2f3c4085d31
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript
x-cache
HIT
status
200
vary
Origin, Accept-Encoding
content-length
8838
x-xss-protection
1
x-sts-request-id
ex1-5f2d4509571b6208537fd066
last-modified
Fri, 07 Aug 2020 05:50:18 GMT
server
ZGS
x-frame-options
SAMEORIGIN
etag
"10465e3e46761f561b293d8905590b4b"
strict-transport-security
max-age=15768000
content-language
en-US
access-control-allow-origin
*
cache-control
public, max-age=15552000, must-revalidate, proxy-revalidate
accept-ranges
bytes
timing-allow-origin
*
embedmedia-rtc_027407e2541f3a9fb3e64d911042dfcb_.js
js.zohocdn.com/salesiq/https/js/ Frame 5723 		110 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zohocdn.com/salesiq/https/js/embedmedia-rtc_027407e2541f3a9fb3e64d911042dfcb_.js
Requested by
Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_cbfca76155ec0e3a3030f32d11f9605d_.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.186.243.147 , United Kingdom, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
dfebf7198b4def8d55484919b7d254bdfb12c0a95f466bc6c78ba95b9d9b5bba
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.ketto.org/fundraiser/savevinod?payment=form&utm_campaign=savevinod&utm_medium=email&utm_source=external_dst&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 14 Aug 2020 18:32:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript
x-cache
HIT
status
200
vary
Origin, Accept-Encoding
content-length
23743
x-xss-protection
1
x-sts-request-id
ex1-5f33c9f04d986f2a19ad454c
last-modified
Wed, 12 Aug 2020 10:50:22 GMT
server
ZGS
x-frame-options
SAMEORIGIN
etag
"4116ccc6992cb7236c1e7b64003f34ea"
strict-transport-security
max-age=15768000
content-language
en-US
access-control-allow-origin
*
cache-control
public, max-age=15552000, must-revalidate, proxy-revalidate
accept-ranges
bytes
timing-allow-origin
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.ketto.org
URL
https://www.ketto.org/assets/images/transparent.png
Domain
data
URL
unsafe:data:image/png;base64,

Verdicts & Comments Add Verdict or Comment

349 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| GUMLET_CONFIG object| d object| s object| gumlet undefined| ab number| settings_timer number| _vwo_settings_timer object| _vwo_code number| _vwo_acc_id object| _vwo_style string| _vwo_css object| _vwo_geo string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| _vwo_pa string| _vwo_opa_cb string| _vwo_worker_cb boolean| IS_SAFARI_ITP object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| process object| __zone_symbol__beforeunloadfalse object| __algolia object| __core-js_shared__ object| core object| __zone_symbol__testfalse function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse object| __zone_symbol__unhandledrejectionfalse object| __zone_symbol__pagehidetrue object| __zone_symbol__pageshowtrue object| __zone_symbol__loadtrue object| __zone_symbol__loadfalse object| __zone_symbol__hashchangetrue object| __zone_symbol__clicktrue object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| Qa function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev object| _vwo_t object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out boolean| DISABLE_NATIVE_CONSTANTS object| __nls number| ___vwo object| utils object| lgData object| lgModules function| lightGallery object| __zone_symbol__resizefalse object| __zone_symbol__orientationchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers undefined| _vis_opt_url object| __zone_symbol__focusfalse object| __zone_symbol__ANGULARscrollFALSE object| WebFont object| __zone_symbol__popstatetrue object| dataLayer object| clevertap object| __zone_symbol__gtm_loadedfalse object| google_tag_manager function| postscribe object| google_tag_data object| __tfa_pixel_init object| _tfa function| fbq function| _fbq string| GoogleAnalyticsObject function| ga object| MGIDFuncCalls object| MgSensorData number| MGIDSensorInjected string| qp function| snaptr function| obApi function| obTag function| twq object| dotq object| $zoho object| t function| hj object| _hjSettings function| nv object| notify_visitors string| url boolean| covidCampaign object| __zone_symbol__ct_loadedfalse object| __zone_symbol__scrollfalse object| gaplugins object| gaGlobal object| gaData object| __zone_symbol__unloadfalse object| YAHOO function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| twttr object| __zone_symbol__messagefalse object| MgSensor function| MgSensorInvoke function| MgSensorInvoke0 object| _mgq function| _mgqp number| _mgqt number| _mgqi number| MGIDSensorLoaded object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| wizrocket object| $WZRK_WR object| $CLTP_WR object| FB object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| gtag object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut object| nv_location function| nvEcheck number| checkNvpack object| _nv_data object| intlTelInputGlobals function| intlTelInput object| doc object| headArr object| iframe object| $ZSIQLSDB object| $ZSIQCookie object| $zsalobj object| UDHandler object| $ZSIQUtil object| $ZSIQLicence function| handleIframeFunction object| $UTSHandler object| $ZSIQUTS object| $ZSIQUTSAction function| _ZLDReq object| $ZSIQChat boolean| isdomloadhandled object| _ZSIQ object| $ZSIQAnalytics object| $ZSIQAutopick object| $zohosq object| $zcb object| $zv object| $zlm object| $zlch string| $zla boolean| $ZSIQ_UTSinitialized function| $ZSisThresholdExceeded function| $ZDestroyFloatData function| $ZNotifyTracking function| $ZShandleEvent object| __zone_symbol__onlinefalse object| __zone_symbol__offlinefalse number| SIQ_FLOAT number| SIQ_BUTTON number| SIQ_PERSONALIZE boolean| _WINDOW_REPOPULATE function| loadStaticFiles function| notifyOnCDNFailure function| appendReferrer string| api_lang undefined| val boolean| iscdnenabled object| cssjslist object| intlTelInputUtils object| scpixel object| $ZSIQChatWindow function| zsiqdrag object| $ZSIQTemplate object| $ZSIQWidgetUI object| $ZSIQWidget function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

4 Cookies

Domain/Path Name / Value
.ketto.org/ Name: _vwo_sn
Value: 0%3A1
.ketto.org/ Name: _vwo_uuid
Value: D35CCE63F00B8B4E7D8C7017DCEB8C0AD
.ketto.org/ Name: _vwo_ds
Value: 3%241597429930%3A85.16953196%3A%3A
.ketto.org/ Name: _vis_opt_test_cookie
Value: 1

4 Console Messages

Source Level URL
Text
console-api debug URL: https://www.ketto.org/new/vendor.200914911de94f95615a.js(Line 1)
Message:
[bugsnag] Loaded!
console-api error URL: https://www.ketto.org/new/vendor.200914911de94f95615a.js(Line 1)
Message:
ERROR [object Object]
console-api log URL: https://www.ketto.org/new/vendor.200914911de94f95615a.js(Line 1)
Message:
dialoge type full
console-api log URL: https://www.ketto.org/new/vendor.200914911de94f95615a.js(Line 1)
Message:
TypeError: ga.getAll is not a function

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9811153.fls.doubleclick.net
a.mgid.com
ade.clmbtech.com
ajax.googleapis.com
amplify.outbrain.com
amplifypixel.outbrain.com
analytics.twitter.com
asia.creativecdn.com
cdn.gumlet.com
cdn.taboola.com
cdnjs.cloudflare.com
connect.facebook.net
conversions.traceinsta.com
css.zohocdn.com
d2r1yp2w7bby2u.cloudfront.net
data
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
js.zohocdn.com
js.zohostatic.com
ketto.gumlet.io
lite.livenutralite.com
notify.bugsnag.com
prod_cdn.gumlet.com
prod_cdn.gumlet.io
q.quora.com
s.yimg.com
salesiq.zoho.com
sc-static.net
script.hotjar.com
sessions.bugsnag.com
sin.creativecdn.com
sp.analytics.yahoo.com
stags.bluekai.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tags.bkrtx.com
tr.outbrain.com
tr.snapchat.com
trc-events.taboola.com
trc.taboola.com
vars.hotjar.com
vc.hotjar.io
vts.zohopublic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.ketto.org
www.notifyvisitors.com
wzrkt.com
data
www.ketto.org
103.132.192.30
104.19.132.78
104.244.42.197
104.244.42.67
107.180.46.212
116.203.184.43
13.226.155.119
13.226.155.29
13.226.155.53
141.226.228.48
147.75.32.125
147.75.33.131
147.75.33.229
151.101.112.157
151.101.113.44
151.101.13.44
172.217.21.194
172.217.21.198
204.141.42.111
204.141.42.123
204.141.43.144
212.82.100.181
23.10.68.93
23.210.250.44
2600:1901:0:7a0b::
2600:1901:0:a5e4::
2600:9000:2182:1600:d:a7d1:b5c0:93a1
2600:9000:2182:4a00:14:81fb:1e80:93a1
2600:9000:2182:7a00:11:c3fe:5b00:93a1
2600:9000:2182:9200:d:a7d1:b5c0:93a1
2600:9000:2182:a600:9:d911:8400:93a1
2606:4700::6811:4e6b
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:814::200e
2a00:1450:4001:815::2008
2a00:1450:4001:816::200e
2a00:1450:4001:818::200a
2a00:1450:4001:81c::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:821::2003
2a00:1450:400c:c0c::9c
2a02:26f0:6c00::210:bb20
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.219.203.195
31.186.243.147
34.96.102.137
35.186.226.184
54.192.183.28
64.202.112.159
92.123.150.214
02874782bb9e7d9ecfbd6e7083304b6f6e533771ca9e2856b4f70e891ba7bfed
03105f6d7c6a3d4004b7b82f144215dda56b85b9ba2d1dad03f2c6389659f676
0501f6b372fbd170f6feefd1db0d4a1f2e76ef02f93a5dd91031194299f612cb
0504480ecbd55fe67ce48d0235fb1a1311c01fe598e8ef496df7e75c8c4ac2f1
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07f5a5f5b67808234afebb80fd75e40c06f77207095b66ce7427997ad819da56
09a09b9e2e6bd0d0f04c4d41a65e288a1bb1091ceb9990395b4a84dd248c2445
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0cf8316d1c0bd99f64b6324e04fef377b8673bc58a4a94082c74c6ca95c95efd
0d8b242bae3b42d161a018d43f7b60366bd0fa44e638bcf0fefdd04807ac5374
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12bf7d43ba2eb8c2e321c57ea2d8c15db35e7e61aafecf5908188a9f688bdac7
17bb6d7d5216426a5809ea3cdfd712c8dad4f898c99beef7f6cd76bb6836a687
17d81106176fdcddbcb848b8527dd2514831e000cabce15dc66b96c7212f73b7
1fc90ca7cad373bbb2464bc5cf020c039a70652527015c24a61f1da4c0e9d11a
25046d314ec169bbe85d9e1fde563ac2ef6fee790a493e73e52de2f3c4085d31
25f36c05d70e31e1c49176074f12f940a0e43627a489c5a03d0519bc01729d4f
26fc65d7f799be0ee7d6d4998f67bb94c4a22767ae7af31000fda43506a2901a
277dfd85f30b874c8f063fd4c0fc7719182340778939ea8a61f47e99e4aac3cf
29b516aee6a400f25664f52b1919736ae13dca09da5edf0290aed5e92b206ed7
2a8ec8465298b1d2cd779b04471b720b19f06ba579fc63cc32291f2506039232
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b925539d5d7ce5faaf577626312488f1f175172b92ae4d198a5e0c984998905
2da6f31d355efa94789f1639a7e522b81e0b0d455da9d66f151c2208dfc32f8d
330c6994f421612a2a17b91f08e16a970dd2158a4632e9c133a393be9cefbf99
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
39277aea7e267a43c1539b79d6035bbb8b3810357f1a33353018282b04c9c06b
39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98
39d680608912d99a0e18c8ac3d1ead7a72b9688f6d94a8ac4656a4c6588ebb3c
3dcd375d9df1f93f1fb70ca5fca9ebeb890234108f548482e62d9a1a0aea1180
3e7f8809736fb650456026093e40140bfd61f988f9007eea4d9f8266aa4ac769
3ee7161181afa416d0ebe6ad270e1202e8d14f0d802ef72dfd944dc4cbebe72c
41469ad284d7d852dbdb252c1ffc9f87e4886060d58abe0e849c0b948caac077
41b568e968c08fc3a5a347bd3d84db33cb7e98438f08d3c8f4a9889e2a3fba6e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9
482dc958407776ef68a7c028342c6ca937f7b3247775ea2515c1497d4c80114f
4a33f02ebe6efe031be014c0bbd9afdd1a6ffc4d72b8183b6f9cc794f8d7a986
4a59ca491e6c4a6722969a7fc5b9007bf21d4cdcf067411dd4ab14ff044e4457
4a84e415abb3f7df331968fdf75c28d1b0db7935219abe78aced71ece15f5600
4ec47255bd358d62e4d8a4ee9b15a3a1e8effb49fdd41dbfcce9f622218cf6f3
513df0b5429c2ba8ecb2a8cbac3dbf5379c08906226ac2b312da271ef2a67bac
5155943531c964c616ba1c144a3d012bca02587c820c7ae2a6fe5f4914b53443
51d5890f7df99a32c05b5b8ca8d73bfcfd104d967e1f31fb483e2325fbb5607a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56c347dea31d42addb47370bb5c9bb7d7817f203c3aa8499780f5ec25e7a85a3
5a7b50dfcab566a113cdaae1110936451ea77f572d3e9e21aeb392485295f542
5a8d8d20668c37cd7274a877dba671f3aa09f47005310c522091919df9d26450
5e633512e073479016d035b9de91da37671226b49e09dd2e874a738dfd334678
69c0eb863ddd5fe37ed39b0ae84f01ca9e0390c963940cf132ad9aa1fef98779
6a43314c34f0f99c963ea0b070e868a8cf7bda97a15d17295d7d6687ceb3fddf
6b3a3c33d38c05b3a3fcd41e055290f200a958b67f00979b9a83f7af8ac5b33b
6b5e89ff4b46e5bd5ce4901f44203e73839865bd0f57fa9a955da009f05fb1a0
6b8dfa0df8e13cc260c1e6bd170f230e000852ac86c667e9d9f907698ea669db
6e2968b0596e2cfd746c4df153f7835f92eeff22a90348b23a8189d126808ab6
6fd3d4cf960299fedbb7546cbe23a19b636220e05499d6c978bdaeb4d6430147
706768e4b131b180c185e87060ad8927da59d9f131ca9541cd8132a83330a8f6
756e6298846a50ce305feb76264834e4ea33b968d7ddca1f1cd5810ce17c48d2
790fa159386b80e1ff4677d65fc9eb7c59f9b86c4ee6e9de737d6964867af4b8
7c49714c8bf7f84acc1bfc94e4deac9be7ab6e541ad284b5fd84c8cc221a675d
7e5e69b3bd8524275320d79691d09aaba7d7d9d869cf91c53252d1d2c8595d87
7fe98c695098de4558e2ccb69004791f97e1a4d3fe674d86365001dc11d2a734
800604bedd860adda78f58db0fdd76818c0f4106cc377ab0422a893d13ef0e2f
805d679fc05656d2d48c625d78e8304c9a59c90c072b44178abc67f82e9d226b
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
82a2a22fe2428db4e7e8eb0cf863ebbb81ff6594ee14a35e43f08b37ce0d65e9
82ca7b137491e17a1fa14c7ba83766bbc3f9f715c8a9d9847feaf0010859f16b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8344eb22ba02e162d00fc025368140810c5f31224dd28c496f44524784691ad5
87c1cf898465b652c7d037e67aa0289426367727457346c810dce0fc362a7105
88cf2c9a4c4bcef2aa64fb6ea0f337f78e9a7dc61d87993441369fa5cb429d32
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
91f41aca1c42388a52cffa41e75305c6e98ba8c97aaa68c62143b6b7de08d912
92f410985c0233c9abcba33b98f05b3e24d5ea3e80f5083466d545e94d49ec43
97cd49864560d22ff6b0f4e9c5ad0bf458ba722ef100167f1cb7b9b8008628f0
9a3932f28efb422f36033362a44764f876d09b6a6e786b09fecdc016b7865091
9ba29d8b3f76a11913e3ecfcb2881886a94fc163ef43cee5f1303085b05bcada
9d1d20907ba83d3f3470e59e4304e94a093514d204330dde7afea7056c13febd
a027bca296eceea8c751681833d5de45ba89aee6412fea44b151e682dbc960c2
a38063da0192b10a1ad5fc0496eb659d23ab881775c8c13072e08f4f55622eca
a89d40d5e47bd72115236ff1c2823cadd9f806c9b724b0315b293643cf409091
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af794b0eedf53ca14150e0aaa8c987d161914d459d7334a373ee7d9454e446ef
b07c6fb64749e8a8fa27e5d80bdfdb3c6b0661840b7a6af095e657a1cdecc3bc
b08a2fde13d4e5798529ef923dc39f8fdbba7691008326e0c1125587f87b1b08
b46c117bfc3a32a93541c04e6f8a70dcddab81a10a40237f422804adad586b2a
b76bb0ad5be77742c6e2dc706c1a00073520da9304b49112e9e8f8ea84c76f9c
b7c67909be928aae5939c02903dc19264309f09ea261c624d3ecc5d28b58230e
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
bb7277a979d49784c392a01f1d9e12d590c848f73e246ad1dd128d5e653c02f5
bde3528e96f1c3b956575d5fcd4c0d7928e77159c856fcbf2f9300913f65a22a
c0161becb5fafacfce1ed84b0cb433d722cd05f49a9bddd970f3beda387f4ac1
c41098571bc690aaf6e50aa3cf589fe3d64d6e71a25f32007501052f1bc8b631
c55e6b4bdfe4dd6cdf789c8a25d028a23c4c9b8907a3c5effd20019c9201a2b6
c6017284e0a28ad4de960ac1a84895ff33affa3dcedd1eed83e10281842a6ee5
c65e707014518bf83814ceca1d50249f336f9eb87347a9176fa766d00c72f6cd
c81e1298449ad885352b9de05ea2f4967cbbe071b226d5b26374c9745108cf36
c965ca7196899feb988531f68796bc31c2bc695448a28dff41a0ab97ce6cf1ae
cb86e051abfa4d696f926d5dacd211f51032437952539cef490b4b92071dd79c
cce6e5d4db8fd4dec2379cc054c78e777a327a933d6d9375f6474aa519892f9c
cd5f808e3663bcca56971fbcd718c4f716f126437e0cff67a912a4ec7c8425ac
d51429fd2b1c769c26d925b62ffa12bc250dda9a3c287ba93c3eab42eb8b3992
d640a627d56a7bb8741578125551070487b6a02ba6c1e28a21b2f092cb4a992f
d7c695d9789ba783d8e1b5baaf2443a5900bf358f907181497d4dfd0664bd868
d919097bd77765df86dedf74a1f363adb9ac1f4099cfe882bbb8995d223b48d2
db8b216d30b0e81f129a25f3d9584be62a434752f6ac1c8687062ffe51efa65b
ddfaf0eb6f2f170c6df090e1e32e9edf711892f7f6cc8ad3bb6375538f111b82
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfebf7198b4def8d55484919b7d254bdfb12c0a95f466bc6c78ba95b9d9b5bba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6138f8a45236b17262de84bfebb83dee850c8b9a6ec4bf0966299f038dc0d38
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e9730ec41e740f87fcd9fa540ecd9e9acd0c83157a286b64771dec1796e9425c
ed0f466e5c44092712e5a38ba7d28bdc2ec723c8021061367be609b51e413053
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f431fff08ac8e685361a0fad9137bac98ae35869bd4ab871753c674eb2f36b34
f87cca9f04141732bd28eb8ac5c5325cc3edf721b1dfe16fab48dc108b236d7d
f8c17cba121381e714dbe5db4a85fcbba0b074fe21f95b568a92c604a7984581
fa84bff77e9d4858d44a35012e74a85b98343ba75c3eafd0012bd1554257ba8d
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514
ff7f060e074279be23a8e06fe67eaf945adf1e9acc29c30900ff562009720d11