cloud.alerts.savethechildren.org Open in urlscan Pro
128.245.132.77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.alerts.savethechildren.org/?qs=c41d69aace22ef3b4b1402f90f5d21debe53ff3359dcd2e2491957ea8bc70273c402d4f72ce3fc1a02c9df87e623...
Effective URL:
https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:02...
Submission: On February 13 via api (February 13th 2023, 2:25:16 pm UTC) from US — Scanned from DE

Summary HTTP 139 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 51 IPs in 9 countries across 61 domains to perform 139 HTTP transactions. The main IP is 128.245.132.77, located in United States and belongs to SALESFORCE, US. The main domain is cloud.alerts.savethechildren.org.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 18th 2022. Valid for: a year.

This is the only time cloud.alerts.savethechildren.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.245.145.225 128.245.145.225	14340 (SALESFORCE) (SALESFORCE)
1	128.245.132.77 128.245.132.77	14340 (SALESFORCE) (SALESFORCE)
1	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
19	2a02:26f0:dc:... 2a02:26f0:dc:292::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.225.78.35 13.225.78.35	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:dc:... 2a02:26f0:dc::6853:4c1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:249... 2600:9000:2491:e600:12:b144:100:21	16509 (AMAZON-02) (AMAZON-02)
2 5	34.249.28.111 34.249.28.111	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.60 13.32.27.60	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.64.114 151.101.64.114	54113 (FASTLY) (FASTLY)
1	3.248.89.226 3.248.89.226	16509 (AMAZON-02) (AMAZON-02)
2	13.37.25.97 13.37.25.97	16509 (AMAZON-02) (AMAZON-02)
1 1	18.203.152.154 18.203.152.154	16509 (AMAZON-02) (AMAZON-02)
1	63.35.113.29 63.35.113.29	16509 (AMAZON-02) (AMAZON-02)
2	44.241.55.126 44.241.55.126	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:fe00:9:7c30:be80:21	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 33	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1	34.98.72.238 34.98.72.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:26f0:11a... 2a02:26f0:11a::217:9a4a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	44.225.161.165 44.225.161.165	16509 (AMAZON-02) (AMAZON-02)
1 4	52.6.32.88 52.6.32.88	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.65.116 65.9.65.116	16509 (AMAZON-02) (AMAZON-02)
1	54.190.217.118 54.190.217.118	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
1 2	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
12	2.23.97.136 2.23.97.136	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.50.101.149 52.50.101.149	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:4000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	3.227.179.229 3.227.179.229	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
3	44.211.7.214 44.211.7.214	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
3 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.86.138.152 185.86.138.152	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	34.240.188.129 34.240.188.129	16509 (AMAZON-02) (AMAZON-02)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	18.193.14.187 18.193.14.187	16509 (AMAZON-02) (AMAZON-02)
1 1	23.203.125.189 23.203.125.189	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	3.121.31.24 3.121.31.24	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:cd79:34ae:bc6a:5e70	14618 (AMAZON-AES) (AMAZON-AES)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	2.18.79.136 2.18.79.136	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	108.156.68.46 108.156.68.46	16509 (AMAZON-02) (AMAZON-02)
1	54.72.113.247 54.72.113.247	16509 (AMAZON-02) (AMAZON-02)
2 2	18.159.14.212 18.159.14.212	16509 (AMAZON-02) (AMAZON-02)
1	54.84.231.24 54.84.231.24	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.210.118.107 54.210.118.107	14618 (AMAZON-AES) (AMAZON-AES)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
2 2	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	35.157.71.156 35.157.71.156	16509 (AMAZON-02) (AMAZON-02)
1 1	3.67.114.199 3.67.114.199	16509 (AMAZON-02) (AMAZON-02)
2 2	172.217.19.98 172.217.19.98	15169 (GOOGLE) (GOOGLE)
1	35.170.45.72 35.170.45.72	14618 (AMAZON-AES) (AMAZON-AES)
2 2	99.86.4.3 99.86.4.3	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1 1	45.79.141.248 45.79.141.248	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	35.85.106.161 35.85.106.161	16509 (AMAZON-02) (AMAZON-02)
1	52.12.117.226 52.12.117.226	16509 (AMAZON-02) (AMAZON-02)
6	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	99.86.1.140 99.86.1.140	16509 (AMAZON-02) (AMAZON-02)
139	51

1 128.245.145.225 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.alerts.savethechildren.org

click.alerts.savethechildren.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 128.245.132.77 (United States)

ASN14340 (SALESFORCE, US)
PTR: cloud.alerts.savethechildren.org

cloud.alerts.savethechildren.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:26f0:dc:292::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-35.fra2.r.cloudfront.net

www.savethechildren.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc::6853:4c1 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

image.alerts.savethechildren.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:e600:12:b144:100:21 (United States)

ASN16509 (AMAZON-02, US)

dx2eq2oh924g4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.249.28.111 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-28-111.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-60.fra56.r.cloudfront.net

cdn.decibelinsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.89.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-89-226.eu-west-1.compute.amazonaws.com

stc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.37.25.97 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

smetrics.savethechildren.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.152.154 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-152-154.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.113.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-113-29.eu-west-1.compute.amazonaws.com

savethechildrenfeder.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.241.55.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-55-126.us-west-2.compute.amazonaws.com

savethechildren.us-7.evergage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:fe00:9:7c30:be80:21 (United States)

ASN16509 (AMAZON-02, US)

d1n00d49gkbray.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 52.46.143.56 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.72.238 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.72.98.34.bc.googleusercontent.com

www.dgtrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::217:9a4a (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.225.161.165 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-161-165.us-west-2.compute.amazonaws.com

app.leadsrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.6.32.88 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-32-88.compute-1.amazonaws.com

tags.wdsvc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.190.217.118 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-190-217-118.us-west-2.compute.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.23.97.136 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-136.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.101.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-101-149.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:4000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.227.179.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-179-229.compute-1.amazonaws.com

tr2.smarterhq.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.211.7.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-211-7-214.compute-1.amazonaws.com

onsiteshq.smarterhq.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.188.129 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-188-129.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.14.187 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-14-187.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.125.189 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-189.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.31.24 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-31-24.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:cd79:34ae:bc6a:5e70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.79.136 (Vienna, Austria) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-136.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.68.46 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-156-68-46.ams1.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.113.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-113-247.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.14.212 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-14-212.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.231.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-231-24.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.210.118.107 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-118-107.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.71.156 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-71-156.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.114.199 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-114-199.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.19.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: muc03s07-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.170.45.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-45-72.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.3 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-3.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.141.248 (Cedar Knolls, United States) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: lciapi-ewr-15.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.85.106.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-106-161.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.12.117.226 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-117-226.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.1.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-140.fra6.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 373	24 KB
19	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 492	131 KB
12	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 821	109 KB
7	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 2099 insight.adsrvr.org — Cisco Umbrella Rank: 827 match.adsrvr.org — Cisco Umbrella Rank: 426	4 KB
6	smarterhq.io tr2.smarterhq.io — Cisco Umbrella Rank: 11747 onsiteshq.smarterhq.io — Cisco Umbrella Rank: 57430	2 KB
6	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 274 stc.demdex.net — Cisco Umbrella Rank: 279172	8 KB
6	savethechildren.org 1 redirects click.alerts.savethechildren.org — Cisco Umbrella Rank: 189348 cloud.alerts.savethechildren.org www.savethechildren.org — Cisco Umbrella Rank: 252678 image.alerts.savethechildren.org — Cisco Umbrella Rank: 307348 smetrics.savethechildren.org — Cisco Umbrella Rank: 287259	139 KB
4	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 393 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1655	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 765 www.linkedin.com — Cisco Umbrella Rank: 720 px4.ads.linkedin.com — Cisco Umbrella Rank: 6515	3 KB
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 8735 px.mountain.com — Cisco Umbrella Rank: 9076 gs.mountain.com — Cisco Umbrella Rank: 13503	8 KB
4	wdsvc.net 1 redirects tags.wdsvc.net — Cisco Umbrella Rank: 46280	29 KB
4	cloudfront.net dx2eq2oh924g4.cloudfront.net d1n00d49gkbray.cloudfront.net d6tizftlrpuof.cloudfront.net	145 KB
3	pubmatic.com 3 redirects image2.pubmatic.com — Cisco Umbrella Rank: 1431 image6.pubmatic.com — Cisco Umbrella Rank: 1001	974 B
3	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 883 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 687	2 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 303	3 KB
3	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 308	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 109	155 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 523	12 KB
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 2008	1 KB
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 705	352 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 203	543 B
2	serving-sys.com 2 redirects bs.serving-sys.com — Cisco Umbrella Rank: 2091 lm.serving-sys.com — Cisco Umbrella Rank: 3348	777 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 1067	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 917	998 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 442 token.rubiconproject.com — Cisco Umbrella Rank: 803	674 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 3487	874 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 813 usermatch.krxd.net — Cisco Umbrella Rank: 2167	358 B
2	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 888	2 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net — Cisco Umbrella Rank: 2545	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 405	883 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 93	20 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	239 B
2	ispot.tv 1 redirects pt.ispot.tv — Cisco Umbrella Rank: 3146 pi.ispot.tv — Cisco Umbrella Rank: 3061	616 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	137 KB
2	leadsrx.com app.leadsrx.com — Cisco Umbrella Rank: 14346	19 KB
2	evergage.com savethechildren.us-7.evergage.com — Cisco Umbrella Rank: 346175	1 KB
2	gstatic.com fonts.gstatic.com	34 KB
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 1519	168 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 4623	750 B
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1895	324 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 501	140 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1766	213 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 6722	419 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 4218	263 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 3633	879 B
1	tremorhub.com amazon.partners.tremorhub.com — Cisco Umbrella Rank: 6740	183 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 837	471 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 774	487 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 767	163 B
1	google.de www.google.de — Cisco Umbrella Rank: 3701	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 18	455 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1697	369 B
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 4254	11 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1464	5 KB
1	dgtrx.com www.dgtrx.com — Cisco Umbrella Rank: 337230	18 KB
1	omtrdc.net savethechildrenfeder.tt.omtrdc.net — Cisco Umbrella Rank: 291789	3 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1595	517 B
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 4548	48 KB
1	decibelinsight.net cdn.decibelinsight.net — Cisco Umbrella Rank: 10140	78 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 114	999 B
0	Failed function sub() { [native code] }. Failed
139	61

	Domain	Requested by
33	s.amazon-adsystem.com	1 redirects cloud.alerts.savethechildren.org s.amazon-adsystem.com
19	assets.adobedtm.com	cloud.alerts.savethechildren.org assets.adobedtm.com
12	analytics.tiktok.com	cloud.alerts.savethechildren.org analytics.tiktok.com
5	insight.adsrvr.org	cloud.alerts.savethechildren.org js.adsrvr.org
5	dpm.demdex.net	2 redirects cloud.alerts.savethechildren.org assets.adobedtm.com
4	tags.wdsvc.net	1 redirects cloud.alerts.savethechildren.org tags.wdsvc.net
3	ups.analytics.yahoo.com	3 redirects
3	ib.adnxs.com	3 redirects
3	onsiteshq.smarterhq.io	d1n00d49gkbray.cloudfront.net
3	tr2.smarterhq.io	d1n00d49gkbray.cloudfront.net cloud.alerts.savethechildren.org
3	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
3	bat.bing.com	assets.adobedtm.com bat.bing.com cloud.alerts.savethechildren.org
2	px.mountain.com	dx.mountain.com cloud.alerts.savethechildren.org
2	image6.pubmatic.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	us-u.openx.net	s.amazon-adsystem.com
2	sb.scorecardresearch.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	match.360yield.com	2 redirects
2	ads.stickyadstv.com	2 redirects
2	t.myvisualiq.net	2 redirects
2	x.bidswitch.net	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	cloud.alerts.savethechildren.org
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	assets.adobedtm.com connect.facebook.net
2	app.leadsrx.com	assets.adobedtm.com app.leadsrx.com
2	savethechildren.us-7.evergage.com	cdn.evgnet.com
2	smetrics.savethechildren.org	assets.adobedtm.com cloud.alerts.savethechildren.org
2	fonts.gstatic.com	fonts.googleapis.com
2	dx2eq2oh924g4.cloudfront.net	cloud.alerts.savethechildren.org
1	d6tizftlrpuof.cloudfront.net	cloud.alerts.savethechildren.org
1	match.adsrvr.org	cloud.alerts.savethechildren.org
1	gs.mountain.com	cloud.alerts.savethechildren.org
1	sync.taboola.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	token.rubiconproject.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	eb2.3lift.com	s.amazon-adsystem.com
1	ssum-sec.casalemedia.com	1 redirects
1	usermatch.krxd.net	s.amazon-adsystem.com
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	s.amazon-adsystem.com
1	pixel.rubiconproject.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	beacon.krxd.net	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	amazon.partners.tremorhub.com	s.amazon-adsystem.com
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	rtb-csync.smartadserver.com	s.amazon-adsystem.com
1	www.google.de	cloud.alerts.savethechildren.org
1	www.google.com	cloud.alerts.savethechildren.org
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	px4.ads.linkedin.com	cloud.alerts.savethechildren.org
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	w.usabilla.com	cloud.alerts.savethechildren.org
1	pt.ispot.tv	cloud.alerts.savethechildren.org
1	dx.mountain.com	assets.adobedtm.com
1	js.adsrvr.org	assets.adobedtm.com
1	snap.licdn.com	cloud.alerts.savethechildren.org
1	www.dgtrx.com	assets.adobedtm.com
1	d1n00d49gkbray.cloudfront.net	assets.adobedtm.com
1	savethechildrenfeder.tt.omtrdc.net	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	stc.demdex.net	assets.adobedtm.com
1	cdn.evgnet.com	assets.adobedtm.com
1	cdn.decibelinsight.net	assets.adobedtm.com
1	image.alerts.savethechildren.org	cloud.alerts.savethechildren.org
1	www.savethechildren.org	cloud.alerts.savethechildren.org
1	fonts.googleapis.com	cloud.alerts.savethechildren.org
1	cloud.alerts.savethechildren.org
1	click.alerts.savethechildren.org	1 redirects
0	44.238.122.172 Failed	dx.mountain.com
139	83

This site contains links to these domains. Also see Links.

Domain
www.savethechildren.org

Subject Issuer	Validity	Valid
cloud.alerts.savethechildren.org DigiCert TLS RSA SHA256 2020 CA1	`2022-10-18` - `2023-10-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
www.savethechildren.org Go Daddy Secure Certificate Authority - G2	`2022-12-14` - `2023-12-28`	a year	crt.sh
san-20-s12.tlsprovisioning.exacttarget.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-29` - `2023-06-11`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.decibelinsight.net Amazon	`2023-01-14` - `2024-02-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-13` - `2023-04-12`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.savethechildren.org DigiCert TLS RSA SHA256 2020 CA1	`2022-05-13` - `2023-06-13`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.us-7.evergage.com Amazon RSA 2048 M01	`2023-02-07` - `2023-09-29`	8 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
vfr12trk.com Starfield Secure Certificate Authority - G2	`2022-10-25` - `2023-11-26`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.leadsrx.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-05` - `2023-05-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-22` - `2023-02-20`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2022-05-21` - `2023-06-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.ispot.tv R3	`2023-01-14` - `2023-04-14`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2022-12-15` - `2024-01-15`	a year	crt.sh
w.usabilla.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-09`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
smarterhq.io Amazon	`2022-09-19` - `2023-10-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
tags.wdsvc.net Go Daddy Secure Certificate Authority - G2	`2022-11-03` - `2023-11-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.samplicio.us Amazon	`2022-03-18` - `2023-04-16`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Frame ID: 86BB3702EC5C2C74626B96E06CA29B6B
Requests: 93 HTTP requests in this frame

Frame: https://stc.demdex.net/dest5.html?d_nsid=0
Frame ID: A85DA7BA6BA5EB6DE9F4D77A0B725EA6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D2536428905417%3Bp%3D7B5E267F-6CF6-C436-4330-CC79E3EA1453&cb=942754537434384900&dcc=t
Frame ID: 8A7D0E66C10637BCD8BC8B9591983F5C
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/0b7d56c9da02.js?lv=1
Frame ID: 536252771D6F3B95E5F1741B4E4B8835
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=vEK1rgLyS0CjBWaRRsrr8A&dmt=3&ex-pl-n-g-hmt=LkCkzY91TuOx2mOyLgOSug&ep=ttam_T219Ay-cPciHbT10k0ZpkKrKn-0Q-N0VuddU6jdjlnDQHs6t1g0GAGOLYlBE9K8ywpi1pPRQMI6-KjpptplAL2xMWNrFcRMuKFGzSOpNJQ6LmOYIp_2vUzDEcEArxJ4GF7Kllll2fk-ZPpAVMqAa_zg_k8F40gQQHQ9f-3xSCyL65wRQBaaPcEyrRX7XiS0mJQZm4cN9sQrLHZoyCyFBPfvNUBb1SD40QEY6dtRw08KlBx_Nbj-c4Cgq0DhkrT58Y79Df-2Maf5uNjhadq5EaaKWaxd8pSvbcUs62H0i0nxvtnxtjFFBjV-bvWwWDip4Ft9FRQXt3Y7Z__wWVag4LFNphvu3vFqncyfwcgjl51B25TpA2tMxDpzS9VtwYCpHveRwyyhCAX6P1VUK1EIwFbwXVtg2EQm5T3apvvL9F4hnJqIPN_1wZz3cR9dHVQNtaTPAhL6WvYbPLLNSIlz7nPqhif92XEgcf_2P1wejP_LMQYIHgj6zlO5me1M8voHRpJbTBkwKEGoZaRpzNhVo-V3Kri8idFyCpYgL4twVFpiabYE3vEDB5AgmzU0v-kr3q0OLI5H0Z8yogzu3uWrr1-6MvjKoHpgORrSPAs
Frame ID: C5C9273B5D864B5067992885842D6C08
Requests: 41 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/save-the-children-usa-button-18e985c8f1327aa5b0db2be1ab660ba6.png
Frame ID: 2C63FF3A7FEE0F37A1E9A5719BA6D45A
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=a6t02yu&ref=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&upid=xvch1ck&upv=1.1.0
Frame ID: 463B6B2E5636BE76AB8EFB3B214E9763
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Email Preference Center | Save the Children

Page URL History Show full URLs

https://click.alerts.savethechildren.org/?qs=c41d69aace22ef3b4b1402f90f5d21debe53ff3359dcd2e2491957ea8bc70273c402d4f7... HTTP 302
https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_... Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/clientlibs/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

139
Requests

74 %
HTTPS

23 %
IPv6

61
Domains

83
Subdomains

51
IPs

9
Countries

1142 kB
Transfer

3023 kB
Size

88
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.savethechildren.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.alerts.savethechildren.org/?qs=c41d69aace22ef3b4b1402f90f5d21debe53ff3359dcd2e2491957ea8bc70273c402d4f72ce3fc1a02c9df87e623d91a146206aa2b8488ffa5cb82e5f8f7cf08 HTTP 302
https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1676298309676 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1676298309676

Request Chain 16

https://cm.everesttech.net/cm/dd?d_uuid=67282426639295641691761197966148712961 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_pIRgAAANmG9gN-

Request Chain 37

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D2536428905417%3Bp%3D7B5E267F-6CF6-C436-4330-CC79E3EA1453&cb=942754537434384900 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D2536428905417%3Bp%3D7B5E267F-6CF6-C436-4330-CC79E3EA1453&cb=942754537434384900&dcc=t

Request Chain 41

https://tags.wdsvc.net/controller.js?id=100229 HTTP 302
https://tags.wdsvc.net/container.js?id=100229&v=4.10&t=1676298310816

Request Chain 52

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4092132&time=1676298310604&url=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4092132%26time%3D1676298310604%26url%3Dhttps%253A%252F%252Fcloud.alerts.savethechildren.org%252Fpreferencecenter%253FsfmcEmail%253DBarbara.Moore%2540sabre.com%2526cid%253DEmail%253ASFMC%253AEmer_Turk_Syria%253ANew_Leads_b%253A021223%2526smtrctid%253D33262591%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4092132&time=1676298310604&url=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4092132&time=1676298310604&url=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&liSync=true&e_ipv6=AQIFlwCkn5IvLQAAAYZLKlaI9RaVaTeQ5iaY0Img3jWs5vuk-lQzndhP1HsBenL41ULkGnY

Request Chain 73

https://ib.adnxs.com/setuid/a9?entity=188&code=uiqxIiYFTFq3l7YU1rgk7Q&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DuiqxIiYFTFq3l7YU1rgk7Q%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=uiqxIiYFTFq3l7YU1rgk7Q

Request Chain 75

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=219013204426002209875&ex=neustar.biz

Request Chain 76

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=DLj2HSy_QdmHr5YufcyVpw&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=DLj2HSy_QdmHr5YufcyVpw&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y.pIR3AyqLSfgaOg8ONoHgAA

Request Chain 77

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=6471c7416ab8eb0653b2ffe64b318d27

Request Chain 78

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 79

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=CUn1hj4ZQDiChYyHZN4Ktw HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=CUn1hj4ZQDiChYyHZN4Ktw&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=CUn1hj4ZQDiChYyHZN4Ktw

Request Chain 80

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=50ee8a74-e5fe-4f39-908e-0a7954329b39

Request Chain 82

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://s.amazon-adsystem.com/ecm3?id=y-qiLfrldE2pHDWLYBRNz9yO3B.bOzvMiC5Iat~A&status=OK&ex=gemini

Request Chain 83

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=e5d09cd7f7c4f013757e54be2aeac1b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 84

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 86

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=1c75cdc1-2aa0-4f50-825d-671317c7bb08&ex=improvedigital.com

Request Chain 88

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10c004360b44e4308

Request Chain 89

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=22AdwN-fQKCsnguPG_N7Lw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=22AdwN-fQKCsnguPG_N7Lw

Request Chain 90

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=e43bvG4ZRZ24rcB6PK6ovg&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=e5d09cd7f7c4f013757e54be2aeac1b&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=e43bvG4ZRZ24rcB6PK6ovg

Request Chain 91

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=PGXYm64SS3yCX3YuF7yNOw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=67282426639295641691761197966148712961

Request Chain 93

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4347839742274488073

Request Chain 94

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=39f3a007-abaa-11ed-8955-1891fad20506 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=39f39fad-abaa-11ed-8955-1891fad20506

Request Chain 95

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2238e43630-1412-4f15-a0d6-4e0b5a0c08c2%22,%22Time%22:%2220230213T142512.479598%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=38e43630-1412-4f15-a0d6-4e0b5a0c08c2

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEIxUYlxvbGYjxN3M32nsyFo&google_cver=1

Request Chain 98

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=dda6630bed7a957145f4bfea1157fa28

Request Chain 100

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=Krh_dyAG4szv0-CUiYYGKzc4fXc4ZgIC

Request Chain 102

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=B1F46EC18ACF6427

Request Chain 103

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=7724110733514692959&ex=appnexus.com

Request Chain 104

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=Iy4NEM9iT1qcsc5hmiSxeg&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=Iy4NEM9iT1qcsc5hmiSxeg

Request Chain 105

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=gkR9gPKTq3yfyhKnKQR1UsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=LkCkzY91TuOx2mOyLgOSug& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 108

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2D4848EA638916282402BA6914

Request Chain 109

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=4a79fb8bb6d2357cf5717c57d82082bcf4f60c97db15a585763367883b1fa89f

Request Chain 110

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=CB239C6A-5E0E-4ABA-BAFA-3DAAE65CCC2D

Request Chain 112

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=1057fb6b-05a7-4962-9953-c97c9b743ec4-tuctae3cdc8

139 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request preferencecenter Show response
cloud.alerts.savethechildren.org/
Redirect Chain

https://click.alerts.savethechildren.org/?qs=c41d69aace22ef3b4b1402f90f5d21debe53ff3359dcd2e2491957ea8bc70273c402d4f72ce3fc1a02c9df87e623d91a146206aa2b8488ffa5cb82e5f8f7cf08
https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591

9 KB
3 KB

1224ms
324ms

Document
text/html

128.245.132.77
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 128.245.132.77 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS: cloud.alerts.savethechildren.org
Software: /
Resource Hash: ee893f27e1b955dda5a07e7dbf119b620d88117059a87f043ef2d37967ed0467

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Length: 3339
Content-Type: text/html; charset=utf-8
Date: Mon, 13 Feb 2023 14:25:08 GMT
Expires: -1
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 284
Content-Type: text/html; charset=utf-8
Date: Mon, 13 Feb 2023 14:25:07 GMT
Location: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
999 B 208ms
75ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&family=Oswald:wght@500&display=swap

Requested by

Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30ab3cad2bdc288855c0d445fa5b532d82ede4ac1269cc637e2fad0e348bd4da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Feb 2023 14:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 14:25:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Feb 2023 14:25:09 GMT

GET
H2 200 launch-d47d2de11878.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ 342 KB
99 KB 255ms
62ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4a16bc7d2e85efc46835a2ce98506167da6957f6f6893a63c0403617c2ef17bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:09 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:03 GMT
server: AkamaiNetStorage
etag: "c03e3956c60159180e45c51a02d8400b:1674054363.413675"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 100761
expires: Mon, 13 Feb 2023 15:25:09 GMT

GET
H2 200 stc-logo.svg
www.savethechildren.org/etc/clientlibs/us/clientlib-site/images/icons/ 12 KB
5 KB 164ms
43ms Image
image/svg+xml 13.225.78.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.savethechildren.org/etc/clientlibs/us/clientlib-site/images/icons/stc-logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-35.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

c5a36be2e59121b1b9d48afb6bc5b9492f9e7e6f214943f887607dca45ca0324

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' stc.marketing.adobe.com
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
content-security-policy: frame-ancestors 'self' stc.marketing.adobe.com
content-encoding: gzip
via: 1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
date: Wed, 08 Feb 2023 07:59:25 GMT
strict-transport-security: max-age=63072000;
x-amz-cf-pop: FRA2-C2
age: 455144
x-cache: Hit from cloudfront
content-length: 4812
last-modified: Thu, 17 Nov 2022 18:11:09 GMT
server: Apache
etag: "3130-5edae83730940-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: SLzhVENWGPaVTkG8iRsy9i2kNuestwXH-ykFFMxrQdvh4Z8OriQl6g==
expires: Wed, 15 Feb 2023 07:59:25 GMT

GET
H/1.1 200
OK dc3f90c7-977f-47b1-aa4f-6da02912d306.jpg
image.alerts.savethechildren.org/lib/fe39117371640479701570/m/1/ 129 KB
129 KB 1226ms
718ms Image
image/jpeg 2a02:26f0:dc::6853:4c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.alerts.savethechildren.org/lib/fe39117371640479701570/m/1/dc3f90c7-977f-47b1-aa4f-6da02912d306.jpg
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:4c1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 23c859119c753d940d35cab688e80ac1dfcf296a1fc931ebcb0db347554582f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 14:25:10 GMT
Last-Modified: Mon, 17 Oct 2022 15:36:21 GMT
Server: AkamaiNetStorage
ETag: "db21acbd494f40d464346bb58caebfed:1666020981.385291"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 131838

GET
H2 200 stc-vendor-aem.js Show response
dx2eq2oh924g4.cloudfront.net/js/ 312 KB
100 KB 183ms
50ms Script
application/javascript 2600:9000:2491:e600:12:b144:100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx2eq2oh924g4.cloudfront.net/js/stc-vendor-aem.js
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:e600:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4691508b8d47058f1dafd5da9f90839697992d2cd2f609696b0c1a758923bfb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 00:42:39 GMT
content-encoding: gzip
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
last-modified: Thu, 09 Feb 2023 23:38:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 308550
etag: W/"cf56b3457d5685c57137be5e7b711db6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604801
x-amz-cf-id: f-2w7tlbw5AtqEQj_lLWIof9PlCBaJEaj-pw7qYbT6vDeiIDmj5uZg==

GET
H2 200 stc-analytics-data-layer.js Show response
dx2eq2oh924g4.cloudfront.net/js/ 37 KB
11 KB 47ms
47ms Script
application/javascript 2600:9000:2491:e600:12:b144:100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx2eq2oh924g4.cloudfront.net/js/stc-analytics-data-layer.js
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:e600:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e32ac774f1b2a43edc5b9c7eb0f08d251ff1ef54fa2970f7f4e1476930152c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 00:42:40 GMT
content-encoding: gzip
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
last-modified: Wed, 14 Dec 2022 19:07:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 308550
etag: W/"28167e9768aa7c9046fe9c1f941af450"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604801
x-amz-cf-id: TUZdnanAbRmRTbrhIGtNssPqdGzGC_OBPFAYWcv5YvgZ_3ORg3qYEA==

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1676298309676
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1676298309676

362 B
1 KB

59ms
59ms

XHR
application/json

34.249.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1676298309676

Requested by

Protocol

HTTP/1.1

Server

34.249.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-28-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c9a088f08a823815b316ea959d813c2959ba4fcc4e015c815c8e3820cabb9423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-015700753.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: egrmq2B7S3I=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://cloud.alerts.savethechildren.org
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 305
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v046-03cf679dc.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: A4MYy+x3SJ8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://cloud.alerts.savethechildren.org
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1676298309676
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 62ms
62ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 13 Feb 2023 14:25:09 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Mon, 13 Feb 2023 15:25:09 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 3 KB
2 KB 69ms
68ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 13 Feb 2023 14:25:09 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Mon, 13 Feb 2023 15:25:09 GMT

GET
H2 200 di.js Show response
cdn.decibelinsight.net/i/13874/253647/ 200 KB
78 KB 148ms
46ms Script
text/javascript 13.32.27.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.decibelinsight.net/i/13874/253647/di.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-60.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

14ebc8ff9a61c03ccd8dc407b188678fa08b050929904bbfb746d658299f9a14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:09 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
server: nginx
etag: W/000060863-186300E9F5B
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=5400
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
x-amz-cf-id: cZGMIYQrs62jqm6bugg6FnpHeq3O0ZZNDXpX9tRQmlqTw-hQJ-fibw==

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 233ms
103ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Oswald:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f8cb94dc31befeebeb9b93a9ab4194e8b839edd9985d973b23514f7a6c52a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cloud.alerts.savethechildren.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 15:42:43 GMT
x-content-type-options: nosniff
age: 340946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10260
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:12:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 15:42:43 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 182ms
51ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Oswald:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cloud.alerts.savethechildren.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:21:12 GMT
x-content-type-options: nosniff
age: 515037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:21:12 GMT

GET
H2 200 RC2bd87301eb114379b56ad60b1e4c5bc9-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 665 B
655 B 62ms
61ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RC2bd87301eb114379b56ad60b1e4c5bc9-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 57a9e3e1dfc314ba9f6563bd88aa2a83fce5c4c8480b78b5aaae2e96b17749eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:09 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 379
expires: Mon, 13 Feb 2023 15:25:09 GMT

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/savethechildren/production/scripts/ 205 KB
48 KB 256ms
128ms Script
application/javascript 151.101.64.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/savethechildren/production/scripts/evergage.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 227d09832c052261f9cbea804d9d6fdfb37d8087801007974f5d232670c3ff0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: JemTPIJFl.v.tNA22x.Ps.QN1LORpbw3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 13 Feb 2023 14:25:10 GMT
x-amz-request-id: FAGKXM640X1996JD
age: 95
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
content-length: 48516
x-amz-id-2: QqaGYCEOkeX7vbWxTVBpadolO+CDmZt5Vy4rWY0D7wCVQYAkdpiz6xKuzNzXWALqFlcp3FkGJ8DMuAXr/58DDw==
x-served-by: cache-iad-kiad7000028-IAD, cache-hhn-etou8220029-HHN
x-amz-meta-evergage-sum: 4fbed4bd5205415af80659fc47a91106285aa9d9
last-modified: Fri, 10 Feb 2023 18:27:40 GMT
server: AmazonS3
x-timer: S1676298310.979962,VS0,VE88
etag: "4d54195778f2d44b8ea476ef6de353ed"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 3, 1

GET
H/1.1 200
OK dest5.html Show response
stc.demdex.net/ Frame A85D 7 KB
3 KB 311ms
56ms Document
text/html 3.248.89.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stc.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.89.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-89-226.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cloud.alerts.savethechildren.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v046-08026f3a6.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: QgpBZAq3Rk4=
content-encoding: gzip
date: Mon, 13 Feb 2023 14:25:10 GMT
last-modified: Wed, 8 Feb 2023 11:26:58 GMT
vary: accept-encoding

GET
H2 200 id Show response
smetrics.savethechildren.org/ 48 B
475 B 245ms
50ms XHR
application/x-javascript 13.37.25.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.savethechildren.org/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=6B0E659F56A9E70D7F000101%40AdobeOrg&mid=67613886401170920251800254659148060849&ts=1676298310033

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

482088696f16ceca227f58751b928ccda02ffbe6c506c828ac76415896edde90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://cloud.alerts.savethechildren.org
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y_pIRgAAANmG9gN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=67282426639295641691761197966148712961
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_pIRgAAANmG9gN-

42 B
942 B

65ms
64ms

Image
image/gif

34.249.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_pIRgAAANmG9gN-

Requested by

Protocol

HTTP/1.1

Server

34.249.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-28-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-05b75a697.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: zjfQuxL6T3I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_pIRgAAANmG9gN-
Date: Mon, 13 Feb 2023 14:25:10 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
savethechildrenfeder.tt.omtrdc.net/rest/v1/ 11 KB
3 KB 247ms
67ms XHR
application/json 63.35.113.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://savethechildrenfeder.tt.omtrdc.net/rest/v1/delivery?client=savethechildrenfeder&sessionId=5e4705e0003c4b3db2f4305a5d28db1b&version=2.9.0
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.113.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-113-29.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0e2ba28a70acdfd6cc0d73ebd3ffd0eefcc2b6c872bd6a7f0f29b6296bd3f6f8

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://cloud.alerts.savethechildren.org
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 8fc99362368dfacc755191bd28866e49

GET
H2 200 production Show response
savethechildren.us-7.evergage.com/api2/event/ 137 B
708 B 749ms
217ms XHR
application/json 44.241.55.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savethechildren.us-7.evergage.com/api2/event/production?event=eyJzb3VyY2UiOnsicGFnZVR5cGUiOiJEZWZhdWx0IFBhZ2UgVHlwZSIsInVybCI6Imh0dHBzOi8vY2xvdWQuYWxlcnRzLnNhdmV0aGVjaGlsZHJlbi5vcmcvcHJlZmVyZW5jZWNlbnRlcj9zZm1jRW1haWw9QmFyYmFyYS5Nb29yZUBzYWJyZS5jb20mY2lkPUVtYWlsOlNGTUM6RW1lcl9UdXJrX1N5cmlhOk5ld19MZWFkc19iOjAyMTIyMyZzbXRyY3RpZD0zMzI2MjU5MSIsInVybFJlZmVycmVyIjoiIiwiY2hhbm5lbCI6IldlYiIsImJlYWNvblZlcnNpb24iOjE2LCJjb25maWdWZXJzaW9uIjoiMjIiLCJjb250ZW50Wm9uZXMiOltdfSwidXNlciI6eyJhbm9ueW1vdXNJZCI6IjMxNmM0NWIzZmRjNGExMjYifSwiaW50ZXJhY3Rpb24iOnsibmFtZSI6IkRlZmF1bHQgUGFnZSBUeXBlIn0sInBhZ2VWaWV3Ijp0cnVlLCJjb25zZW50cyI6W10sImFjY291bnQiOnt9LCJfdG9vbHNFdmVudExpbmtJZCI6IjA1NDczNTQwODE5OTE4NDIxIiwiZXhwbGFpbiI6dHJ1ZX0%3D

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/savethechildren/production/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.55.126 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-55-126.us-west-2.compute.amazonaws.com

Software

Resource Hash

ddd038b266057d11d6fc3276d91ed810c401c861b7eb00ac5688c80f507fe985

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://cloud.alerts.savethechildren.org
access-control-allow-credentials: true
timing-allow-origin: *

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 362 B
1 KB 87ms
58ms XHR
application/json 34.249.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&d_mid=67613886401170920251800254659148060849&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=userid%0167613886401170920251800254659148060849&ts=1676298310329

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-28-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf53d5c98b4aeabc1e5c30f681f4150651432d8bdc6d5904643914ead40b4a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v046-05f641722.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: MpBZ3Pr+QHI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://cloud.alerts.savethechildren.org
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
X-Error: 300
Connection: keep-alive
Content-Length: 307
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 RCb36da39812024952b27cbb37fe487ff2-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 3 KB
2 KB 62ms
61ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RCb36da39812024952b27cbb37fe487ff2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9673752483c4e7aa494754ad77a55ac00175cfc51309d32c7c9552489173472a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1464
expires: Mon, 13 Feb 2023 15:25:10 GMT

GET
H2 200 RC6f334b10b26f458fb9594f438b46577a-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 2 KB
1 KB 63ms
61ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RC6f334b10b26f458fb9594f438b46577a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7cd232d5bdfa34393b0885c149bde2ed699e8bf43d611704ead2b6d33b64d5fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1061
expires: Mon, 13 Feb 2023 15:25:10 GMT

GET
H2 200 RC85e990005f5d4576a8167cf1a1a6c1b4-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 2 KB
984 B 64ms
62ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RC85e990005f5d4576a8167cf1a1a6c1b4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 70d9c29ad7b44c2a878de735f8bda4ad54435697a16628cff6e53ce648c2460b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 708
expires: Mon, 13 Feb 2023 15:25:10 GMT

GET
H2 200 RCfc1bafc7dd23416bbee79cc22c704e2f-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 1 KB
908 B 72ms
70ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RCfc1bafc7dd23416bbee79cc22c704e2f-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ea6232068224c811afd3c266f500b397a55c2e69aa8e053c13c341db99077842

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 632
expires: Mon, 13 Feb 2023 15:25:10 GMT

GET
H2 200 RC86ce6cff66df46ad9e1d606658d114be-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 913 B
757 B 64ms
62ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RC86ce6cff66df46ad9e1d606658d114be-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3e7d451c7ea1387503259f1798e054d426287e1e5e9dfa74296f47062090f446

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 481
expires: Mon, 13 Feb 2023 15:25:10 GMT

GET
H2 200 RC29e9ca088d454b16a61689b7b7827234-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 2 KB
1 KB 71ms
69ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RC29e9ca088d454b16a61689b7b7827234-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c11da27641bcc9d2a1b9cf1b68c7091472b3a1f0d97c7718cef3b23cd318bf46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 782
expires: Mon, 13 Feb 2023 15:25:10 GMT

GET
H2 200 RC543a5c6ce5a74ab5951bb5d2f65f9cdf-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 947 B
793 B 73ms
72ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RC543a5c6ce5a74ab5951bb5d2f65f9cdf-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 11c17435613d52510239a4f9e6a99b43ff10cf86a355fa80bfdd1ce0639fd8be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 517
expires: Mon, 13 Feb 2023 15:25:10 GMT

GET
H2 200 RCf79fc1038c2a4b72bdfd02defa7e8cbc-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 3 KB
1 KB 72ms
70ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RCf79fc1038c2a4b72bdfd02defa7e8cbc-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a1858318092d0216a76e71fcc9a1a43f7abf3a3879ab44e2e9ed729ca0cdf2aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1079
expires: Mon, 13 Feb 2023 15:25:10 GMT

GET
H2 200 RCa0df4cd8b88d4571ba669bc769fb3c9c-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 3 KB
1 KB 75ms
73ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RCa0df4cd8b88d4571ba669bc769fb3c9c-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ad03f2d9717e9a1726eb72a6e57806dc3dbbe31cce440b4d20e05c608be5b861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1196
expires: Mon, 13 Feb 2023 15:25:10 GMT

GET
H2 200 RC70221449d05c4c009c1482b20cbbc153-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 2 KB
1 KB 73ms
72ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RC70221449d05c4c009c1482b20cbbc153-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ea6033c98f9da46fcabe5982aabe66949f2071aaf3034e7597c294b9b21e0dfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 811
expires: Mon, 13 Feb 2023 15:25:10 GMT

GET
H2 200 RCeacb79e41c2e4edbaefa7f3947ba2208-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 1 KB
877 B 130ms
129ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RCeacb79e41c2e4edbaefa7f3947ba2208-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6deded597bcea6aa6e91fda2b241095a04be8ec03bdbed3b0895581384180232

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 602
expires: Mon, 13 Feb 2023 15:25:10 GMT

GET
H2 200 RCe1e1b434f35b4ae6b2e3062f395d32e0-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 2 KB
1 KB 126ms
125ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RCe1e1b434f35b4ae6b2e3062f395d32e0-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 718ce96434a7bde022f8fc0f911fb56cf1605bea08c8cd8b6d02bf2d3e77a9f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1020
expires: Mon, 13 Feb 2023 15:25:10 GMT

GET
H2 200 RC890fe151cf724ae6ab6953052f02d8be-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 2 KB
1 KB 129ms
128ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RC890fe151cf724ae6ab6953052f02d8be-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: be7391a23e9fbd4e67d57e15d54752b4f16bbee53448bf3e79f536349c1305d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 838
expires: Mon, 13 Feb 2023 15:25:10 GMT

GET
H2 200 RC4e6fbd16532046dea5800addad491d30-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 3 KB
2 KB 130ms
130ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RC4e6fbd16532046dea5800addad491d30-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 143c363b622e480ab56844ea4c7d173beef2506a6c8e7af20d96e2641bf2e64d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1375
expires: Mon, 13 Feb 2023 15:25:10 GMT

GET
H2 200 RC7f38ff66ba7e49efbce1968da730cce3-source.min.js Show response
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/ 3 KB
2 KB 127ms
127ms Script
application/x-javascript 2a02:26f0:dc:292::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/a845522509f0/RC7f38ff66ba7e49efbce1968da730cce3-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:292::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4abfaec59b56e621da4b5e41cb2e0651d4efd2332d3802ef52c090046f4b3937

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 15:06:05 GMT
server: AkamaiNetStorage
etag: "123f8250dd943fe5091528c32c2134eb:1674054365.089145"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1363
expires: Mon, 13 Feb 2023 15:25:10 GMT

GET
H2 200 savethechildren.js Show response
d1n00d49gkbray.cloudfront.net/js/ 73 KB
25 KB 208ms
39ms Script
application/javascript 2600:9000:2057:fe00:9:7c30:be80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1n00d49gkbray.cloudfront.net/js/savethechildren.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:fe00:9:7c30:be80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 927fd23005d88e731fe6ef42b1dc0d0ccb423fa2aea68aa6dc5e5367b32253c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: Vunt1U7oJIkDTN.qZ_uCtPtrw_Dgk_SZ
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
date: Mon, 13 Feb 2023 07:14:33 GMT
last-modified: Wed, 16 Nov 2022 16:14:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 25933
x-amz-server-side-encryption: AES256
etag: W/"2c1c4c57b5a059d7a103cd92f18e8960"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: ec8G-8tEfCC_g5yfra8MGiHPJ26WwHRZ5Tv7c8Xx3K1c7zdbOqhdXQ==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 200ms
74ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 13 Feb 2023 14:25:10 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3AB60ED6EE1F4F4C8F16AE2FE68E5D88 Ref B: FRA31EDGE0620 Ref C: 2023-02-13T14:25:10Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11563

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 8A7D
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D253...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D253...

1 KB
2 KB

141ms
141ms

Document
text/html

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D2536428905417%3Bp%3D7B5E267F-6CF6-C436-4330-CC79E3EA1453&cb=942754537434384900&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

a5d05401cac92d35f9cb3083e7dcf157ad8d6fb073d95ed81ce1665781864cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://cloud.alerts.savethechildren.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1230
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 13 Feb 2023 14:25:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 4DFH7BREA7SR415SVDHR

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 13 Feb 2023 14:25:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D2536428905417%3Bp%3D7B5E267F-6CF6-C436-4330-CC79E3EA1453&cb=942754537434384900&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: HAXY77GNNX5Z60PCA8K3

GET
H2 200 everflow.js Show response
www.dgtrx.com/scripts/sdk/ 58 KB
18 KB 329ms
174ms Script
text/javascript 34.98.72.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dgtrx.com/scripts/sdk/everflow.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.238 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.72.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d825df92e797e394f3ea50582dfc84b1e0c6bee3552aa99bb4fd25180408d045

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: f5b221d1-6a60-4447-9408-39c60818b3da
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 174ms
47ms Script
application/x-javascript 2a02:26f0:11a::217:9a4a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a4a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=33426
accept-ranges: bytes
content-length: 4777

GET
H2 200 visitor.js Show response
app.leadsrx.com/ 18 KB
19 KB 702ms
199ms Script
application/javascript 44.225.161.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.leadsrx.com/visitor.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.225.161.165 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-225-161-165.us-west-2.compute.amazonaws.com

Software

nginx/1.20.1 /

Resource Hash

6b5116bd2cb4809c6634b99a9b1ea0a0aeda596a94817682a0e4811e35eccc58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Feb 2023 12:25:58 GMT
server: nginx/1.20.1
etag: "63ea2c56-492f"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 18735

GET
H/1.1

200
OK

container.js Show response
tags.wdsvc.net/
Redirect Chain

https://tags.wdsvc.net/controller.js?id=100229
https://tags.wdsvc.net/container.js?id=100229&v=4.10&t=1676298310816

27 KB
27 KB

234ms
234ms

Script
text/javascript

52.6.32.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.wdsvc.net/container.js?id=100229&v=4.10&t=1676298310816
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: HTTP/1.1
Server: 52.6.32.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-32-88.compute-1.amazonaws.com
Software: /
Resource Hash: 978c97ea401ec21fd66e9b71911cf9a5d33d7d4b694eb86ee8522e7438d1d657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:10 GMT
Content-Type: text/javascript
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Content-length: 27353
Expires: Mon, 3 Jan 2005 13:00:00 GMT

Redirect headers

location: https://tags.wdsvc.net/container.js?id=100229&v=4.10&t=1676298310816
Date: Mon, 13 Feb 2023 14:25:10 GMT
Cache-Control: private, no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 140ms
42ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 13 Feb 2023 14:25:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ocpuly6lEnFEBofxqoHcGRIjvj8k8+5pqq2GCnfffY4QLV7eXam3prxGZfAwwEjGKyXGnx3lhxLcF3eMcRdJjg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 147ms
40ms Script
application/x-javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-65-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 10:37:53 GMT
Content-Encoding: gzip
Via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C1
Age: 13638
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: -O9PE8DUPXuek6KU6S71DP9y6A36cXJg6Rur7pnep2nVHoUMp1WNSw==

GET
H2 200 s29666508474282
smetrics.savethechildren.org/b/ss/stcf.prod.us/5.1/JS-2.22.4-LCXS/ 43 B
270 B 52ms
52ms Image
image/gif 13.37.25.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.savethechildren.org/b/ss/stcf.prod.us/5.1/JS-2.22.4-LCXS/s29666508474282?AQB=1&ndh=1&pf=1&t=13%2F1%2F2023%2014%3A25%3A10%201%200&cid.&userid.&id=67613886401170920251800254659148060849&.userid&.cid&sdid=7179D5EA66D978A2-7481FEEF317C61E2&mid=67613886401170920251800254659148060849&aamlh=6&ce=Windows-1257&cl=SESSION&pageName=Email%20Preference%20Center&g=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3Fcid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&cc=USD&server=cloud.alerts.savethechildren.org&v0=Email%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223&events=event79%3D2.635&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=D%3Dg&v2=D%3DpageName&c10=D%3Dv95&v12=Email%7CEmail%7CSFMC%7CEmer_Turk_Syria%7CNew_Leads_b%7C02%2F12%2F2023&v14=D%3Dmid&c15=D%3Dv3&c16=D%3Dv16&v16=none&v26=Email%20Preference%20Center%20Page&v27=New&c28=D%3Dv28&c29=D%3Dv36&v36=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter&c49=D%3Dv49&v49=year%3D2023%20%7C%20month%3DFebruary%20%7C%20date%3D13%20%7C%20day%3DMonday%20%7C%20time%3D9%3A25%3A10%20AM&c51=D%3Dv51&v52=D%3Dg&c53=D%3Dv53&c54=D%3Dv54&v54=Email%20Preference%20Center&c55=D%3Dv27&c58=D%3Dv26&c59=D%3Dv59&c61=D%3Dv61&v61=us&c62=D%3Dv62&v62=en&v80=false&v81=false&v82=false&v83=false&v95=2.635&v110=Launch&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=6B0E659F56A9E70D7F000101%40AdobeOrg&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 14 Feb 2023 14:25:10 GMT
server: jag
etag: 3599823210553901056-4619684444387648321
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 12 Feb 2023 14:25:10 GMT

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 14 KB
4 KB 865ms
209ms Script
application/javascript 54.190.217.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32293&tdr=&plh=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&cb=7627780129856943&term=value
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.190.217.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-190-217-118.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: abec98a84ef0c018b62c004e84456a0cd1a83537f2a9715c3014e17149386927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 2
connection: close
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
44 KB 211ms
79ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11620455

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c65fdb9a9096dd12112c7cc227c15d4e70d8869d74a2f2f30a0e555e5d24bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44363
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Feb 2023 14:25:10 GMT

GET
H2 200 TC-4134-1.gif
pt.ispot.tv/v2/ 43 B
316 B 174ms
45ms Image
image/gif 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-4134-1.gif?app=web&type=visit
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 13 Feb 2023 14:25:10 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 364ms
159ms Script
application/javascript 2.23.97.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDCLPP3C77U6290RJ8C0&lib=ttq
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 971d66d8d07105d2905682f357f6eda2afd4225a47d727255db9305b6f563a67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 769df95e.4e2ec842
date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-132.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 104,2.23.97.132
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=6, inner; dur=3
content-length: 1132
pragma: no-cache
server: nginx
x-tt-logid: 20230213142510C63A7483CE0C5B43FF82
x-cache-remote: TCP_MISS from a23-220-107-78.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.107.78
x-tt-trace-host: 0129b2af6d1f5777e5474c8b0c836d990512c304b0386c2ea1507da47d7aaf08ac855a8ca222437fee40caa19ab50238895015009d96efd54a6c8bd886f4271e58a8f1bb83c31fa1c35d009d1c9d629b40b06d4b35693a9ebb69997ddbfa61b23b4170a9ba4a4995c556d6adef0f37a7d7
expires: Mon, 13 Feb 2023 14:25:10 GMT

GET
H2 200 0b7d56c9da02.js Show response
w.usabilla.com/ Frame 5362 37 KB
11 KB 233ms
56ms Script
text/javascript 52.50.101.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/0b7d56c9da02.js?lv=1
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.101.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-101-149.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1c7ba8604dcd94b9cca5ab0c1f3bec06f478072e50f4cc2e3edf243e4040798d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "8b79752892dfb3f9099dbdbd9454a8c8"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 11114

GET
H2 200 175734969458030 Show response
connect.facebook.net/signals/config/ 381 KB
109 KB 51ms
49ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/175734969458030?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7da014e3280b4bcba02d273b3d35770d3e731ff12237b777776fae1d5ca11ded

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 13 Feb 2023 14:25:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 111125
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: S2lr5nLFsHpBiQkEMucBdqZ8TcZfLXTs9aSu0IyaKInkUeCgDTrKdjUB3gWpDhOc7eE/YUr7bSN5hSFrnONnpA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4092132/domain/cloud.alerts.savethechildren.org/ 36 B
369 B 338ms
184ms XHR
application/json 2600:9000:206f:4000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4092132/domain/cloud.alerts.savethechildren.org/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: gzip
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: qpcBeJ3f6Yi5WL3QvyVPwitGu1dAYBjRpwU-NbMm6oiUMyNFab4O2A==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4092132&time=1676298310604&url=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DE...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4092132%26time%3D1676298310604%26url%3Dhttps%253A%252F%252Fcloud.alerts.savethech...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4092132&time=1676298310604&url=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DE...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4092132&time=1676298310604&url=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3D...

0
266 B

312ms
210ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4092132&time=1676298310604&url=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&liSync=true&e_ipv6=AQIFlwCkn5IvLQAAAYZLKlaI9RaVaTeQ5iaY0Img3jWs5vuk-lQzndhP1HsBenL41ULkGnY
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:11 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 01D5AC2FBE564CCDA12CAB42CD6EE4CD Ref B: FRAEDGE2015 Ref C: 2023-02-13T14:25:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0lZ1mvgTUxl4DZbyRvQ==

Redirect headers

date: Mon, 13 Feb 2023 14:25:11 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: C748B5DDE3BC44A683C5F7BBBA55818D Ref B: FRAEDGE2009 Ref C: 2023-02-13T14:25:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4092132&time=1676298310604&url=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&liSync=true&e_ipv6=AQIFlwCkn5IvLQAAAYZLKlaI9RaVaTeQ5iaY0Img3jWs5vuk-lQzndhP1HsBenL41ULkGnY
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0lZ1h6uN7M2FU7mxhNA==

GET
H2 204 5439503.js Show response
bat.bing.com/p/action/ 0
119 B 155ms
155ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5439503.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 13 Feb 2023 14:25:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B2ADDA16DE8546BFA2B7B72DE419C08F Ref B: FRA31EDGE0620 Ref C: 2023-02-13T14:25:10Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 70ms
69ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5439503&Ver=2&mid=30ff1c17-f0a0-4947-adaa-cf0acb333ec0&sid=38ec2130abaa11eda04e5367dd73e5b4&vid=38ec4220abaa11edb9b3094701dd664c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Email%20Preference%20Center%20%7C%20Save%20the%20Children&p=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&r=&lt=2641&evt=pageLoad&sv=1&rn=380923

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 13 Feb 2023 14:25:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8A2605F149E74D609FD9231BB4B25E90 Ref B: FRA31EDGE0620 Ref C: 2023-02-13T14:25:10Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SmarterHandler.ashx Show response
tr2.smarterhq.io/app1/ 295 B
417 B 391ms
119ms Script
text/javascript 3.227.179.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=917558571&i=fyl6dahrce-1092&cb=_smtr.postprocess&cu=true&bv=2.7.14&utc=0&ctid=33262591&pt=5&href=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&hostn=cloud.alerts.savethechildren.org&pathn=%2Fpreferencecenter
Requested by: Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/savethechildren.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.179.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-179-229.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 427f8b4ac872d051c8ce1a09a21491cd8dd4e4231a82d3876adddf103de736dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:10 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 295
content-type: text/javascript

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 126ms
41ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=175734969458030&ev=PageView&dl=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&rl=&if=false&ts=1676298310756&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22476958242912126%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%222690107274549883%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22512804019569006%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22554416668662072%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221151582051705481%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&cs_est=true&fbp=fb.1.1676298310746.1890940717&it=1676298310593&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 13 Feb 2023 14:25:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 80ms
79ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-85748307-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11620455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5121bc9d182223d675a7ac29dbef35c6e537ee1fcb2fde58a7a7d8ecf3210fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44107
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Feb 2023 14:25:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 107ms
106ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1069852215&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11620455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba36ab95369ed656d228bbb5596d13e4fe503768fcbb29d01ab4c26bbc8af93e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69472
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Feb 2023 14:25:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 184ms
52ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85748307-2&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Feb 2023 13:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4385
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 13 Feb 2023 15:12:06 GMT

POST
H2 204 pr
savethechildren.us-7.evergage.com/ 0
451 B 202ms
201ms Ping
text/plain 44.241.55.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://savethechildren.us-7.evergage.com/pr?.top=762&action=Default%20Page%20Type&.tt=750&.ttdns=123&.dt=2642&.btdns=46&.bv=16&_ak=savethechildren&_ds=production&.scv=22&channel=Web&_r=104536&.anonId=316c45b3fdc4a126&_anon=true

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/savethechildren/production/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.55.126 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-55-126.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://cloud.alerts.savethechildren.org
date: Mon, 13 Feb 2023 14:25:11 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069852215/ 2 KB
2 KB 251ms
123ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069852215/?random=1676298310943&cv=11&fst=1676298310943&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&tiba=Email%20Preference%20Center%20%7C%20Save%20the%20Children&auid=2061693225.1676298311&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1069852215&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a42ca1731f388dd11cad1dbec6188352ec24a352783bce02509f135469c9adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1004
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWNiNWY1N2YyNA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 263 KB
70 KB 92ms
92ms Script
application/javascript 2.23.97.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDCLPP3C77U6290RJ8C0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fabc5a49269ec5c2dc576471f74f5b0f5c935017e8080f88a9e70524181c6c3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 4e2ec9b2
date: Mon, 13 Feb 2023 14:25:11 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202302072109189E904EB6E1C66F1F80FC
vary: Accept-Encoding
x-cache: TCP_HIT from a2-23-97-132.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01cac9ceaab9cb961c3522b1affc6378c83ac582c384531b7195644c80e1b3efc1c6a165cd37b441d62543feefda760fd1fbcb185f2ac61c8e48975b67b88286dc2491cdb9d955b3ffa536ed27d27b56752e6091e50314994da0a80e93defbb125
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length: 71505

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame C5C9 6 KB
7 KB 125ms
125ms Document
text/html 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=vEK1rgLyS0CjBWaRRsrr8A&dmt=3&ex-pl-n-g-hmt=LkCkzY91TuOx2mOyLgOSug&ep=ttam_T219Ay-cPciHbT10k0ZpkKrKn-0Q-N0VuddU6jdjlnDQHs6t1g0GAGOLYlBE9K8ywpi1pPRQMI6-KjpptplAL2xMWNrFcRMuKFGzSOpNJQ6LmOYIp_2vUzDEcEArxJ4GF7Kllll2fk-ZPpAVMqAa_zg_k8F40gQQHQ9f-3xSCyL65wRQBaaPcEyrRX7XiS0mJQZm4cN9sQrLHZoyCyFBPfvNUBb1SD40QEY6dtRw08KlBx_Nbj-c4Cgq0DhkrT58Y79Df-2Maf5uNjhadq5EaaKWaxd8pSvbcUs62H0i0nxvtnxtjFFBjV-bvWwWDip4Ft9FRQXt3Y7Z__wWVag4LFNphvu3vFqncyfwcgjl51B25TpA2tMxDpzS9VtwYCpHveRwyyhCAX6P1VUK1EIwFbwXVtg2EQm5T3apvvL9F4hnJqIPN_1wZz3cR9dHVQNtaTPAhL6WvYbPLLNSIlz7nPqhif92XEgcf_2P1wejP_LMQYIHgj6zlO5me1M8voHRpJbTBkwKEGoZaRpzNhVo-V3Kri8idFyCpYgL4twVFpiabYE3vEDB5AgmzU0v-kr3q0OLI5H0Z8yogzu3uWrr1-6MvjKoHpgORrSPAs

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D2536428905417%3Bp%3D7B5E267F-6CF6-C436-4330-CC79E3EA1453&cb=942754537434384900&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

55d0dd5e19596a4d24ae5f4b9a3be4bcd844b1bee501a340945acbeedfebd8c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D2536428905417%3Bp%3D7B5E267F-6CF6-C436-4330-CC79E3EA1453&cb=942754537434384900&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 6281
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 13 Feb 2023 14:25:11 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: YGVFP4PFC7VTQV3YBC7M

GET
H2 200 SmarterHandler.ashx Show response
tr2.smarterhq.io/app1/ 295 B
416 B 121ms
119ms Script
text/javascript 3.227.179.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=1009708749&i=fyl6dahrce-1092&cb=_smtr.postprocess&bv=2.7.14&utc=0&ctid=33262591&pt=5&href=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&hostn=cloud.alerts.savethechildren.org&pathn=%2Fpreferencecenter&modalc=638118951109547863^01864b2a-552a-4887-81a6-dc91d6c9e069^01864b2a-552a-4376-98c5-2dba19e9aae0^0^80.255.7.103
Requested by: Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/savethechildren.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.179.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-179-229.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 0c50591d3e3f7039c2f103303d1a83fc20ca3034c6eae4d77fead6ad52c3b53d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:11 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 295
content-type: text/javascript

GET
H2 200 / Show response
onsiteshq.smarterhq.io/api/v3/onsite/ 111 B
225 B 422ms
133ms Script
text/plain 44.211.7.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onsiteshq.smarterhq.io/api/v3/onsite/?instanceId=fyl6dahrce-1092&loiId=01864b2a-552a-4887-81a6-dc91d6c9e069&sessionId=01864b2a-552a-4376-98c5-2dba19e9aae0&url=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&callback=_smtr.postprocess&r=1405848310&isNewVisitor=true&accountId=228&isEmailProvided=false&espSubIdProvided=true&ref=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591
Requested by: Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/savethechildren.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.211.7.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-7-214.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 15d6dff53a85e601ddd4a1e658129efdeedaf6d1f5c27ff624a480bdbf491210

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:11 GMT
server: Kestrel
x-request-id: 0HMO8L6AUQEM5:0000000F
content-type: text/plain; charset=utf-8

GET
H2 200 smtr1x1.gif
tr2.smarterhq.io/app1/ 43 B
159 B 123ms
121ms Image
image/gif 3.227.179.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr2.smarterhq.io/app1/smtr1x1.gif?r=246177665&action=crm&i=fyl6dahrce-1092&modalc=638118951109547863%5E01864b2a-552a-4887-81a6-dc91d6c9e069%5E01864b2a-552a-4376-98c5-2dba19e9aae0%5E0%5E80.255.7.103&dwId=67613886401170920251800254659148060849&bv=2.7.14
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.179.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-179-229.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:11 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 43
content-type: image/gif

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
217 B 74ms
73ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=20577973&t=pageview&_s=1&dl=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&dp=%2Fpreferencecenter&ul=en-us&de=UTF-8&dt=Email%20Preference%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACACI~&jid=825847765&gjid=1290447353&cid=189169841.1676298311&tid=UA-85748307-2&_gid=1357288219.1676298311&_r=1&gtm=457e3280&z=1897126895

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cloud.alerts.savethechildren.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tags.wdsvc.net/tpc-eval/ 21 B
284 B 117ms
117ms Script
text/javascript 52.6.32.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.wdsvc.net/tpc-eval/?lid=1864b2a5515-tags1-78b245e998f68
Requested by: Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.6.32.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-32-88.compute-1.amazonaws.com
Software: /
Resource Hash: b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:11 GMT
Content-Type: text/javascript
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Content-length: 21
Expires: Mon, 3 Jan 2005 13:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1069852215/ 42 B
455 B 211ms
80ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069852215/?random=1676298310943&cv=11&fst=1676296800000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&tiba=Email%20Preference%20Center%20%7C%20Save%20the%20Children&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2879394919&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1069852215/ 42 B
455 B 208ms
78ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069852215/?random=1676298310943&cv=11&fst=1676296800000&bg=ffffff&guid=ON&async=1&gtm=45be3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&tiba=Email%20Preference%20Center%20%7C%20Save%20the%20Children&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2879394919&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
onsiteshq.smarterhq.io/api/v3/onsite/ 111 B
227 B 292ms
130ms Script
text/plain 44.211.7.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onsiteshq.smarterhq.io/api/v3/onsite/?instanceId=fyl6dahrce-1092&loiId=01864b2a-552a-4887-81a6-dc91d6c9e069&sessionId=01864b2a-552a-4376-98c5-2dba19e9aae0&url=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&callback=_smtr.postprocess&r=1533066960&isNewVisitor=true&accountId=228&isEmailProvided=false&espSubIdProvided=true&ref=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591
Requested by: Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/savethechildren.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.211.7.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-7-214.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 15d6dff53a85e601ddd4a1e658129efdeedaf6d1f5c27ff624a480bdbf491210

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:11 GMT
server: Kestrel
x-request-id: 0HMO8LFDCJUFV:0000061E
content-type: text/plain; charset=utf-8

GET
H2 200 / Show response
onsiteshq.smarterhq.io/api/v3/onsite/ 111 B
225 B 294ms
132ms Script
text/plain 44.211.7.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onsiteshq.smarterhq.io/api/v3/onsite/?instanceId=fyl6dahrce-1092&loiId=01864b2a-552a-4887-81a6-dc91d6c9e069&sessionId=01864b2a-552a-4376-98c5-2dba19e9aae0&url=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&callback=_smtr.postprocess&r=539597061&isNewVisitor=true&accountId=228&isEmailProvided=false&espSubIdProvided=true&ref=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591
Requested by: Host: d1n00d49gkbray.cloudfront.net
URL: https://d1n00d49gkbray.cloudfront.net/js/savethechildren.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.211.7.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-7-214.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 15d6dff53a85e601ddd4a1e658129efdeedaf6d1f5c27ff624a480bdbf491210

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:11 GMT
server: Kestrel
x-request-id: 0HMO99KQCL1L0:00000107
content-type: text/plain; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=uiqxIiYFTFq3l7YU1rgk7Q&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DuiqxIiYFTFq3l7YU1rgk7Q%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=uiqxIiYFTFq3l7YU1rgk7Q

43 B
479 B

130ms
130ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=uiqxIiYFTFq3l7YU1rgk7Q

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=vEK1rgLyS0CjBWaRRsrr8A&dmt=3&ex-pl-n-g-hmt=LkCkzY91TuOx2mOyLgOSug&ep=ttam_T219Ay-cPciHbT10k0ZpkKrKn-0Q-N0VuddU6jdjlnDQHs6t1g0GAGOLYlBE9K8ywpi1pPRQMI6-KjpptplAL2xMWNrFcRMuKFGzSOpNJQ6LmOYIp_2vUzDEcEArxJ4GF7Kllll2fk-ZPpAVMqAa_zg_k8F40gQQHQ9f-3xSCyL65wRQBaaPcEyrRX7XiS0mJQZm4cN9sQrLHZoyCyFBPfvNUBb1SD40QEY6dtRw08KlBx_Nbj-c4Cgq0DhkrT58Y79Df-2Maf5uNjhadq5EaaKWaxd8pSvbcUs62H0i0nxvtnxtjFFBjV-bvWwWDip4Ft9FRQXt3Y7Z__wWVag4LFNphvu3vFqncyfwcgjl51B25TpA2tMxDpzS9VtwYCpHveRwyyhCAX6P1VUK1EIwFbwXVtg2EQm5T3apvvL9F4hnJqIPN_1wZz3cR9dHVQNtaTPAhL6WvYbPLLNSIlz7nPqhif92XEgcf_2P1wejP_LMQYIHgj6zlO5me1M8voHRpJbTBkwKEGoZaRpzNhVo-V3Kri8idFyCpYgL4twVFpiabYE3vEDB5AgmzU0v-kr3q0OLI5H0Z8yogzu3uWrr1-6MvjKoHpgORrSPAs

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DQR5DB4HQXAXCEWDBH83
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 13 Feb 2023 14:25:11 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 348b41f6-bc91-4ae6-82ad-9249561a187f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=uiqxIiYFTFq3l7YU1rgk7Q
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame C5C9 43 B
163 B 258ms
50ms Image
image/gif 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=5dxXrJVfRu2UkX1G1ToKog&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT%26id%3D%26sspid%3DSMART_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=vEK1rgLyS0CjBWaRRsrr8A&dmt=3&ex-pl-n-g-hmt=LkCkzY91TuOx2mOyLgOSug&ep=ttam_T219Ay-cPciHbT10k0ZpkKrKn-0Q-N0VuddU6jdjlnDQHs6t1g0GAGOLYlBE9K8ywpi1pPRQMI6-KjpptplAL2xMWNrFcRMuKFGzSOpNJQ6LmOYIp_2vUzDEcEArxJ4GF7Kllll2fk-ZPpAVMqAa_zg_k8F40gQQHQ9f-3xSCyL65wRQBaaPcEyrRX7XiS0mJQZm4cN9sQrLHZoyCyFBPfvNUBb1SD40QEY6dtRw08KlBx_Nbj-c4Cgq0DhkrT58Y79Df-2Maf5uNjhadq5EaaKWaxd8pSvbcUs62H0i0nxvtnxtjFFBjV-bvWwWDip4Ft9FRQXt3Y7Z__wWVag4LFNphvu3vFqncyfwcgjl51B25TpA2tMxDpzS9VtwYCpHveRwyyhCAX6P1VUK1EIwFbwXVtg2EQm5T3apvvL9F4hnJqIPN_1wZz3cR9dHVQNtaTPAhL6WvYbPLLNSIlz7nPqhif92XEgcf_2P1wejP_LMQYIHgj6zlO5me1M8voHRpJbTBkwKEGoZaRpzNhVo-V3Kri8idFyCpYgL4twVFpiabYE3vEDB5AgmzU0v-kr3q0OLI5H0Z8yogzu3uWrr1-6MvjKoHpgORrSPAs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:10 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=219013204426002209875&ex=neustar.biz

43 B
479 B

242ms
132ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=219013204426002209875&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ND7VTYF87S4XEPCKN692
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:11 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=219013204426002209875&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=DLj2HSy_QdmHr5YufcyVpw&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=DLj2HSy_QdmHr5YufcyVpw&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y.pIR3AyqLSfgaOg8ONoHgAA

43 B
479 B

332ms
123ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y.pIR3AyqLSfgaOg8ONoHgAA

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 82P5H72WT4R5Z7CAA4RV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y.pIR3AyqLSfgaOg8ONoHgAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=6471c7416ab8eb0653b2ffe64b318d27

43 B
479 B

240ms
129ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=6471c7416ab8eb0653b2ffe64b318d27

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5QK1C9XRCG5D4MWA3FTA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=6471c7416ab8eb0653b2ffe64b318d27
date: Mon, 13 Feb 2023 14:25:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

237ms
123ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5GSPPDB2105AVNNY4590
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Mon, 13 Feb 2023 14:25:11 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=CUn1hj4ZQDiChYyHZN4Ktw
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=CUn1hj4ZQDiChYyHZN4Ktw&verify=true
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=CUn1hj4ZQDiChYyHZN4Ktw

43 B
479 B

316ms
134ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=CUn1hj4ZQDiChYyHZN4Ktw

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 61Q85BAQ2009K8FBW5PM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=CUn1hj4ZQDiChYyHZN4Ktw
date: Mon, 13 Feb 2023 14:25:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=50ee8a74-e5fe-4f39-908e-0a7954329b39

43 B
479 B

136ms
135ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=50ee8a74-e5fe-4f39-908e-0a7954329b39

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YRQNKRTR3HZ81DDXMPK8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=50ee8a74-e5fe-4f39-908e-0a7954329b39
Date: Mon, 13 Feb 2023 14:25:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame C5C9 43 B
183 B 460ms
117ms Image
image/gif 2600:1f18:612b:4216:cd79:34ae:bc6a:5e70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=vEK1rgLyS0CjBWaRRsrr8A&dmt=3&ex-pl-n-g-hmt=LkCkzY91TuOx2mOyLgOSug&ep=ttam_T219Ay-cPciHbT10k0ZpkKrKn-0Q-N0VuddU6jdjlnDQHs6t1g0GAGOLYlBE9K8ywpi1pPRQMI6-KjpptplAL2xMWNrFcRMuKFGzSOpNJQ6LmOYIp_2vUzDEcEArxJ4GF7Kllll2fk-ZPpAVMqAa_zg_k8F40gQQHQ9f-3xSCyL65wRQBaaPcEyrRX7XiS0mJQZm4cN9sQrLHZoyCyFBPfvNUBb1SD40QEY6dtRw08KlBx_Nbj-c4Cgq0DhkrT58Y79Df-2Maf5uNjhadq5EaaKWaxd8pSvbcUs62H0i0nxvtnxtjFFBjV-bvWwWDip4Ft9FRQXt3Y7Z__wWVag4LFNphvu3vFqncyfwcgjl51B25TpA2tMxDpzS9VtwYCpHveRwyyhCAX6P1VUK1EIwFbwXVtg2EQm5T3apvvL9F4hnJqIPN_1wZz3cR9dHVQNtaTPAhL6WvYbPLLNSIlz7nPqhif92XEgcf_2P1wejP_LMQYIHgj6zlO5me1M8voHRpJbTBkwKEGoZaRpzNhVo-V3Kri8idFyCpYgL4twVFpiabYE3vEDB5AgmzU0v-kr3q0OLI5H0Z8yogzu3uWrr1-6MvjKoHpgORrSPAs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:cd79:34ae:bc6a:5e70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 13 Feb 2023 14:25:11 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini
https://s.amazon-adsystem.com/ecm3?id=y-qiLfrldE2pHDWLYBRNz9yO3B.bOzvMiC5Iat~A&status=OK&ex=gemini

43 B
479 B

257ms
131ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=y-qiLfrldE2pHDWLYBRNz9yO3B.bOzvMiC5Iat~A&status=OK&ex=gemini

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: P7XQAG9ZXBDMZJM0GZNN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=y-qiLfrldE2pHDWLYBRNz9yO3B.bOzvMiC5Iat~A&status=OK&ex=gemini
date: Mon, 13 Feb 2023 14:25:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=e5d09cd7f7c4f013757e54be2aeac1b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

179ms
129ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=e5d09cd7f7c4f013757e54be2aeac1b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WFJFERP200BC71WYMWZY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:11 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=e5d09cd7f7c4f013757e54be2aeac1b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676298311693066-404
Expires: Mon, 13 Feb 2023 14:25:11 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

132ms
132ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JY397CKQ5JF5TWNMR4X5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 13 Feb 2023 14:25:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 b4b344356515496fe04e908f6ee73f4e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=JAPE87AX3S9V89XJPYFK:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: JAPE87AX3S9V89XJPYFK
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: 7oR9j9C3geVILYZlsrNMXKjLmSzCVSVcMCfKOx5nix1jHaWZXdl-PQ==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame C5C9 0
338 B 310ms
54ms Image
text/plain 54.72.113.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=vEK1rgLyS0CjBWaRRsrr8A&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=vEK1rgLyS0CjBWaRRsrr8A&dmt=3&ex-pl-n-g-hmt=LkCkzY91TuOx2mOyLgOSug&ep=ttam_T219Ay-cPciHbT10k0ZpkKrKn-0Q-N0VuddU6jdjlnDQHs6t1g0GAGOLYlBE9K8ywpi1pPRQMI6-KjpptplAL2xMWNrFcRMuKFGzSOpNJQ6LmOYIp_2vUzDEcEArxJ4GF7Kllll2fk-ZPpAVMqAa_zg_k8F40gQQHQ9f-3xSCyL65wRQBaaPcEyrRX7XiS0mJQZm4cN9sQrLHZoyCyFBPfvNUBb1SD40QEY6dtRw08KlBx_Nbj-c4Cgq0DhkrT58Y79Df-2Maf5uNjhadq5EaaKWaxd8pSvbcUs62H0i0nxvtnxtjFFBjV-bvWwWDip4Ft9FRQXt3Y7Z__wWVag4LFNphvu3vFqncyfwcgjl51B25TpA2tMxDpzS9VtwYCpHveRwyyhCAX6P1VUK1EIwFbwXVtg2EQm5T3apvvL9F4hnJqIPN_1wZz3cR9dHVQNtaTPAhL6WvYbPLLNSIlz7nPqhif92XEgcf_2P1wejP_LMQYIHgj6zlO5me1M8voHRpJbTBkwKEGoZaRpzNhVo-V3Kri8idFyCpYgL4twVFpiabYE3vEDB5AgmzU0v-kr3q0OLI5H0Z8yogzu3uWrr1-6MvjKoHpgORrSPAs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.113.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-113-247.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by: beacon-n003-dub-prod.krxd.net
date: Mon, 13 Feb 2023 14:25:11 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1676298311
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://s.amazon-adsystem.com/ecm3?id=1c75cdc1-2aa0-4f50-825d-671317c7bb08&ex=improvedigital.com

43 B
479 B

126ms
126ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=1c75cdc1-2aa0-4f50-825d-671317c7bb08&ex=improvedigital.com

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AYQB8SM18ZKQGZGJR5CH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=1c75cdc1-2aa0-4f50-825d-671317c7bb08&ex=improvedigital.com
access-control-allow-origin: *
date: Mon, 13 Feb 2023 14:25:12 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame C5C9 0
263 B 1357ms
117ms Image
text/plain 54.84.231.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=vEK1rgLyS0CjBWaRRsrr8A&dmt=3&ex-pl-n-g-hmt=LkCkzY91TuOx2mOyLgOSug&ep=ttam_T219Ay-cPciHbT10k0ZpkKrKn-0Q-N0VuddU6jdjlnDQHs6t1g0GAGOLYlBE9K8ywpi1pPRQMI6-KjpptplAL2xMWNrFcRMuKFGzSOpNJQ6LmOYIp_2vUzDEcEArxJ4GF7Kllll2fk-ZPpAVMqAa_zg_k8F40gQQHQ9f-3xSCyL65wRQBaaPcEyrRX7XiS0mJQZm4cN9sQrLHZoyCyFBPfvNUBb1SD40QEY6dtRw08KlBx_Nbj-c4Cgq0DhkrT58Y79Df-2Maf5uNjhadq5EaaKWaxd8pSvbcUs62H0i0nxvtnxtjFFBjV-bvWwWDip4Ft9FRQXt3Y7Z__wWVag4LFNphvu3vFqncyfwcgjl51B25TpA2tMxDpzS9VtwYCpHveRwyyhCAX6P1VUK1EIwFbwXVtg2EQm5T3apvvL9F4hnJqIPN_1wZz3cR9dHVQNtaTPAhL6WvYbPLLNSIlz7nPqhif92XEgcf_2P1wejP_LMQYIHgj6zlO5me1M8voHRpJbTBkwKEGoZaRpzNhVo-V3Kri8idFyCpYgL4twVFpiabYE3vEDB5AgmzU0v-kr3q0OLI5H0Z8yogzu3uWrr1-6MvjKoHpgORrSPAs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.231.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-231-24.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:13 GMT
Server: nginx/1.20.0
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10c004360b44e4308

43 B
479 B

128ms
127ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10c004360b44e4308

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BRG4FKC86DG4NG5SBAAV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 13 Feb 2023 14:25:12 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10c004360b44e4308
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=22AdwN-fQKCsnguPG_N7Lw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=22AdwN-fQKCsnguPG_N7Lw

43 B
479 B

137ms
137ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=22AdwN-fQKCsnguPG_N7Lw

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S757FR4B6M6B3K1ABZF7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=22AdwN-fQKCsnguPG_N7Lw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=e43bvG4ZRZ24rcB6PK6ovg&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=e5d09cd7f7c4f013757e54be2aeac1b&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=e43bvG4ZRZ24rcB6PK6ovg

43 B
479 B

135ms
134ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=e5d09cd7f7c4f013757e54be2aeac1b&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=e43bvG4ZRZ24rcB6PK6ovg

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XE9VZBAHBWJHG1W406E4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:11 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=e5d09cd7f7c4f013757e54be2aeac1b&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=e43bvG4ZRZ24rcB6PK6ovg
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1676298311946037-331
Expires: Mon, 13 Feb 2023 14:25:11 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=PGXYm64SS3yCX3YuF7yNOw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=67282426639295641691761197966148712961

43 B
479 B

130ms
130ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=67282426639295641691761197966148712961

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RQ0AVP7TAQHTJVNWMG1Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v046-0aa5f14bd.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: UCSpkGlHQsQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=67282426639295641691761197966148712961
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 v2
odr.mookie1.com/t/ Frame C5C9 42 B
213 B 561ms
49ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=F26UftiBQOq1HBDmt5Sg5A
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=vEK1rgLyS0CjBWaRRsrr8A&dmt=3&ex-pl-n-g-hmt=LkCkzY91TuOx2mOyLgOSug&ep=ttam_T219Ay-cPciHbT10k0ZpkKrKn-0Q-N0VuddU6jdjlnDQHs6t1g0GAGOLYlBE9K8ywpi1pPRQMI6-KjpptplAL2xMWNrFcRMuKFGzSOpNJQ6LmOYIp_2vUzDEcEArxJ4GF7Kllll2fk-ZPpAVMqAa_zg_k8F40gQQHQ9f-3xSCyL65wRQBaaPcEyrRX7XiS0mJQZm4cN9sQrLHZoyCyFBPfvNUBb1SD40QEY6dtRw08KlBx_Nbj-c4Cgq0DhkrT58Y79Df-2Maf5uNjhadq5EaaKWaxd8pSvbcUs62H0i0nxvtnxtjFFBjV-bvWwWDip4Ft9FRQXt3Y7Z__wWVag4LFNphvu3vFqncyfwcgjl51B25TpA2tMxDpzS9VtwYCpHveRwyyhCAX6P1VUK1EIwFbwXVtg2EQm5T3apvvL9F4hnJqIPN_1wZz3cR9dHVQNtaTPAhL6WvYbPLLNSIlz7nPqhif92XEgcf_2P1wejP_LMQYIHgj6zlO5me1M8voHRpJbTBkwKEGoZaRpzNhVo-V3Kri8idFyCpYgL4twVFpiabYE3vEDB5AgmzU0v-kr3q0OLI5H0Z8yogzu3uWrr1-6MvjKoHpgORrSPAs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:12 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4347839742274488073

43 B
479 B

128ms
127ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4347839742274488073

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SHDKDQRN2W2Z5KDD6NFQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4347839742274488073
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=39f3a007-abaa-11ed-8955-1891fad20506
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=39f39fad-abaa-11ed-8955-1891fad20506

43 B
479 B

131ms
130ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=39f39fad-abaa-11ed-8955-1891fad20506

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X7G2KTWAA388VXH454PZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 13 Feb 2023 14:25:12 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=39f39fad-abaa-11ed-8955-1891fad20506
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 120
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2238e43630-1412-4f15-a0d6-4e0b5a0c08c2%22,%22Time%22:%2220230213T142512.479598%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=38e43630-1412-4f15-a0d6-4e0b5a0c08c2

43 B
479 B

133ms
133ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=38e43630-1412-4f15-a0d6-4e0b5a0c08c2

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0WVE97DFHF6CFRNGYERG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=38e43630-1412-4f15-a0d6-4e0b5a0c08c2
Server: LogModule 0.6
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEIxUYlxvbGYjxN3M32nsyFo&google_cver=1

43 B
479 B

132ms
131ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEIxUYlxvbGYjxN3M32nsyFo&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9E3PSGZCYM5N1SM7ENEZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEIxUYlxvbGYjxN3M32nsyFo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame C5C9 20 B
20 B 456ms
117ms Image
text/plain 35.170.45.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=vEK1rgLyS0CjBWaRRsrr8A&dmt=3&ex-pl-n-g-hmt=LkCkzY91TuOx2mOyLgOSug&ep=ttam_T219Ay-cPciHbT10k0ZpkKrKn-0Q-N0VuddU6jdjlnDQHs6t1g0GAGOLYlBE9K8ywpi1pPRQMI6-KjpptplAL2xMWNrFcRMuKFGzSOpNJQ6LmOYIp_2vUzDEcEArxJ4GF7Kllll2fk-ZPpAVMqAa_zg_k8F40gQQHQ9f-3xSCyL65wRQBaaPcEyrRX7XiS0mJQZm4cN9sQrLHZoyCyFBPfvNUBb1SD40QEY6dtRw08KlBx_Nbj-c4Cgq0DhkrT58Y79Df-2Maf5uNjhadq5EaaKWaxd8pSvbcUs62H0i0nxvtnxtjFFBjV-bvWwWDip4Ft9FRQXt3Y7Z__wWVag4LFNphvu3vFqncyfwcgjl51B25TpA2tMxDpzS9VtwYCpHveRwyyhCAX6P1VUK1EIwFbwXVtg2EQm5T3apvvL9F4hnJqIPN_1wZz3cR9dHVQNtaTPAhL6WvYbPLLNSIlz7nPqhif92XEgcf_2P1wejP_LMQYIHgj6zlO5me1M8voHRpJbTBkwKEGoZaRpzNhVo-V3Kri8idFyCpYgL4twVFpiabYE3vEDB5AgmzU0v-kr3q0OLI5H0Z8yogzu3uWrr1-6MvjKoHpgORrSPAs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.45.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-45-72.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by: usermatch-a005-ash-prod.krxd.net
date: Mon, 13 Feb 2023 14:25:12 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=dda6630bed7a957145f4bfea1157fa28

43 B
479 B

133ms
133ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=dda6630bed7a957145f4bfea1157fa28

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V9PQ9Q0S9638BKAMXCHC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=dda6630bed7a957145f4bfea1157fa28
date: Mon, 13 Feb 2023 14:25:12 GMT
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: XE9GTwwDV4vYNzH-YfR1vhgD1V8NITlbDnNpbEt0bk3cfkSYJasSrw==
x-cache: Miss from cloudfront

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame C5C9 43 B
304 B 149ms
48ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=vEK1rgLyS0CjBWaRRsrr8A&dmt=3&ex-pl-n-g-hmt=LkCkzY91TuOx2mOyLgOSug&ep=ttam_T219Ay-cPciHbT10k0ZpkKrKn-0Q-N0VuddU6jdjlnDQHs6t1g0GAGOLYlBE9K8ywpi1pPRQMI6-KjpptplAL2xMWNrFcRMuKFGzSOpNJQ6LmOYIp_2vUzDEcEArxJ4GF7Kllll2fk-ZPpAVMqAa_zg_k8F40gQQHQ9f-3xSCyL65wRQBaaPcEyrRX7XiS0mJQZm4cN9sQrLHZoyCyFBPfvNUBb1SD40QEY6dtRw08KlBx_Nbj-c4Cgq0DhkrT58Y79Df-2Maf5uNjhadq5EaaKWaxd8pSvbcUs62H0i0nxvtnxtjFFBjV-bvWwWDip4Ft9FRQXt3Y7Z__wWVag4LFNphvu3vFqncyfwcgjl51B25TpA2tMxDpzS9VtwYCpHveRwyyhCAX6P1VUK1EIwFbwXVtg2EQm5T3apvvL9F4hnJqIPN_1wZz3cR9dHVQNtaTPAhL6WvYbPLLNSIlz7nPqhif92XEgcf_2P1wejP_LMQYIHgj6zlO5me1M8voHRpJbTBkwKEGoZaRpzNhVo-V3Kri8idFyCpYgL4twVFpiabYE3vEDB5AgmzU0v-kr3q0OLI5H0Z8yogzu3uWrr1-6MvjKoHpgORrSPAs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:12 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=Krh_dyAG4szv0-CUiYYGKzc4fXc4ZgIC

43 B
479 B

130ms
130ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=Krh_dyAG4szv0-CUiYYGKzc4fXc4ZgIC

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: N4ZG66XRYB9ABNAZ242Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nROuGHxZHLcR8cDrGuqvPwEfmXBu4NcPhAsj9LbufNAaDqpDVOySPjT4AtuMem3xr5kG5YsTJuo2dQqq5Doy0juijJAF2mFSoz3CkVjQMjdDt6vDI4HqXsd2eilqfBN8tBsloRpMRW2GA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=Krh_dyAG4szv0-CUiYYGKzc4fXc4ZgIC
cache-control: no-cache
cf-ray: 798e3b656ca92c73-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 xuid
eb2.3lift.com/ Frame C5C9 37 B
140 B 172ms
41ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=8341&xuid=rqztpFyiQxmTe_-EHws7iQ&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=vEK1rgLyS0CjBWaRRsrr8A&dmt=3&ex-pl-n-g-hmt=LkCkzY91TuOx2mOyLgOSug&ep=ttam_T219Ay-cPciHbT10k0ZpkKrKn-0Q-N0VuddU6jdjlnDQHs6t1g0GAGOLYlBE9K8ywpi1pPRQMI6-KjpptplAL2xMWNrFcRMuKFGzSOpNJQ6LmOYIp_2vUzDEcEArxJ4GF7Kllll2fk-ZPpAVMqAa_zg_k8F40gQQHQ9f-3xSCyL65wRQBaaPcEyrRX7XiS0mJQZm4cN9sQrLHZoyCyFBPfvNUBb1SD40QEY6dtRw08KlBx_Nbj-c4Cgq0DhkrT58Y79Df-2Maf5uNjhadq5EaaKWaxd8pSvbcUs62H0i0nxvtnxtjFFBjV-bvWwWDip4Ft9FRQXt3Y7Z__wWVag4LFNphvu3vFqncyfwcgjl51B25TpA2tMxDpzS9VtwYCpHveRwyyhCAX6P1VUK1EIwFbwXVtg2EQm5T3apvvL9F4hnJqIPN_1wZz3cR9dHVQNtaTPAhL6WvYbPLLNSIlz7nPqhif92XEgcf_2P1wejP_LMQYIHgj6zlO5me1M8voHRpJbTBkwKEGoZaRpzNhVo-V3Kri8idFyCpYgL4twVFpiabYE3vEDB5AgmzU0v-kr3q0OLI5H0Z8yogzu3uWrr1-6MvjKoHpgORrSPAs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=B1F46EC18ACF6427

43 B
479 B

146ms
146ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=B1F46EC18ACF6427

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:13 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4R7DQSTDJB19G93XMYCQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:17 GMT
frontend-id: 11
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=B1F46EC18ACF6427
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=7724110733514692959&ex=appnexus.com

43 B
479 B

126ms
126ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=7724110733514692959&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 35TC0PRWQJ0DQ8FBB88Q
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 13 Feb 2023 14:25:12 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7f5713dd-6092-4389-a33c-701fd194976e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=7724110733514692959&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=Iy4NEM9iT1qcsc5hmiSxeg&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=Iy4NEM9iT1qcsc5hmiSxeg

43 B
479 B

127ms
127ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=Iy4NEM9iT1qcsc5hmiSxeg

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: N4KY6GZPPH6C4R2MM0NC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=Iy4NEM9iT1qcsc5hmiSxeg
date: Mon, 13 Feb 2023 14:25:12 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=gkR9gPKTq3yfyhKnKQR1UsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

43 B
479 B

124ms
124ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=gkR9gPKTq3yfyhKnKQR1UsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F48R5TTV7RZPWHF0VWF1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=gkR9gPKTq3yfyhKnKQR1UsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=LkCkzY91TuOx2mOyLgOSug&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

126ms
126ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KZK1Z2ZYZWD0EF72FKY8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadus.exelator.com/load/ Frame C5C9 0
324 B 266ms
58ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=vEK1rgLyS0CjBWaRRsrr8A&dmt=3&ex-pl-n-g-hmt=LkCkzY91TuOx2mOyLgOSug&ep=ttam_T219Ay-cPciHbT10k0ZpkKrKn-0Q-N0VuddU6jdjlnDQHs6t1g0GAGOLYlBE9K8ywpi1pPRQMI6-KjpptplAL2xMWNrFcRMuKFGzSOpNJQ6LmOYIp_2vUzDEcEArxJ4GF7Kllll2fk-ZPpAVMqAa_zg_k8F40gQQHQ9f-3xSCyL65wRQBaaPcEyrRX7XiS0mJQZm4cN9sQrLHZoyCyFBPfvNUBb1SD40QEY6dtRw08KlBx_Nbj-c4Cgq0DhkrT58Y79Df-2Maf5uNjhadq5EaaKWaxd8pSvbcUs62H0i0nxvtnxtjFFBjV-bvWwWDip4Ft9FRQXt3Y7Z__wWVag4LFNphvu3vFqncyfwcgjl51B25TpA2tMxDpzS9VtwYCpHveRwyyhCAX6P1VUK1EIwFbwXVtg2EQm5T3apvvL9F4hnJqIPN_1wZz3cR9dHVQNtaTPAhL6WvYbPLLNSIlz7nPqhif92XEgcf_2P1wejP_LMQYIHgj6zlO5me1M8voHRpJbTBkwKEGoZaRpzNhVo-V3Kri8idFyCpYgL4twVFpiabYE3vEDB5AgmzU0v-kr3q0OLI5H0Z8yogzu3uWrr1-6MvjKoHpgORrSPAs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:12 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2D4848EA638916282402BA6914

43 B
479 B

122ms
122ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2D4848EA638916282402BA6914

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:13 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9CY9Z4HDA2FM0WHW9PH5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 13 Feb 2023 14:25:12 GMT
Server: openresty/1.15.8.2
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2D4848EA638916282402BA6914
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection: keep-alive
Content-Length: 151
Expires: Mon, 13 Feb 2023 14:25:11 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=4a79fb8bb6d2357cf5717c57d82082bcf4f60c97db15a585763367883b1fa89f

43 B
479 B

135ms
133ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=4a79fb8bb6d2357cf5717c57d82082bcf4f60c97db15a585763367883b1fa89f

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BBPCR2B191FFCAZ963H0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 14:25:12 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=4a79fb8bb6d2357cf5717c57d82082bcf4f60c97db15a585763367883b1fa89f
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=CB239C6A-5E0E-4ABA-BAFA-3DAAE65CCC2D

43 B
479 B

124ms
123ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=CB239C6A-5E0E-4ABA-BAFA-3DAAE65CCC2D

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:13 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: N7RS4Q2Z946MQAK1Z9NQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=CB239C6A-5E0E-4ABA-BAFA-3DAAE65CCC2D
date: Mon, 13 Feb 2023 14:25:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 204 sd
us-u.openx.net/w/1.0/ Frame C5C9 0
48 B 55ms
55ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072986&val=qzZubI9NT5qsFgrv9MEhXQ&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=vEK1rgLyS0CjBWaRRsrr8A&dmt=3&ex-pl-n-g-hmt=LkCkzY91TuOx2mOyLgOSug&ep=ttam_T219Ay-cPciHbT10k0ZpkKrKn-0Q-N0VuddU6jdjlnDQHs6t1g0GAGOLYlBE9K8ywpi1pPRQMI6-KjpptplAL2xMWNrFcRMuKFGzSOpNJQ6LmOYIp_2vUzDEcEArxJ4GF7Kllll2fk-ZPpAVMqAa_zg_k8F40gQQHQ9f-3xSCyL65wRQBaaPcEyrRX7XiS0mJQZm4cN9sQrLHZoyCyFBPfvNUBb1SD40QEY6dtRw08KlBx_Nbj-c4Cgq0DhkrT58Y79Df-2Maf5uNjhadq5EaaKWaxd8pSvbcUs62H0i0nxvtnxtjFFBjV-bvWwWDip4Ft9FRQXt3Y7Z__wWVag4LFNphvu3vFqncyfwcgjl51B25TpA2tMxDpzS9VtwYCpHveRwyyhCAX6P1VUK1EIwFbwXVtg2EQm5T3apvvL9F4hnJqIPN_1wZz3cR9dHVQNtaTPAhL6WvYbPLLNSIlz7nPqhif92XEgcf_2P1wejP_LMQYIHgj6zlO5me1M8voHRpJbTBkwKEGoZaRpzNhVo-V3Kri8idFyCpYgL4twVFpiabYE3vEDB5AgmzU0v-kr3q0OLI5H0Z8yogzu3uWrr1-6MvjKoHpgORrSPAs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:12 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=1057fb6b-05a7-4962-9953-c97c9b743ec4-tuctae3cdc8

43 B
479 B

130ms
130ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=1057fb6b-05a7-4962-9953-c97c9b743ec4-tuctae3cdc8

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 14:25:13 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NVW48XZEBWMRCJY0XWZ8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=1057fb6b-05a7-4962-9953-c97c9b743ec4-tuctae3cdc8
date: Mon, 13 Feb 2023 14:25:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41432

GET
H2 200 identify_5f1fb.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 169ms
168ms Script
application/javascript 2.23.97.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_5f1fb.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 4e2ecc4f
date: Mon, 13 Feb 2023 14:25:11 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230207210833CAB25B6BD9056229CCB5
vary: Accept-Encoding
x-cache: TCP_HIT from a2-23-97-132.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0123b002a61331f309be6d61bf0fa423d74868b64268c619d2d4dd4654c6817e2c70e366cff3eb17aef455c0467348564199b6b071d6b9c2c92f4aed65641c9381c7b4304a0cf2ec15f6da90a37b48823cb16f6ab8595f2d0882042213a4a311e6
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30920

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
691 B 304ms
302ms Ping
text/plain 2.23.97.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 87d0edfb.4e2ecc50
date: Mon, 13 Feb 2023 14:25:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-132.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 179,2.23.97.132
server-timing: cdn-cache; desc=MISS, edge; dur=178, origin; dur=49, inner; dur=46
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202302131425119AC7B281C7AB50498562
x-cache-remote: TCP_MISS from a23-220-107-79.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 49,23.220.107.79
x-tt-trace-host: 0129b2af6d1f5777e5474c8b0c836d990512c304b0386c2ea1507da47d7aaf08acf2a76198fb647f4354bf7f2ead42eefc8de951acddc9b7b785f8db8b9989fe1eb112df76e0c35507adcdd3755cd11eed26614aafd5f2db5c63f60c2dbd46452816391b9093e41037b14035526eddb760
expires: Mon, 13 Feb 2023 14:25:11 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
691 B 394ms
392ms Ping
text/plain 2.23.97.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2c4bfa9d.4e2ecc52
date: Mon, 13 Feb 2023 14:25:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-132.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 259,2.23.97.132
server-timing: cdn-cache; desc=MISS, edge; dur=157, origin; dur=131, inner; dur=129
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230213142511DC3A1780F933F93D09C4
x-cache-remote: TCP_MISS from a23-220-107-82.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 131,23.220.107.82
x-tt-trace-host: 0129b2af6d1f5777e5474c8b0c836d990512c304b0386c2ea1507da47d7aaf08ac4b04ed8ccab82d70f2b1a7d030a771fb360330e9371f6c609183edb3527ecd3b083e1b9d1eaaa4e7443fcb7c202534c7982f117b118c1bf9c5a3c518c2698315c6762b0dd3e881ee36453f47d80738bc
expires: Mon, 13 Feb 2023 14:25:11 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
689 B 302ms
300ms Ping
text/plain 2.23.97.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 769df8fe.4e2ecc53
date: Mon, 13 Feb 2023 14:25:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-132.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 161,2.23.97.132
server-timing: cdn-cache; desc=MISS, edge; dur=193, origin; dur=15, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230213142511319DEE34219DCCB4C19B
x-cache-remote: TCP_MISS from a23-220-107-78.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,23.220.107.78
x-tt-trace-host: 0129b2af6d1f5777e5474c8b0c836d990512c304b0386c2ea1507da47d7aaf08ac855a8ca222437fee40caa19ab5023889832f2e598bbfe6bd622c7fce8de3c2199e375562e9842dec27794705525368da61279afcdc02842b7e722520f6cd8bfcd4000ee85353b495bf60808cffab535d
expires: Mon, 13 Feb 2023 14:25:11 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
686 B 382ms
382ms Ping
text/plain 2.23.97.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 769e11de.4e2ecc90
date: Mon, 13 Feb 2023 14:25:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-132.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 147,2.23.97.132
server-timing: cdn-cache; desc=MISS, edge; dur=230, origin; dur=7, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023021314251134B626D5CE276028F3CF
x-cache-remote: TCP_MISS from a23-220-107-78.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.107.78
x-tt-trace-host: 0129b2af6d1f5777e5474c8b0c836d990512c304b0386c2ea1507da47d7aaf08ac855a8ca222437fee40caa19ab50238895a7a23238851a877616d50f1770d32b2b847c4574600a69bb75a264bc6b1152c8688c1208a233ca5f130236aa9a0de8beb04dca4a6e8821863c46155491bd8d9
expires: Mon, 13 Feb 2023 14:25:11 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
688 B 345ms
345ms Ping
text/plain 2.23.97.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2c4bf0ea.4e2eccca
date: Mon, 13 Feb 2023 14:25:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-132.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 154,2.23.97.132
server-timing: cdn-cache; desc=MISS, edge; dur=168, origin; dur=17, inner; dur=7
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202302131425112304FC8C090298E2CA08
x-cache-remote: TCP_MISS from a23-220-107-82.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 17,23.220.107.82
x-tt-trace-host: 0129b2af6d1f5777e5474c8b0c836d990512c304b0386c2ea1507da47d7aaf08ac4b04ed8ccab82d70f2b1a7d030a771fbe99514f1a1a79c7f433307f298fd879fbdbd40180c55be1162806854971b8e158e2b0bbd4eb3b6397fc542cb934756ac024aee2190956bb29258bb58ee7269b4
expires: Mon, 13 Feb 2023 14:25:11 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
691 B 532ms
532ms Ping
text/plain 2.23.97.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 769e10e5.4e2ecccb
date: Mon, 13 Feb 2023 14:25:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-132.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 365,2.23.97.132
server-timing: cdn-cache; desc=MISS, edge; dur=139, origin; dur=243, inner; dur=240
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023021314251179710DAEEF887B3ACE6F
x-cache-remote: TCP_MISS from a23-220-107-78.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 243,23.220.107.78
x-tt-trace-host: 0129b2af6d1f5777e5474c8b0c836d990512c304b0386c2ea1507da47d7aaf08ac855a8ca222437fee40caa19ab502388900a71b17ef3b8d637d517b93b27a98686b3371cdf18faf2f06d7c1741242baef282621790421541e8efdacfc37fe96e859a436d089e7f9ed86ce4fa0af1024cb
expires: Mon, 13 Feb 2023 14:25:11 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
687 B 344ms
344ms Ping
text/plain 2.23.97.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 769e11a6.4e2ecccc
date: Mon, 13 Feb 2023 14:25:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-132.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 135,2.23.97.132
server-timing: cdn-cache; desc=MISS, edge; dur=151, origin; dur=13, inner; dur=11
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230213142511FE764EA51A213E14834A
x-cache-remote: TCP_MISS from a23-220-107-78.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.220.107.78
x-tt-trace-host: 0129b2af6d1f5777e5474c8b0c836d990512c304b0386c2ea1507da47d7aaf08ac855a8ca222437fee40caa19ab50238890a8d4d4f354a9682425918015e255e1e93dc8d0d4b37992006ee76dbeab3daa0a2f03b30a5cd0e61022f39eaefc2c99ea0c66e670ebc212fd43bbb1b270e789c
expires: Mon, 13 Feb 2023 14:25:11 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
690 B 375ms
374ms Ping
text/plain 2.23.97.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 87d10341.4e2ecccd
date: Mon, 13 Feb 2023 14:25:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-132.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 150,2.23.97.132
server-timing: cdn-cache; desc=MISS, edge; dur=156, origin; dur=23, inner; dur=19
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023021314251145836CC9D4869D7F5764
x-cache-remote: TCP_MISS from a23-220-107-79.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.220.107.79
x-tt-trace-host: 0129b2af6d1f5777e5474c8b0c836d990512c304b0386c2ea1507da47d7aaf08acf2a76198fb647f4354bf7f2ead42eefcbbe05a32f1127f9c2fcc3c3719a1b096edd9dab02fbec3c546938501507fb5e5f6632583989d516025727019aca52496a6661b53919316a59dea7c254817cbbe
expires: Mon, 13 Feb 2023 14:25:11 GMT

GET
H2 200 visitor.php Show response
app.leadsrx.com/ 73 B
307 B 209ms
209ms XHR
text/html 44.225.161.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.leadsrx.com/visitor.php?acctTag=yqahgl42094&tz=0&ref=&u=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&t=Email%20Preference%20Center%20%7C%20Save%20the%20Children&lc=null&anon=0&vin=null

Requested by

Host: app.leadsrx.com
URL: https://app.leadsrx.com/visitor.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.225.161.165 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-225-161-165.us-west-2.compute.amazonaws.com

Software

nginx/1.20.1 / PHP/5.6.40

Resource Hash

191d4cfe259a79476cf2d6cd73900e4789e5ab7ffd39868890ae220e04fa9426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 13 Feb 2023 14:25:11 GMT
x-content-type-options: nosniff
server: nginx/1.20.1
x-powered-by: PHP/5.6.40
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: https://cloud.alerts.savethechildren.org
access-control-allow-credentials: true

GET is
44.238.122.172/ 0
0

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
688 B 270ms
269ms Ping
text/plain 2.23.97.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 87d10492.4e2ecd51
date: Mon, 13 Feb 2023 14:25:11 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-132.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 120,2.23.97.132
server-timing: cdn-cache; desc=MISS, edge; dur=173, origin; dur=16, inner; dur=3
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023021314251131F7A0D7740ECFD61114
x-cache-remote: TCP_MISS from a23-220-107-79.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.220.107.79
x-tt-trace-host: 0129b2af6d1f5777e5474c8b0c836d990512c304b0386c2ea1507da47d7aaf08acf2a76198fb647f4354bf7f2ead42eefc760bea8a92b1169bf9b4f9b67cec3dd682a189583f7e9dfdcfbfc43145a7c7e8a81cbb2a8ef23b8ae83120d74b13c1acb227612352552caec62d1f1ece41e6a1
expires: Mon, 13 Feb 2023 14:25:11 GMT

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
2 KB 898ms
209ms Script
application/javascript 35.85.106.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=UA-85748307-2&ga_client_id=189169841.1676298311&shpt=Email%20Preference%20Center%20%7C%20Save%20the%20Children&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-85748307-2%22%2C%22ga_client_id%22%3A%22189169841.1676298311%22%2C%22shpt%22%3A%22Email%20Preference%20Center%20%7C%20Save%20the%20Children%22%2C%22dcm_cid%22%3A%22189169841.1676298311%22%2C%22dcm_gid%22%3A%221357288219.1676298311%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=189169841.1676298311&dcm_gid=1357288219.1676298311&dxver=4.0.0&shaid=32293&plh=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&cb=7627780129856943&term=value&shadditional=googletagmanager%3Dtrue
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32293&tdr=&plh=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&cb=7627780129856943&term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.85.106.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-106-161.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 390ade223e0475185e8882fd91177c97755ab89690ff808b0474eda1c27fd799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:12 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 1
connection: close

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 42ms
41ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=175734969458030&ev=Microdata&dl=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&rl=&if=false&ts=1676298312261&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Email%20Preference%20Center%20%7C%20Save%20the%20Children%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&fbp=fb.1.1676298310746.1890940717&it=1676298310593&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 13 Feb 2023 14:25:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 863ms
202ms Script
application/javascript 52.12.117.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.12.117.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-12-117-226.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 41408fb1332f31d1abfdc52ef061b990a8e88f4da6c1a3de81cba340f7933964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:13 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 0
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

POST
H/1.1 200
OK post-log Show response
tags.wdsvc.net/ 0
451 B 118ms
117ms XHR
text/html 52.6.32.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.wdsvc.net/post-log?v=4.10&t=1676298310933
Requested by: Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.6.32.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-32-88.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloud.alerts.savethechildren.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://cloud.alerts.savethechildren.org
Date: Mon, 13 Feb 2023 14:25:13 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=5
Content-length: 0
Content-Type: text/html

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 187ms
56ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=0ugbyxx&ct=0:8hrabaq&fmt=3&td1=1864b2a5515-tags1-78b245e998f68
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 13 Feb 2023 14:25:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
260 B 191ms
61ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=0ugbyxx&ct=0:v28zupp&fmt=3&orderid=&vf=&v=&td1=1864b2a5515-tags1-78b245e998f68
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 13 Feb 2023 14:25:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
260 B 187ms
57ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=0ugbyxx&ct=0:rlc0tuy&fmt=3&orderid=&vf=&v=&td1=1864b2a5515-tags1-78b245e998f68
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 13 Feb 2023 14:25:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK st Show response
px.mountain.com/ 5 KB
2 KB 225ms
224ms Script
application/javascript 35.85.106.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=UA-85748307-2&ga_client_id=189169841.1676298311&shpt=Email%20Preference%20Center%20%7C%20Save%20the%20Children&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-85748307-2%22%2C%22ga_client_id%22%3A%22189169841.1676298311%22%2C%22shpt%22%3A%22Email%20Preference%20Center%20%7C%20Save%20the%20Children%22%2C%22dcm_cid%22%3A%22189169841.1676298311%22%2C%22dcm_gid%22%3A%221357288219.1676298311%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A8%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=189169841.1676298311&dcm_gid=1357288219.1676298311&dxver=4.0.0&shaid=32293&plh=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&term=value&shadditional=googletagmanager%3Dtrue&cb=1676298312984120&shguid=6a8ce816-a7d9-31bb-bb87-e6bbc7c6a25c&shgts=1676298313850
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.85.106.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-106-161.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 9322fa354d8bd9f1083cd56f4d8b58028d6f4031a6a2986d963a9e8c6087e635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:25:14 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 14
connection: close

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 93ms
63ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=3a55b999-abaa-11ed-831b-3341116af7d1&gdpr=&gdpr_consent=
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 13 Feb 2023 14:25:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
260 B 57ms
57ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=tl1i3bn&ct=0:kr1qq9a&fmt=3
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 13 Feb 2023 14:25:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK save-the-children-usa-button-18e985c8f1327aa5b0db2be1ab660ba6.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 2C63 9 KB
10 KB 162ms
40ms Image
image/png 99.86.1.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/save-the-children-usa-button-18e985c8f1327aa5b0db2be1ab660ba6.png
Requested by: Host: cloud.alerts.savethechildren.org
URL: https://cloud.alerts.savethechildren.org/preferencecenter?sfmcEmail=Barbara.Moore@sabre.com&cid=Email:SFMC:Emer_Turk_Syria:New_Leads_b:021223&smtrctid=33262591
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-140.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9fbb05adcdc2317148fbaaf7c56be51c9246d351c9ae5235eb09dcd0ee0da552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.alerts.savethechildren.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 17 Nov 2022 19:43:21 GMT
x-amz-version-id: UUIaS9R3j_VdIQipfTJ5dnr2koEgl3_W
Via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 7584114
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 9208
Last-Modified: Tue, 08 Nov 2022 16:00:18 GMT
Server: AmazonS3
ETag: "18e985c8f1327aa5b0db2be1ab660ba6"
Content-Type: image/png
Cache-Control: max-age=315360000, no-transform, public
Accept-Ranges: bytes
X-Amz-Cf-Id: ABdp4OKcab350OPBrOyF3B2qwpRv64Bh9j8B_5jlJwRopX7GTWKsNA==

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 463B 0
181 B 57ms
56ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=a6t02yu&ref=https%3A%2F%2Fcloud.alerts.savethechildren.org%2Fpreferencecenter%3FsfmcEmail%3DBarbara.Moore%40sabre.com%26cid%3DEmail%3ASFMC%3AEmer_Turk_Syria%3ANew_Leads_b%3A021223%26smtrctid%3D33262591&upid=xvch1ck&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cloud.alerts.savethechildren.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Mon, 13 Feb 2023 14:25:14 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
BLOB 200
OK 520c9aaf-c884-4853-8678-9de320a7d1d6
https://cloud.alerts.savethechildren.org/ 15 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://cloud.alerts.savethechildren.org/520c9aaf-c884-4853-8678-9de320a7d1d6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bce4f7bc6a794b397ae828091147a05faf04e5c695d383ae69e58e223af0a67

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Length: 15556
Content-Type: application/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 44.238.122.172
URL: https://44.238.122.172/is

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

88 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.decibelinsight.net/i/13874/	1970-01-20 18:23:54	Name: da_lid Value: -FEE5BF7F9A7FEA13E1A2BB99F01F187B31\|0\|0\|0
.decibelinsight.net/i/13874/	1970-01-20 09:38:20	Name: da_sid Value: CDD68C4C8E3FAE8874F3AA13B21D527082\|3\|0\|3
.savethechildren.org/	1969-12-31 23:59:59	Name: at_check Value: true
.savethechildren.org/	1969-12-31 23:59:59	Name: stc-analytics-source Value: Email\|Email\|SFMC\|Emer_Turk_Syria\|New_Leads_b\|02/12/2023
.demdex.net/	1970-01-20 13:57:30	Name: demdex Value: 67282426639295641691761197966148712961
.savethechildren.org/	1969-12-31 23:59:59	Name: AMCVS_6B0E659F56A9E70D7F000101%40AdobeOrg Value: 1
.savethechildren.org/	1970-01-20 19:14:18	Name: _evga_c797 Value: {%22uuid%22:%22316c45b3fdc4a126%22}
.savethechildren.org/	1970-01-20 19:14:18	Name: _sfid_58d2 Value: {%22anonymousId%22:%22316c45b3fdc4a126%22%2C%22consents%22:[]}
.savethechildren.org/	1969-12-31 23:59:59	Name: stc-analytics-sub_source Value: 67613886401170920251800254659148060849\|\|\|\|\|
.savethechildren.org/	1969-12-31 23:59:59	Name: s_ecid Value: MCMID%7C67613886401170920251800254659148060849
.everesttech.net/	1970-01-20 18:23:54	Name: everest_g_v2 Value: g_surferid~Y_pIRgAAANmG9gN-
.savethechildren.org/	1970-01-20 19:14:18	Name: mbox Value: session#5e4705e0003c4b3db2f4305a5d28db1b#1676300171\|PC#5e4705e0003c4b3db2f4305a5d28db1b.37_0#1739543111
.savethechildren.org/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.dpm.demdex.net/	1970-01-20 13:57:30	Name: dpm Value: 67282426639295641691761197966148712961
.savethechildren.org/	1970-01-20 19:14:18	Name: AMCV_6B0E659F56A9E70D7F000101%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19402%7CMCMID%7C67613886401170920251800254659148060849%7CMCAAMLH-1676903110%7C6%7CMCAAMB-1676903110%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1676305510s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19409%7CMCCIDH%7C204085480%7CvVersion%7C5.4.0
.savethechildren.org/	1969-12-31 23:59:59	Name: s_nr30 Value: 1676298310441-New
.savethechildren.org/	1969-12-31 23:59:59	Name: s_cc Value: true
.savethechildren.org/	1970-01-20 09:39:44	Name: _uetsid Value: 38ec2130abaa11eda04e5367dd73e5b4
.savethechildren.org/	1970-01-20 18:59:54	Name: _uetvid Value: 38ec4220abaa11edb9b3094701dd664c
.ispot.tv/	1970-01-20 19:14:18	Name: pt Value: v2:4a79fb8bb6d2357cf5717c57d82082bcf4f60c97db15a585763367883b1fa89f\|4ddc5f8d7983cf721294c664b6959c047c929bbe3d23d2ab655fb6e2379a48ae
.bing.com/	1970-01-20 18:59:54	Name: MUID Value: 092DE7095F2B636A0A22F5BE5EA0628F
.savethechildren.org/	1970-01-20 11:47:54	Name: _fbp Value: fb.1.1676298310746.1890940717
.savethechildren.org/	1970-01-20 11:47:54	Name: _gcl_au Value: 1.1.2061693225.1676298311
.wdsvc.net/	1970-01-20 09:38:18	Name: _wdTest Value: accept
.wdsvc.net/	1970-01-20 19:14:18	Name: wds_random Value: 2023-02-13T14:25:10.816Z~2023-02-13T14:25:10.816Z\|2123313159180136\|53\|
.tiktok.com/	1970-01-20 18:59:54	Name: _ttp Value: 2LggnzeoHC2XeNa4JlRuwI7mUoG
cloud.alerts.savethechildren.org/	1970-01-20 09:39:44	Name: ln_or Value: eyI0MDkyMTMyIjoiZCJ9
.linkedin.com/	1970-01-20 10:21:30	Name: UserMatchHistory Value: AQLJ3UC9aGvXTwAAAYZLKlTUZvJMNXsTHfrWzTmFzHD0WdX-RdEUBYK4Hqy-zmpOa0qz6KI72KIWCg
.linkedin.com/	1970-01-20 10:21:30	Name: AnalyticsSyncHistory Value: AQJQ62l7nYYzggAAAYZLKlTUC_SSFi4t1uie5ktjk1cn5x4CX7Rs9Q6z8ZlNrseqzzLVHIBRk2z893EyJDAROg
.linkedin.com/	1970-01-20 18:23:54	Name: bcookie Value: "v=2&763b8a4a-1944-4f8f-88f1-74edb443ae54"
.linkedin.com/	1970-01-20 09:39:44	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2481:u=1:x=1:i=1676298310:t=1676384710:v=2:sig=AQHgfrxuibp0-bbbsC9qC36-xP8Nh7zI"
.amazon-adsystem.com/	1970-01-20 15:09:30	Name: ad-id Value: A6OpCbe8YkHfpSDPpgKSQZ4
.amazon-adsystem.com/	1970-01-20 19:14:18	Name: ad-privacy Value: 0
.savethechildren.org/	1970-01-20 19:14:18	Name: smtrrmkr Value: 638118951109547863%5E01864b2a-552a-4887-81a6-dc91d6c9e069%5E01864b2a-552a-4376-98c5-2dba19e9aae0%5E0%5E80.255.7.103
savethechildren.us-7.evergage.com/	1970-01-20 09:48:23	Name: AWSALBCORS Value: TdQjxF1j1nXMl9Qgxx3JMEWzwGl2zkazpokl16YpPkS3dW+zNM3BH3OgbppkF16h9udDcZdVqzVWoxfza0HJR2DtWsSdsvni+c0PBWc4MvCPWo7pNrDhUhiEiI2F
.savethechildren.org/	1970-01-20 19:14:18	Name: _ga Value: GA1.2.189169841.1676298311
.savethechildren.org/	1970-01-20 09:39:44	Name: _gid Value: GA1.2.1357288219.1676298311
.savethechildren.org/	1970-01-20 09:38:18	Name: _gat_gtag_UA_85748307_2 Value: 1
.www.linkedin.com/	1970-01-20 18:23:54	Name: bscookie Value: "v=1&20230213142511c7e66e65-3af3-4e7d-8479-7127f92fd3b9AQEBG3v1RUr-7RoD1pfLJ36wP0ZQwoZa"
.linkedin.com/	1970-01-20 13:57:30	Name: li_gc Value: MTswOzE2NzYyOTgzMTE7MjswMjF7+0EihzF5jQnNXzosA0aJIYh2lXj1V1D++wpBLl3UnA==
.savethechildren.org/	1970-01-20 18:59:54	Name: _tt_enable_cookie Value: 1
.savethechildren.org/	1970-01-20 18:59:54	Name: _ttp Value: DDZMG2MHDtNkIPzQY45NHzF7RNF
.adnxs.com/	1970-01-20 11:47:54	Name: uuid2 Value: 7724110733514692959
.adnxs.com/	1970-01-20 11:47:54	Name: anj Value: dTM7k!M4/YF7/.XF']wIg2Hb>sFxOE!@wnfH8KHJO4W`i=@=yZ^jn4TiSnHBhtF)14A[RZ7pnvn>vyotD^F.!_6-zQEVk`!:?wV2i6j
.casalemedia.com/	1970-01-20 18:23:54	Name: CMID Value: Y.pIR3AyqLSfgaOg8ONoHgAA
.casalemedia.com/	1970-01-20 11:47:54	Name: CMPS Value: 3344
.casalemedia.com/	1970-01-20 11:47:54	Name: CMPRO Value: 3344
.agkn.com/	1970-01-20 18:23:54	Name: ab Value: 0001%3ApHx5j%2B9t8tRyYi0O%2BlNz8H9qPC5AI3GE
.bidswitch.net/	1970-01-20 18:23:54	Name: tuuid Value: 60863e83-8995-4d51-8965-d2039387b07b
.bidswitch.net/	1970-01-20 18:23:54	Name: c Value: 1676298311
.bidswitch.net/	1970-01-20 18:23:54	Name: tuuid_lu Value: 1676298311
.yahoo.com/	1970-01-20 18:24:15	Name: A3 Value: d=AQABBEdI6mMCEDrqSaunfiY1QtKxECNEdmIFEgEBAQGZ62P0YwAAAAAA_eMAAA&S=AQAAAklWNL2V_83klpKWI4EDvdo
.analytics.yahoo.com/	1970-01-20 18:23:54	Name: IDSYNC Value: "19b9~29z2:195g~29z2"
.bluekai.com/	1970-01-20 13:58:56	Name: bku Value: b/X99W5/bZwafu6r
.bluekai.com/	1970-01-20 13:58:56	Name: bkpa Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
.ads.stickyadstv.com/	1970-01-20 10:21:30	Name: UID Value: e5d09cd7f7c4f013757e54be2aeac1b
.360yield.com/	1970-01-20 11:47:54	Name: tuuid Value: 1c75cdc1-2aa0-4f50-825d-671317c7bb08
.360yield.com/	1970-01-20 11:47:54	Name: tuuid_lu Value: 1676298311
.krxd.net/	1970-01-20 13:57:30	Name: _kuid_ Value: PYJMEJPo
.ads.stickyadstv.com/	1970-01-20 09:58:27	Name: uid-bp-30833 Value: e43bvG4ZRZ24rcB6PK6ovg
.myvisualiq.net/	1970-01-20 19:14:18	Name: tuuid Value: 50ee8a74-e5fe-4f39-908e-0a7954329b39
.myvisualiq.net/	1970-01-20 19:14:18	Name: c Value: 1676298312
.myvisualiq.net/	1970-01-20 19:14:18	Name: tuuid_lu Value: 1676298312
.360yield.com/	1970-01-20 11:47:54	Name: um Value: !416,3trTqL9W-bN1eaA5OyLDkkx.,1684074312
.360yield.com/	1970-01-20 11:47:54	Name: umeh Value: !416,0,1738506312,-1
.adform.net/	1970-01-20 10:18:37	Name: C Value: 1
.adform.net/	1970-01-20 11:04:42	Name: uid Value: 4347839742274488073
.spotxchange.com/	1970-01-20 10:18:37	Name: audience Value: 39f39fad-abaa-11ed-8955-1891fad20506
.doubleclick.net/	1970-01-20 18:59:54	Name: IDE Value: AHWqTUnz_zFqx4tD0LIYVFr-7QJoY1e2NithN8EyaBr6jOhO0ZMAJhLm3efjd2BzYOo
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1676298312_1
.serving-sys.com/	1970-01-20 11:47:54	Name: u2 Value: 38e43630-1412-4f15-a0d6-4e0b5a0c08c24L9060
.pubmatic.com/	1970-01-20 11:47:54	Name: KRTBCOOKIE_290 Value: 23219-Iy4NEM9iT1qcsc5hmiSxeg&KRTB&23261-Iy4NEM9iT1qcsc5hmiSxeg
.pubmatic.com/	1970-01-20 10:21:30	Name: PugT Value: 1676298312
ads.samba.tv/	1970-01-20 19:05:39	Name: sambapxid Value: 10c004360b44e4308
.pubmatic.com/	1970-01-20 09:39:44	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 18:23:54	Name: KADUSERCOOKIE Value: CB239C6A-5E0E-4ABA-BAFA-3DAAE65CCC2D
.semasio.net/	1970-01-20 18:23:54	Name: SEUNCY Value: B1F46EC18ACF6427
.ninthdecimal.com/	1970-01-20 13:57:30	Name: ndat Value: LU+N+GPqSEgkKBaJFGm6Ag==
.mountain.com/	1970-01-20 19:14:18	Name: guid Value: 3a55b999-abaa-11ed-831b-3341116af7d1
.savethechildren.org/	1970-01-20 19:14:18	Name: wds_random Value: 2023-02-13T14:25:10.816Z~2023-02-13T14:25:10.816Z\|2123313159180136\|53\|
.savethechildren.org/	1970-01-20 19:14:18	Name: __WDS1 Value: %7B%22da_100229%22%3A%7B%22hu%22%3A%222023-02-13T14%3A25%3A13.147Z%22%7D%7D
.px.mountain.com/	1970-01-20 19:14:18	Name: tt Value: "H4sIAAAAAAAAAKtWKlOyMtJRMjYysjSON7IwtlCyMjQzNzOytDA2NDEwA0r5BcVDZc0tjZWsDJBFwOoNagFolnueRgAAAA=="
.mountain.com/	1970-01-20 19:14:18	Name: rt Value: "MzIyOTM6MTY3NjI5ODMxNA=="
.savethechildren.org/	1969-12-31 23:59:59	Name: s_tp Value: 1427
.savethechildren.org/	1969-12-31 23:59:59	Name: s_ppv Value: Email%2520Preference%2520Center%2C84%2C84%2C1200%2C1%2C1
.savethechildren.org/	1970-01-20 09:38:20	Name: da_sid Value: CDD68C4C8E3FAE8874F3AA13B21D527082\|3\|0\|3
.savethechildren.org/	1970-01-20 18:23:54	Name: da_lid Value: FEE5BF7F9A7FEA13E1A2BB99F01F187B31\|0\|0\|0
.savethechildren.org/	1970-01-20 09:38:20	Name: da_intState Value:

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

44.238.122.172
aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
amazon.partners.tremorhub.com
analytics.tiktok.com
app.leadsrx.com
assets.adobedtm.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdn.decibelinsight.net
cdn.evgnet.com
cdn.linkedin.oribi.io
click.alerts.savethechildren.org
cloud.alerts.savethechildren.org
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d1n00d49gkbray.cloudfront.net
d6tizftlrpuof.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
dx.mountain.com
dx2eq2oh924g4.cloudfront.net
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gs.mountain.com
ib.adnxs.com
image.alerts.savethechildren.org
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
match.360yield.com
match.adsrvr.org
odr.mookie1.com
onsiteshq.smarterhq.io
pi.ispot.tv
pixel.rubiconproject.com
pt.ispot.tv
px.ads.linkedin.com
px.mountain.com
px4.ads.linkedin.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
savethechildren.us-7.evergage.com
savethechildrenfeder.tt.omtrdc.net
sb.scorecardresearch.com
smetrics.savethechildren.org
snap.licdn.com
ssum-sec.casalemedia.com
stc.demdex.net
sync.search.spotxchange.com
sync.taboola.com
t.myvisualiq.net
tags.bluekai.com
tags.wdsvc.net
token.rubiconproject.com
tr2.smarterhq.io
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
w.usabilla.com
www.dgtrx.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.imdb.com
www.linkedin.com
www.savethechildren.org
x.bidswitch.net
44.238.122.172
108.156.68.46
128.245.132.77
128.245.145.225
13.107.42.14
13.225.78.35
13.32.27.60
13.37.25.97
141.226.228.48
151.101.64.114
151.101.66.132
172.217.19.98
172.64.154.237
18.156.0.31
18.159.14.212
18.193.14.187
18.203.152.154
185.64.190.78
185.64.190.80
185.80.39.216
185.86.138.152
185.94.180.126
2.18.79.136
2.23.97.136
212.82.100.182
23.203.125.189
2600:1f18:612b:4216:cd79:34ae:bc6a:5e70
2600:9000:2057:fe00:9:7c30:be80:21
2600:9000:206f:4000:2:53b2:240:93a1
2600:9000:2491:e600:12:b144:100:21
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:400d:802::200a
2a00:1450:400d:803::200e
2a00:1450:400d:806::2003
2a00:1450:400d:806::2008
2a00:1450:400d:807::2004
2a00:1450:400d:80a::2002
2a00:1450:400d:80d::2003
2a02:26f0:11a::217:9a4a
2a02:26f0:dc:292::1e80
2a02:26f0:dc::6853:4c1
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.31.24
3.227.179.229
3.248.89.226
3.67.114.199
34.160.236.64
34.240.188.129
34.249.28.111
34.254.143.3
34.98.64.218
34.98.72.238
35.157.71.156
35.170.45.72
35.71.131.137
35.85.106.161
37.157.3.28
37.252.172.123
44.211.7.214
44.225.161.165
44.241.55.126
45.79.141.248
52.12.117.226
52.46.143.56
52.50.101.149
52.6.32.88
54.190.217.118
54.210.118.107
54.72.113.247
54.84.231.24
63.35.113.29
65.9.65.116
69.173.144.139
76.223.111.18
77.243.60.138
99.86.1.140
99.86.4.3
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
0c50591d3e3f7039c2f103303d1a83fc20ca3034c6eae4d77fead6ad52c3b53d
0e2ba28a70acdfd6cc0d73ebd3ffd0eefcc2b6c872bd6a7f0f29b6296bd3f6f8
11c17435613d52510239a4f9e6a99b43ff10cf86a355fa80bfdd1ce0639fd8be
143c363b622e480ab56844ea4c7d173beef2506a6c8e7af20d96e2641bf2e64d
14ebc8ff9a61c03ccd8dc407b188678fa08b050929904bbfb746d658299f9a14
15d6dff53a85e601ddd4a1e658129efdeedaf6d1f5c27ff624a480bdbf491210
191d4cfe259a79476cf2d6cd73900e4789e5ab7ffd39868890ae220e04fa9426
1a42ca1731f388dd11cad1dbec6188352ec24a352783bce02509f135469c9adb
1bce4f7bc6a794b397ae828091147a05faf04e5c695d383ae69e58e223af0a67
1c7ba8604dcd94b9cca5ab0c1f3bec06f478072e50f4cc2e3edf243e4040798d
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
1f8cb94dc31befeebeb9b93a9ab4194e8b839edd9985d973b23514f7a6c52a0c
227d09832c052261f9cbea804d9d6fdfb37d8087801007974f5d232670c3ff0a
23c859119c753d940d35cab688e80ac1dfcf296a1fc931ebcb0db347554582f2
2c65fdb9a9096dd12112c7cc227c15d4e70d8869d74a2f2f30a0e555e5d24bca
30ab3cad2bdc288855c0d445fa5b532d82ede4ac1269cc637e2fad0e348bd4da
390ade223e0475185e8882fd91177c97755ab89690ff808b0474eda1c27fd799
3e7d451c7ea1387503259f1798e054d426287e1e5e9dfa74296f47062090f446
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
41408fb1332f31d1abfdc52ef061b990a8e88f4da6c1a3de81cba340f7933964
427f8b4ac872d051c8ce1a09a21491cd8dd4e4231a82d3876adddf103de736dc
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
4691508b8d47058f1dafd5da9f90839697992d2cd2f609696b0c1a758923bfb4
482088696f16ceca227f58751b928ccda02ffbe6c506c828ac76415896edde90
4a16bc7d2e85efc46835a2ce98506167da6957f6f6893a63c0403617c2ef17bb
4abfaec59b56e621da4b5e41cb2e0651d4efd2332d3802ef52c090046f4b3937
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55d0dd5e19596a4d24ae5f4b9a3be4bcd844b1bee501a340945acbeedfebd8c0
57a9e3e1dfc314ba9f6563bd88aa2a83fce5c4c8480b78b5aaae2e96b17749eb
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6b5116bd2cb4809c6634b99a9b1ea0a0aeda596a94817682a0e4811e35eccc58
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6deded597bcea6aa6e91fda2b241095a04be8ec03bdbed3b0895581384180232
70d9c29ad7b44c2a878de735f8bda4ad54435697a16628cff6e53ce648c2460b
718ce96434a7bde022f8fc0f911fb56cf1605bea08c8cd8b6d02bf2d3e77a9f4
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cd232d5bdfa34393b0885c149bde2ed699e8bf43d611704ead2b6d33b64d5fc
7da014e3280b4bcba02d273b3d35770d3e731ff12237b777776fae1d5ca11ded
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e32ac774f1b2a43edc5b9c7eb0f08d251ff1ef54fa2970f7f4e1476930152c6
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
927fd23005d88e731fe6ef42b1dc0d0ccb423fa2aea68aa6dc5e5367b32253c2
9322fa354d8bd9f1083cd56f4d8b58028d6f4031a6a2986d963a9e8c6087e635
9673752483c4e7aa494754ad77a55ac00175cfc51309d32c7c9552489173472a
971d66d8d07105d2905682f357f6eda2afd4225a47d727255db9305b6f563a67
978c97ea401ec21fd66e9b71911cf9a5d33d7d4b694eb86ee8522e7438d1d657
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9fbb05adcdc2317148fbaaf7c56be51c9246d351c9ae5235eb09dcd0ee0da552
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1858318092d0216a76e71fcc9a1a43f7abf3a3879ab44e2e9ed729ca0cdf2aa
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a5121bc9d182223d675a7ac29dbef35c6e537ee1fcb2fde58a7a7d8ecf3210fe
a5d05401cac92d35f9cb3083e7dcf157ad8d6fb073d95ed81ce1665781864cfc
abec98a84ef0c018b62c004e84456a0cd1a83537f2a9715c3014e17149386927
ad03f2d9717e9a1726eb72a6e57806dc3dbbe31cce440b4d20e05c608be5b861
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba36ab95369ed656d228bbb5596d13e4fe503768fcbb29d01ab4c26bbc8af93e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be7391a23e9fbd4e67d57e15d54752b4f16bbee53448bf3e79f536349c1305d2
bf53d5c98b4aeabc1e5c30f681f4150651432d8bdc6d5904643914ead40b4a88
c11da27641bcc9d2a1b9cf1b68c7091472b3a1f0d97c7718cef3b23cd318bf46
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5a36be2e59121b1b9d48afb6bc5b9492f9e7e6f214943f887607dca45ca0324
c9a088f08a823815b316ea959d813c2959ba4fcc4e015c815c8e3820cabb9423
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d825df92e797e394f3ea50582dfc84b1e0c6bee3552aa99bb4fd25180408d045
ddd038b266057d11d6fc3276d91ed810c401c861b7eb00ac5688c80f507fe985
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6033c98f9da46fcabe5982aabe66949f2071aaf3034e7597c294b9b21e0dfd
ea6232068224c811afd3c266f500b397a55c2e69aa8e053c13c341db99077842
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee893f27e1b955dda5a07e7dbf119b620d88117059a87f043ef2d37967ed0467
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
fabc5a49269ec5c2dc576471f74f5b0f5c935017e8080f88a9e70524181c6c3c

cloud.alerts.savethechildren.org Open in urlscan Pro 128.245.132.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

74 %HTTPS

23 %IPv6

61 Domains

83 Subdomains

51 IPs

9 Countries

1142 kBTransfer

3023 kBSize

88 Cookies

1 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cloud.alerts.savethechildren.org Open in urlscan Pro
128.245.132.77 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

74 %
HTTPS

23 %
IPv6

61
Domains

83
Subdomains

51
IPs

9
Countries

1142 kB
Transfer

3023 kB
Size

88
Cookies

139 HTTP transactions
0 data transactions