urlscan.io logo urlscan.io
SecurityTrails logo

savelocation.net Open in urlscan Pro
188.165.203.193  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://savelocation.net/
Effective URL: https://savelocation.net/
Submission: On June 04 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 6 countries across 16 domains to perform 54 HTTP transactions. The main IP is 188.165.203.193, located in France and belongs to OVH, FR. The main domain is savelocation.net.
TLS certificate: Issued by R3 on May 29th 2024. Valid for: 3 months.
This is the only time savelocation.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 188.165.203.193 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
10 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 104.18.25.111 13335 (CLOUDFLAR...)
2 142.250.186.162 15169 (GOOGLE)
1 2600:9000:20a... 16509 (AMAZON-02)
3 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.232 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.239.36.10 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 184.28.89.220 16625 (AKAMAI-AS)
1 23.35.237.151 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.206.67 15169 (GOOGLE)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.186.38 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 141.147.81.223 31898 (ORACLE-BM...)
2 172.217.16.206 15169 (GOOGLE)
54 24
6    188.165.203.193 (France)

ASN16276 (OVH, FR)
PTR: mail.dantoo.net
savelocation.net
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2600:9000:2250:a00:12:4abd:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.intergient.com
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    104.18.25.111 (None, )

ASN13335 (CLOUDFLARENET, US)
stingyspoon.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2600:9000:20ae:3600:14:2602:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.intergi.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
www.googletagmanager.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.239.36.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-10.ams58.r.cloudfront.net
impression-inferences-edge-prod.playwire.com
1    2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    184.28.89.220 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-89-220.deploy.static.akamaitechnologies.com
z.moatads.com
1    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
px.moatads.com
1    2600:9000:223f:e200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f3.1e100.net
www.google.fr
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
ad.doubleclick.net
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    141.147.81.223 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
2    172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f206.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
10 intergient.com
cdn.intergient.com — Cisco Umbrella Rank: 7676
130 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3163
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 716
149 KB
6 savelocation.net
savelocation.net
67 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1084
api.btloader.com — Cisco Umbrella Rank: 1180
30 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
ad.doubleclick.net — Cisco Umbrella Rank: 165
174 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
329 KB
3 moatads.com
z.moatads.com — Cisco Umbrella Rank: 878
px.moatads.com — Cisco Umbrella Rank: 678
mb.moatads.com — Cisco Umbrella Rank: 1108
44 KB
3 gstatic.com
fonts.gstatic.com
212 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2406
www.google-analytics.com — Cisco Umbrella Rank: 65
21 KB
3 stingyspoon.com
stingyspoon.com
25 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1095
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
7 KB
1 google.fr
www.google.fr — Cisco Umbrella Rank: 18438
63 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 776
482 B
1 playwire.com
impression-inferences-edge-prod.playwire.com — Cisco Umbrella Rank: 11848
355 B
1 intergi.com
cdn.intergi.com — Cisco Umbrella Rank: 9502
132 KB
54 16
Domain Requested by
10 cdn.intergient.com savelocation.net
cdn.intergient.com
6 savelocation.net savelocation.net
4 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
savelocation.net
4 www.googletagmanager.com savelocation.net
www.googletagmanager.com
3 api.btloader.com savelocation.net
3 fonts.gstatic.com fonts.googleapis.com
savelocation.net
3 stingyspoon.com cdn.intergient.com
savelocation.net
2 ad-delivery.net savelocation.net
2 region1.analytics.google.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
savelocation.net
2 securepubads.g.doubleclick.net cdn.intergient.com
securepubads.g.doubleclick.net
2 fonts.googleapis.com savelocation.net
1 mb.moatads.com z.moatads.com
1 ad.doubleclick.net savelocation.net
1 www.google.fr savelocation.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 static.adsafeprotected.com savelocation.net
1 px.moatads.com savelocation.net
1 z.moatads.com cdn.intergient.com
1 btloader.com cdn.intergient.com
1 impression-inferences-edge-prod.playwire.com savelocation.net
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.intergi.com cdn.intergient.com
54 23

This site contains no links.

Subject Issuer Validity Valid
savelocation.net
R3		 2024-05-29 -
2024-08-27		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
cdn.intergient.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
stingyspoon.com
E1		 2024-05-22 -
2024-08-20		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
cdn.intergi.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.playwire.com
Amazon RSA 2048 M03		 2024-01-12 -
2025-02-09		 a year crt.sh
btloader.com
GTS CA 1P5		 2024-04-14 -
2024-07-13		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
*.google.fr
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2024-06-04 -
2024-09-02		 3 months crt.sh
ad-delivery.net
GTS CA 1P5		 2024-05-17 -
2024-08-15		 3 months crt.sh
*.doubleclick.net
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh

This page contains 2 frames:

Primary Page: https://savelocation.net/
Frame ID: C370B69155D1E3444C571E76A2FA45E4
Requests: 53 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.10.46/iframe/iframe.html
Frame ID: 46AF469C4B550E9B5741D9EAE24D80E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Save Location

Page URL History Show full URLs

  1. http://savelocation.net/ HTTP 307
    https://savelocation.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • /prebid\.js

Page Statistics

54
Requests

100 %
HTTPS

50 %
IPv6

16
Domains

23
Subdomains

24
IPs

6
Countries

1322 kB
Transfer

4243 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://savelocation.net/ HTTP 307
    https://savelocation.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
savelocation.net/
Redirect Chain
  • http://savelocation.net/
  • https://savelocation.net/
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://savelocation.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.165.203.193 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.dantoo.net
Software
nginx /
Resource Hash
475997b18f6a698c3c00d1b974284bc83c480a63b1e3121a238184b2d6e229b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 04 Jun 2024 17:11:58 GMT
etag
W/"1737-CFFYoE/7fPc2EpqAUhMHDWpC654"
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Location
https://savelocation.net/
Non-Authoritative-Reason
HttpsUpgrades
603b47bd17c7e19956d9a14b7fa3b393.css
savelocation.net/ 		154 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://savelocation.net/603b47bd17c7e19956d9a14b7fa3b393.css
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.165.203.193 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.dantoo.net
Software
nginx /
Resource Hash
7237dfe879f41db3c16b15071216b15716abc9e52bc2e6a91fe225ac1dfb2d7a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
etag
603b47bd17c7e19956d9a14b7fa3b393
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=0
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		232 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RXJZTQQFCT
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ed24fdeeb60557016dce3b0a4024ab57469c822beb7a4c53601123a5daad00c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85850
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 04 Jun 2024 17:11:58 GMT
ramp_config.js
cdn.intergient.com/1024327/73687/ 		47 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/1024327/73687/ramp_config.js
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1233e6614b2b6c8858872cceeef97a9e2057c5aadd0ff03877f7fda4849d1f8c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:58 GMT
content-encoding
br
via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=600, public, must-revalidate
x-amz-cf-id
FOj4ColgQ_XVnDbbPvVM0HQV6XoL-4ET7nui8XjQJD0EyXx64vTVmQ==
js
www.googletagmanager.com/gtag/ 		202 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-117981069-14
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0dbcc420a6581933afc1f876c9488d23ec1570cab3d71efc1525eab95399d11e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74765
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 16:24:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Jun 2024 17:11:58 GMT
full-white.svg
savelocation.net/img/logo/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://savelocation.net/img/logo/full-white.svg
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.165.203.193 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.dantoo.net
Software
nginx /
Resource Hash
571bb1d010e865190deae18e58d15bb41a525385caa874fc9b3207bb9c941e3f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 18 Jan 2024 12:18:52 GMT
server
nginx
content-encoding
gzip
etag
W/"123c-18d1c8283e0"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=0
accept-ranges
bytes
x-xss-protection
1; mode=block
eb01c017dd86c9d49ec9da45225afe3c.js
savelocation.net/ 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://savelocation.net/eb01c017dd86c9d49ec9da45225afe3c.js
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.165.203.193 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.dantoo.net
Software
nginx /
Resource Hash
903b846f1a9923172254451f9f3d65003b3bb3ffa06ef1a19e66a831a7fea044
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
etag
eb01c017dd86c9d49ec9da45225afe3c
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=0
x-xss-protection
1; mode=block
ramp_core.js
cdn.intergient.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/ramp_core.js
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
82d85b8d92bf574119854c2a4b7c635bfd88cad2b9e477e4597ced16f27cbdd2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:58 GMT
content-encoding
br
via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-lambda-function
us-east-1.pageos_production:447
cache-control
max-age=600, public, must-revalidate
x-amz-cf-id
cdvcOD9AKo3GDHFvytgOFDgeiCcUom-73Xig-Vbt1sI7cQqEJ5PZmQ==
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:300,400,400i,600,700&display=swap
Requested by
Host: savelocation.net
URL: https://savelocation.net/603b47bd17c7e19956d9a14b7fa3b393.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ceb1b2fe730e9bd3b9d0353d196f9e40e72a51c9227ac432e0c9af6eaba4426c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 17:11:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 17:06:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 17:11:58 GMT
01e8b393e0e628939a047d0.main.js
stingyspoon.com/dist/25dd01cab3bac9c/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stingyspoon.com/dist/25dd01cab3bac9c/01e8b393e0e628939a047d0.main.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024327/73687/ramp_config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a332ce2103c3cc89f4e6c4f9ed8a931eadf04bb7a428bf49f4095ee9974996c9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:58 GMT
content-encoding
zstd
via
1.1 google
strict-transport-security
max-age=15724800; preload
cf-cache-status
MISS
x-buildnumber
1299687404
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-europe-west1
etag
"ecc12fcf8fe81132c0c7a61aae3f99b2f5ad7be5c892cedc0a0c6c126fbf3204"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-xmqk
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
cf-ray
88e98b90ba5f99cc-CDG
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024327/73687/ramp_config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
86359d15ad279ac35373d8bad110321774daf543c6651105339c3ba3bfa38b9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31132
x-xss-protection
0
server
cafe
etag
785 / 19878 / m202405300101 / config-hash: 15300373773443905275
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 04 Jun 2024 17:11:58 GMT
prebid.js.br
cdn.intergi.com/prebid/ 		517 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/prebid/prebid.js.br
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024327/73687/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:3600:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4694888192060d9c76853e91975d822483ea4e49a5f5862a04c2ec48cd939fa3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
.bgLU0oToLnk_5KeTETGeIYdj8VcPjcE
content-encoding
br
via
1.1 3909cd34f904454f54cf78c975b2c198.cloudfront.net (CloudFront)
date
Tue, 04 Jun 2024 10:36:37 GMT
last-modified
Wed, 08 May 2024 13:47:23 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P5
age
23804
x-amz-server-side-encryption
AES256
etag
"a549219bf8fdd0fb8bf2fc47072ff907"
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
134715
x-amz-cf-id
CEWe-rx7WLlmkAr1HUMSzM3qZsgih3UJXCAjNeuThXtIo0FJxa16bQ==
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RXJZTQQFCT&gtm=45je4630v892238110za200&_p=1717521118736&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009534718.1717521119&ul=fr-fr&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717521118&sct=1&seg=0&dl=https%3A%2F%2Fsavelocation.net%2F&dt=Save%20Location&en=ramp_js&_fv=1&_nsi=1&_ss=1&_ee=1&ep.pageview_id=1717521118736&tfd=360
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RXJZTQQFCT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 17:11:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://savelocation.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		210 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T93BR5N
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cbb62a6c89d71f7ad260195b78aeb780a650cf295f044bd47e849cfee4714817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76768
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 16:24:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Jun 2024 17:11:58 GMT
pageos.js
cdn.intergient.com/pageos/1.10.46/ 		399 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.46/pageos.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7892fadadb8e7dc6005d9bc757b6a559ff7a4c75334d324e1320e87fa0da9145

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 07:16:37 GMT
via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2024 19:45:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
35722
etag
"b2fb502fba489442f2a20e5890c4b0ed"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
399
x-amz-cf-id
lNBw56-te1KvYBtdRiSPH2Of2Z-FUGB2jiYnJlW8JL02GV8VmnqcaA==
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400,400i,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://savelocation.net
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:22:37 GMT
x-content-type-options
nosniff
age
10161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39124
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:02:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:22:37 GMT
runtime.cb18e0142c15af1a3527.js
cdn.intergient.com/pageos/1.10.46/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.46/runtime.cb18e0142c15af1a3527.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.46/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5a9acca4fb5e305393ef6ce2b2e7dfd4abf6f1fb8edffd3ad96fe455526c32d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 07:16:37 GMT
content-encoding
br
via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2024 19:45:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
35722
etag
W/"753c84dfe2645ae315009fc4dddbf4c2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
a5G5qteTCOMOW23ok0YLG-aC8nd9KwObhFU59BQvpEDNT9hGkW4t5g==
main.a0700daea0a54d04e651.js
cdn.intergient.com/pageos/1.10.46/ 		193 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.46/main.a0700daea0a54d04e651.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.46/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fbca39f5590771458309fff1b15cf3303fc25b27706f45adcd3b1b28e0b0010d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 07:16:37 GMT
content-encoding
br
via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2024 19:45:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
35722
etag
W/"c0ec7649d09188a34bede9014a388536"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
9iFMYffpFZ79-JXvcGIpsAYjco0RGSV4kVzLUt1VwkIbmA57KRRayA==
js
www.googletagmanager.com/gtag/ 		285 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-729GCCR12X&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T93BR5N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4a311ccb9919ef196b4d6e51d76dde774577942cc9883cc82796e78cce0aa522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98673
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 04 Jun 2024 17:11:58 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T93BR5N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 04 Jun 2024 15:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5455
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 04 Jun 2024 17:41:03 GMT
videoCard.5ed8eb34c11835040def.js
cdn.intergient.com/pageos/1.10.46/ 		559 B
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.46/videoCard.5ed8eb34c11835040def.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.46/runtime.cb18e0142c15af1a3527.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 07:16:44 GMT
via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2024 19:45:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
35715
etag
"6880c1609e3243c11c7b4f1285e14d89"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
559
x-amz-cf-id
SL06AVjAFStP3Z9I5Bk7H1AEnGSWGIfQuV1Tjz-cvjxt-VdA9Uf8TQ==
iframe.html
cdn.intergient.com/pageos/1.10.46/iframe/ Frame 46AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.46/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.46/main.a0700daea0a54d04e651.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://savelocation.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
35721
cache-control
public, max-age=31536000
content-length
498
content-type
text/html
date
Tue, 04 Jun 2024 07:16:37 GMT
etag
"c0a9148e169edcf6fe662e4d2aa9c142"
last-modified
Thu, 23 May 2024 19:45:03 GMT
server
AmazonS3
via
1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
x-amz-cf-id
-hc5O8xA8CTOckizOXKeAV69q2N9ynMu4y-lkpW27f-hKsFczx_62w==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
batchHandler.24515460e260d851db2e.js
cdn.intergient.com/pageos/1.10.46/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.46/batchHandler.24515460e260d851db2e.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.46/runtime.cb18e0142c15af1a3527.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ecc04237e7d70f3057450ad0ab2ef4c24fcb7705d3b61d924c42aa41485e1df

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 07:16:38 GMT
content-encoding
br
via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2024 19:45:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
35721
etag
W/"a357943e64a1e54d4fca88f11587fb25"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
EyC1iBcUHLNzwKs8Mc9GVJaMyDuguB_BpYWFFMqXuH5AZz7iMsLfkw==
gdpr.67979b9dcc23304ee655.js
cdn.intergient.com/pageos/1.10.46/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.46/gdpr.67979b9dcc23304ee655.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.46/runtime.cb18e0142c15af1a3527.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
089f12de226200daa189d5bf5b73422e1c286b169b990242569037337707aab9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 07:16:44 GMT
content-encoding
br
via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2024 19:45:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
35715
etag
W/"f95a9c4b1bc61653121ead19347b6490"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
g-F_XkbOdmtEC94ujJxjja7JlzSrcR9r3UdAQQKnCqHd5kjQJnKkUA==
GDPR
impression-inferences-edge-prod.playwire.com/websites/73687/v1/Tue/13/desktop/Chrome/ 		27 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://impression-inferences-edge-prod.playwire.com/websites/73687/v1/Tue/13/desktop/Chrome/GDPR
Requested by
Host: savelocation.net
URL: https://savelocation.net/eb01c017dd86c9d49ec9da45225afe3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-10.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
9fc044cb2022940f48beb1fcacb7ff4e4e3718784754ef291dbdca2dba5dd1ad

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:59 GMT
via
1.1 1e604122efa69acb57f0b5ccc10d9de6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=3600, public, must-revalidate
content-length
27
x-amz-cf-id
mxagLOOvYuRASdl-PxnGfU5knQeXNAXFcRfIdDWfTNxAYFAF2dd6Cw==
tag
btloader.com/ 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.46/main.a0700daea0a54d04e651.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad7b42164f53bca3e06d297f5d8863b24a55db96fccad303a7ad7175f16c1d95

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:58 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 04 Jun 2024 16:37:23 GMT
server
cloudflare
age
1937
etag
"a08dcbf031935f364768c6d886286f54"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
88e98b919ee82a11-CDG
content-length
29989
moatheader.js
z.moatads.com/playwireprebidheader597261727146/ 		114 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.46/main.a0700daea0a54d04e651.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-220.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0b9385e02eb700e334675403ba0822637003fbeb50583f18a4a4a9121e4f7b60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 04 Jun 2024 17:11:59 GMT
content-md5
cjVIG7ARlfXfN5VfA9ykBA==
storage-tier
Standard
content-length
43167
opc-meta-btime
2024-04-22T05:23:36Z
opc-meta-mtime
1713763416
last-modified
Mon, 22 Apr 2024 21:18:38 GMT
opc-request-id
iad-1:FJ8IsGdkeWXnNP9EdwQuyJ-e9H23xQgZl6fqxSDpfxJL1lFaSB4pqPIl8UQ7rszL
x-api-id
native
etag
8a97064e-7cbc-429e-85f5-49f78753ed29
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/x-javascript
version-id
404e9696-0589-4a6d-8258-efd500705153
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control
max-age=31312
access-control-allow-credentials
true
accept-ranges
bytes
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 04 Jun 2024 17:11:59 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 04 Jun 2024 17:11:59 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/ 		460 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
cb00a860660974b25947b756849035378feb8893f3699e16d391cabbf8374f2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
14515
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147019
x-xss-protection
0
server
cafe
etag
3255905288585425474
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 04 Jun 2025 13:10:03 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?service=ad&adid=fealy&adnum=580393
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 00:03:05 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
407335
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
DL4zKFA9exUg-x9qd2KB-vrNF4obfpiKNEK_W6NfoUORiUOt7XYerg==
aws-sdk-kinesis.min.js.br
cdn.intergient.com/pageos/js/libs/ 		227 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.46/batchHandler.24515460e260d851db2e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 07:16:39 GMT
content-encoding
br
via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 19:02:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
35720
etag
"575b9635960fa1d9b7ba4dafe1d2e7f5"
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
57858
x-amz-cf-id
MQZp3sVr8mbNH4qcBbyqwDjuN6Fd3NoHwtowwSOTj2N1hCxYl03HLA==
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-729GCCR12X&gtm=45je4630v9121863643z89121868708za200zb9121868708&_p=1717521118736&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009534718.1717521119&ul=fr-fr&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717521118&sct=1&seg=0&dl=https%3A%2F%2Fsavelocation.net%2F&dt=Save%20Location&en=page_view&_fv=1&_ss=1&tfd=609
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-729GCCR12X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 17:11:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://savelocation.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-729GCCR12X&cid=2009534718.1717521119&gtm=45je4630v9121863643z89121868708za200zb9121868708&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-729GCCR12X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 17:11:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://savelocation.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-729GCCR12X&cid=2009534718.1717521119&gtm=45je4630v9121863643z89121868708za200zb9121868708&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=2139693222
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 17:11:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2073501483&t=pageview&_s=1&dl=https%3A%2F%2Fsavelocation.net%2F&ul=fr-fr&de=UTF-8&dt=Save%20Location&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=495598824&gjid=1581292144&cid=2009534718.1717521119&tid=UA-117981069-14&_gid=507246193.1717521119&_r=1&_slc=1&gtm=45He4630n81T93BR5Nv9121868708za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=385851816
Requested by
Host: savelocation.net
URL: https://savelocation.net/eb01c017dd86c9d49ec9da45225afe3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 17:11:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://savelocation.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: savelocation.net
URL: https://savelocation.net/eb01c017dd86c9d49ec9da45225afe3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 04 Jun 2024 17:11:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
393713
x-guploader-uploadid
ABPtcPqneg6soqaOikcNiPp_PDLK0UcBx1dP3Y_3kl9qiiydDGRLrzu3y4OM-7S5ceh_By7WvPw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2FTy04P21ooa3%2BM7xhvN5BHLtQ8KDZQBVfAfYVRFQ9TPC8jadX2F4TP%2FSROqjSGTyGirUTnzDNZYP2I3TsJJtF6v%2FvMKM1ErU8Cn%2BheGHvN7N%2FppdF6Oh3LzbL6aEbZxqG9VA9GBhh%2Fdc6MsNg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
88e98b926df19eb6-CDG
expires
Wed, 05 Jun 2024 17:11:59 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 10:22:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24598
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Jun 2024 10:22:01 GMT
px.gif
ad-delivery.net/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.8686361431078609
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
393713
x-guploader-uploadid
ABPtcPqneg6soqaOikcNiPp_PDLK0UcBx1dP3Y_3kl9qiiydDGRLrzu3y4OM-7S5ceh_By7WvPw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UqEds4gvX8EKr%2F3n2TPHgcXRZDS8LmLsJpyQylR9IcfnqVlqgqw%2FsZM9dtna2TDJ0mFDCo3%2F8ITxQrPOM4zDnzplzUUtdJTu5uDsQiRRbcwo2y69zH7%2FHiFfHBZhTR9UZ1yxRIzCOL7iadFVyw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
88e98b926df39eb6-CDG
expires
Wed, 05 Jun 2024 17:11:59 GMT
154013155
fundingchoicesmessages.google.com/i/ 		191 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/154013155?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9cba83b2b77aa577eb22903b66a37c2bde9535132966c6f999d52db1fce0ae4
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-WrwpAiiedNfkXJeyzXlItw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-WrwpAiiedNfkXJeyzXlItw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj8tDikmJw1pBiOO90h-k6EBtoPGeyAGKJry-ZNIDYKX0GaxAQ-9TPYI0B4tab51inAnHSv_OsRUDc_vkC63QgFuLmuD_17yY2gQs9n8OVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAzMDIz0DMzjCwwA2TAzAg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
v2
mb.moatads.com/yi/ 		380 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7Ra.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2MIJ%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-b30pLQ%2FSrWfiLYzebeGIbnPajq7lOaO9YGxLYqfZY0xNzxzrCfSmix1wV0AK2nh7uzk%3D&rs=1-qG1WeGF%2FRxwnGA%3D%3D&sc=1&os=1-4w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=30&qd=30&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fsavelocation.net%2F&pcode=playwireprebidheader597261727146&rx=746960025424&callback=MoatNadoAllJsonpRequest_85424995
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
f1b415f4c50a3c7b12eaf74eecdb666307fe2e74812139f05cbaaab468480e90

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:59 GMT
server
istio-envoy
etag
"ed277167f862fc889b6c6ac26eea14c910ebbc93"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
38
timing-allow-origin
*
content-length
380
7e9e02c6cf48a139431ec6b72aa6cbea9fb9e872d132d01d274288
stingyspoon.com/ 		303 B
718 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stingyspoon.com/7e9e02c6cf48a139431ec6b72aa6cbea9fb9e872d132d01d274288
Requested by
Host: savelocation.net
URL: https://savelocation.net/eb01c017dd86c9d49ec9da45225afe3c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e47383ed9db2e99d228f1ae581c6ba9b7b68b3cfad46c38edee681807954bc18
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 04 Jun 2024 17:11:59 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
x-buildnumber
1299687404
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://savelocation.net
x-hostname
fen-hoothoot-europe-west1-xmqk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
88e98b932b19d3af-CDG
expires
Tue, 04 Jun 2024 17:11:58 GMT
country
api.btloader.com/ 		37 B
153 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=5150306120761344
Requested by
Host: savelocation.net
URL: https://savelocation.net/eb01c017dd86c9d49ec9da45225afe3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
4bd237a558a65f50eff451631a951a8897a1c28941e6f58aab413f24033a9ccc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:59 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=8b4Rm7Vpvz&w=5161058679914496&o=5150306120761344&cv=2.1.45-3-gc22fd9c&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fsavelocation.net%2F&sid=lejspulTI&pm=false&upapi=true
Requested by
Host: savelocation.net
URL: https://savelocation.net/eb01c017dd86c9d49ec9da45225afe3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 04 Jun 2024 17:11:59 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
AGSKWxUj3TPQvy53q4K0IYOnZzc_dxjzc4vPCQ--Qk2UhWDpGOBoJc9JtGQ0HTEOAG3gifiHCbxVYQRNgXU5aNfAvt8Ga5FTwKUkSjq3nyBBCx8HUgqWrfM3p0EyFN3vr7-7yA6mcEcOnA==
fundingchoicesmessages.google.com/f/ 		640 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUj3TPQvy53q4K0IYOnZzc_dxjzc4vPCQ--Qk2UhWDpGOBoJc9JtGQ0HTEOAG3gifiHCbxVYQRNgXU5aNfAvt8Ga5FTwKUkSjq3nyBBCx8HUgqWrfM3p0EyFN3vr7-7yA6mcEcOnA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE3NTIxMTE5LDI4OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zYXZlbG9jYXRpb24ubmV0LyIsbnVsbCxbWzgsIlNaLVhRdUpvM0hNIl0sWzksImZyIl0sWzIwLCJbbnVsbCxudWxsLFs5NTMyOTg0M10sbnVsbCw5XSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.SZ-XQuJo3HM.es5.O/am=AAM/d=1/rs=AJlcJMw20WnX3UCsRn-msdOKv2HzYSvOWA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
930c11b83897d822ea44674d129112f0737fc4d36efd81472e83f82b184afdd1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VcPxgCDTnMvfzTq-TdvE8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-VcPxgCDTnMvfzTq-TdvE8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj8tDikmLw0ZBiOO90h-k6EBtoPGeyAGKJry-ZNIDYKX0GaxAQ-9TPYI0B4tab51inAnHSv_OsRUDc_vkC63QgFuLhuD_17yY2gQm9e-8zKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBkY6RmYxxcYAAAE-zMg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
e367245bfafeb431a50f56eed5d13d508d9eb04f225617f3740983
stingyspoon.com/ 		3 B
456 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stingyspoon.com/e367245bfafeb431a50f56eed5d13d508d9eb04f225617f3740983
Requested by
Host: savelocation.net
URL: https://savelocation.net/eb01c017dd86c9d49ec9da45225afe3c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 04 Jun 2024 17:11:59 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
x-buildnumber
1299687404
alt-svc
h3=":443"; ma=86400
content-length
3
server
cloudflare
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://savelocation.net
x-hostname
fen-hoothoot-europe-west1-xmqk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
88e98b93bb85d3af-CDG
expires
Tue, 04 Jun 2024 17:11:58 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.SZ-XQuJo3HM.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwFvcZNhdajTnULbhndHivJ0Xc8kQ/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
11904530b1336ffc595e931bec74bfae902a8bd03ebdd4633111ccb87c5602c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 17:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 17:11:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 17:11:59 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Origin
https://savelocation.net
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:39:21 GMT
x-content-type-options
nosniff
age
9158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:39:21 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: savelocation.net
URL: https://savelocation.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Origin
https://savelocation.net
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 19:45:43 GMT
x-content-type-options
nosniff
age
77176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Jun 2025 19:45:43 GMT
AGSKWxVyYtZP3oJS299DFlpj5ZQw9dwhzcGlWLtoBdykkNcSvqvFt1OyXAZSNI7OFvrjPipVa3Lp8eZDEXsMPB9Snxiz48cbuqjwy8QSga6XoMCElBSLwzLVBhyfhWCs3YYWOy1f0MleGg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVyYtZP3oJS299DFlpj5ZQw9dwhzcGlWLtoBdykkNcSvqvFt1OyXAZSNI7OFvrjPipVa3Lp8eZDEXsMPB9Snxiz48cbuqjwy8QSga6XoMCElBSLwzLVBhyfhWCs3YYWOy1f0MleGg==
Requested by
Host: savelocation.net
URL: https://savelocation.net/eb01c017dd86c9d49ec9da45225afe3c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f206.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zi-X6WfcZRNXB06u7OB2WQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 Jun 2024 17:11:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-zi-X6WfcZRNXB06u7OB2WQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII0pBicEqfwRoCxEI8HPen_t3EJtBx-MExJiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBmYKxnYBJfYAAA3ksjCA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://savelocation.net
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVyYtZP3oJS299DFlpj5ZQw9dwhzcGlWLtoBdykkNcSvqvFt1OyXAZSNI7OFvrjPipVa3Lp8eZDEXsMPB9Snxiz48cbuqjwy8QSga6XoMCElBSLwzLVBhyfhWCs3YYWOy1f0MleGg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVyYtZP3oJS299DFlpj5ZQw9dwhzcGlWLtoBdykkNcSvqvFt1OyXAZSNI7OFvrjPipVa3Lp8eZDEXsMPB9Snxiz48cbuqjwy8QSga6XoMCElBSLwzLVBhyfhWCs3YYWOy1f0MleGg==
Requested by
Host: savelocation.net
URL: https://savelocation.net/eb01c017dd86c9d49ec9da45225afe3c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f206.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ug-wAEYEFIfUtUhCuMMRCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 Jun 2024 17:11:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ug-wAEYEFIfUtUhCuMMRCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1JBicEqfwRoCxEI8HPen_t3EJvDi_4vjTEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDMwFjPwCS-wAAACAIjnA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://savelocation.net
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon.png
savelocation.net/img/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://savelocation.net/img/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.165.203.193 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.dantoo.net
Software
nginx /
Resource Hash
2de033d25bb58a6b9602a1096713e882047d141298db2aa1b46e539a2183328c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
etag
W/"1112-+e9CKxPZQE6F3TFA/I5P2tJVKKg"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
favicon-32x32.png
savelocation.net/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://savelocation.net/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.165.203.193 , France, ASN16276 (OVH, FR),
Reverse DNS
mail.dantoo.net
Software
nginx /
Resource Hash
e7a1dd752485271e74422e88f4c8797a1b4077f0e8a451e820936aee954d7eb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 17:11:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 18 Jan 2024 12:18:52 GMT
server
nginx
etag
W/"50c-18d1c8283e0"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1292
x-xss-protection
1; mode=block
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-729GCCR12X&gtm=45je4630v9121863643za200zb9121868708&_p=1717521118736&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2009534718.1717521119&ul=fr-fr&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1717521118&sct=1&seg=0&dl=https%3A%2F%2Fsavelocation.net%2F&dt=Save%20Location&en=scroll&epn.percent_scrolled=90&_et=7&tfd=5619
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-729GCCR12X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://savelocation.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 17:12:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://savelocation.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

276 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ramp object| google_tag_manager object| google_tag_data object| dataLayer function| admiral object| googletag string| _pwUserContentEncoding boolean| rampMinimal object| PageOS string| _pwGA4PageviewId function| gtag object| gaGlobal function| t function| e object| n object| r object| o function| s function| a function| c function| u function| p function| f function| h function| d function| v function| y function| m function| _ function| g function| b function| E function| w object| S function| x function| k function| O function| j function| T function| R function| N function| L function| C function| I function| A function| P function| D function| U function| q function| B object| M function| F function| H function| W function| Y function| J function| z function| X object| G string| V function| $ object| K function| Q function| Z function| tt undefined| et object| nt object| rt object| ot function| it function| st function| at function| ct function| ut undefined| lt object| pt number| ft function| ht function| dt object| vt object| yt object| mt function| _t function| gt object| bt object| Et object| wt function| St function| xt function| kt function| Ot function| jt function| Tt function| Rt function| Nt function| Lt function| Ct function| It function| At function| Pt function| Dt function| Ut function| qt object| Bt function| Mt function| Ft function| Ht function| Wt function| Yt function| Jt function| zt function| Xt object| Gt function| Vt object| $t object| Kt object| Qt object| Zt object| te object| ee function| ne function| re function| oe function| ie function| se function| ae function| ce function| ue function| le object| pe function| fe function| he function| de number| ve function| ye function| me function| _e function| ge function| be object| Ee function| we function| Se function| xe object| ke function| Oe function| je object| Te function| Re function| Ne function| Ce function| Ae function| De function| Ue function| qe function| Be function| Me function| Fe function| He object| We function| Ye function| Je function| ze function| Xe function| Ge function| Ve function| $e function| Ke object| Qe function| Ze object| tn function| en object| nn function| rn function| on object| sn object| an function| cn function| un function| ln function| pn function| fn function| hn function| dn function| vn function| yn function| mn function| _n function| gn function| bn function| En function| wn function| Sn function| xn function| On function| Tn function| Rn function| Ln function| In object| __SENTRY__ object| _pwTycheAB object| pwKinesisCreds number| cmpVersion boolean| tycheSampling number| tycheSamplingRate string| tychePath boolean| rampSampling number| rampSamplingRate string| rampPath number| _pageViewSR boolean| _pageViewSampling boolean| _adImpressionSampling number| _adImpressionSR object| _pwLogger boolean| excludeMoat string| _pwKassandraVer boolean| _pwUserInCA number| _pwFpSampling string| _pwUserCC object| pwEdgeFlags object| pwEdgeYieldOptions object| tyche object| webpackChunkpageos string| GoogleAnalyticsObject function| ga object| pageos object| __core-js_shared__ object| core object| ggeac object| google_js_reporting_queue function| 4dm1r11545242527 object| googlefc function| _xamzrequire object| AWS object| gaplugins object| gaData object| __pwpbjs__ object| _pbjsGlobals object| regeneratorRuntime object| __bt object| __bt_intrnl object| __bt_tag_d undefined| google_measure_js_timing object| google_reactive_ads_global_state undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_85424995 boolean| Moat#EVA object| moatPrebidApi boolean| __bt_already_invoked object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NTBiODRhZTA3MTliYzg1Y2xvYWRlcl9qcw== string| NTBiODRhZTA3MTliYzg1Y2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

8 Cookies

Domain/Path Name / Value
savelocation.net/ Name: ab_2_18_2023_video_provider
Value: playwire
.savelocation.net/ Name: _ga_RXJZTQQFCT
Value: GS1.1.1717521118.1.0.1717521118.0.0.0
savelocation.net/ Name: usprivacy
Value: 1---
.savelocation.net/ Name: _ga_729GCCR12X
Value: GS1.1.1717521118.1.0.1717521119.59.0.0
.savelocation.net/ Name: _ga
Value: GA1.2.2009534718.1717521119
.savelocation.net/ Name: _gid
Value: GA1.2.507246193.1717521119
.savelocation.net/ Name: _gat_UA-117981069-14
Value: 1
.savelocation.net/ Name: _awl
Value: 2.1717521119.5-fcc6158c78eff5692b5395f108ef973b-6763652d6575726f70652d7765737431-0

1 Console Messages

Source Level URL
Text
network error URL: https://savelocation.net/img/favicon.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
cdn.intergi.com
cdn.intergient.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
impression-inferences-edge-prod.playwire.com
mb.moatads.com
px.moatads.com
region1.analytics.google.com
region1.google-analytics.com
savelocation.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
stingyspoon.com
www.google-analytics.com
www.google.fr
www.googletagmanager.com
z.moatads.com
104.18.25.111
130.211.23.194
141.147.81.223
142.250.181.232
142.250.186.162
142.250.186.38
172.217.16.206
18.239.36.10
184.28.89.220
188.165.203.193
2001:4860:4802:34::36
216.58.206.67
23.35.237.151
2600:9000:20ae:3600:14:2602:6e80:93a1
2600:9000:223f:e200:8:48e:53c0:93a1
2600:9000:2250:a00:12:4abd:d340:93a1
2606:4700:10::6816:4ad8
2606:4700:20::681a:246
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c0d::9c
089f12de226200daa189d5bf5b73422e1c286b169b990242569037337707aab9
0b9385e02eb700e334675403ba0822637003fbeb50583f18a4a4a9121e4f7b60
0dbcc420a6581933afc1f876c9488d23ec1570cab3d71efc1525eab95399d11e
11904530b1336ffc595e931bec74bfae902a8bd03ebdd4633111ccb87c5602c5
1233e6614b2b6c8858872cceeef97a9e2057c5aadd0ff03877f7fda4849d1f8c
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2de033d25bb58a6b9602a1096713e882047d141298db2aa1b46e539a2183328c
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4694888192060d9c76853e91975d822483ea4e49a5f5862a04c2ec48cd939fa3
475997b18f6a698c3c00d1b974284bc83c480a63b1e3121a238184b2d6e229b7
4a311ccb9919ef196b4d6e51d76dde774577942cc9883cc82796e78cce0aa522
4bd237a558a65f50eff451631a951a8897a1c28941e6f58aab413f24033a9ccc
571bb1d010e865190deae18e58d15bb41a525385caa874fc9b3207bb9c941e3f
5ed24fdeeb60557016dce3b0a4024ab57469c822beb7a4c53601123a5daad00c
7237dfe879f41db3c16b15071216b15716abc9e52bc2e6a91fe225ac1dfb2d7a
7892fadadb8e7dc6005d9bc757b6a559ff7a4c75334d324e1320e87fa0da9145
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82d85b8d92bf574119854c2a4b7c635bfd88cad2b9e477e4597ced16f27cbdd2
86359d15ad279ac35373d8bad110321774daf543c6651105339c3ba3bfa38b9b
8ecc04237e7d70f3057450ad0ab2ef4c24fcb7705d3b61d924c42aa41485e1df
903b846f1a9923172254451f9f3d65003b3bb3ffa06ef1a19e66a831a7fea044
930c11b83897d822ea44674d129112f0737fc4d36efd81472e83f82b184afdd1
9fc044cb2022940f48beb1fcacb7ff4e4e3718784754ef291dbdca2dba5dd1ad
a332ce2103c3cc89f4e6c4f9ed8a931eadf04bb7a428bf49f4095ee9974996c9
ad7b42164f53bca3e06d297f5d8863b24a55db96fccad303a7ad7175f16c1d95
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb00a860660974b25947b756849035378feb8893f3699e16d391cabbf8374f2d
cbb62a6c89d71f7ad260195b78aeb780a650cf295f044bd47e849cfee4714817
ceb1b2fe730e9bd3b9d0353d196f9e40e72a51c9227ac432e0c9af6eaba4426c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47383ed9db2e99d228f1ae581c6ba9b7b68b3cfad46c38edee681807954bc18
e5a9acca4fb5e305393ef6ce2b2e7dfd4abf6f1fb8edffd3ad96fe455526c32d
e7a1dd752485271e74422e88f4c8797a1b4077f0e8a451e820936aee954d7eb1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b415f4c50a3c7b12eaf74eecdb666307fe2e74812139f05cbaaab468480e90
f9cba83b2b77aa577eb22903b66a37c2bde9535132966c6f999d52db1fce0ae4
fbca39f5590771458309fff1b15cf3303fc25b27706f45adcd3b1b28e0b0010d