saveig.org Open in urlscan Pro
2606:4700:20::681a:8a6 Public Scan

URL:
https://saveig.org/
Submission: On April 06 via manual (April 6th 2020, 10:04:28 pm UTC) from PH

Summary HTTP 87 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 19 domains to perform 87 HTTP transactions. The main IP is 2606:4700:20::681a:8a6, located in United States and belongs to CLOUDFLARENET, US. The main domain is saveig.org.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 6th 2019. Valid for: a year.

This is the only time saveig.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:20:... 2606:4700:20::681a:8a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f22... 2a03:2880:f22f:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f24... 2a03:2880:f24d:cb:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
9	2a03:2880:f23... 2a03:2880:f231:c5:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f20... 2a03:2880:f20c:2c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3031::6818:68f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:303... 2606:4700:3034::6812:2a06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:b4a:1:7:... 2a02:b4a:1:7::5647:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	13.225.86.250 13.225.86.250	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:40f... 2600:1f18:40f7:9700:ed0d:4db:b8bb:8a3e	14618 (AMAZON-AES) (AMAZON-AES)
6 8	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
7	51.79.98.223 51.79.98.223	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
2	185.33.223.202 185.33.223.202	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
87	27

5 2606:4700:20::681a:8a6 (United States)

ASN13335 (CLOUDFLARENET, US)

saveig.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f22f:c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-bom1-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f24d:cb:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-cgk1-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f231:c5:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-sjc3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f20c:2c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-sin6-2.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6818:68f1 (United States)

ASN13335 (CLOUDFLARENET, US)

pagiwp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3034::6812:2a06 (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:b4a:1:7::5647:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

anlcld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.86.250 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-86-250.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:40f7:9700:ed0d:4db:b8bb:8a3e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

cicero-mit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.79.98.223 (Canada)

ASN16276 (OVH, FR)
PTR: ns567465.ip-51-79-98.net

s.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.202 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 318.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	vdo.ai a.vdo.ai track.vdo.ai s.vdo.ai	565 KB
16	demand.supply live.demand.supply api.demand.supply	26 KB
12	cdninstagram.com scontent-bom1-1.cdninstagram.com scontent-cgk1-1.cdninstagram.com scontent-sjc3-1.cdninstagram.com scontent-sin6-2.cdninstagram.com	431 KB
9	doubleclick.net 7 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	132 KB
5	google-analytics.com 1 redirects www.google-analytics.com	18 KB
5	saveig.org saveig.org	19 KB
4	gstatic.com fonts.gstatic.com	54 KB
3	adnxs.com ib.adnxs.com acdn.adnxs.com	3 KB
3	googleapis.com fonts.googleapis.com imasdk.googleapis.com	91 KB
2	google.de www.google.de adservice.google.de	280 B
2	google.com 1 redirects www.google.com adservice.google.com	352 B
2	amazon-adsystem.com c.amazon-adsystem.com	28 KB
2	anlcld.com anlcld.com	1019 B
1	googletagservices.com www.googletagservices.com	28 KB
1	2mdn.net s0.2mdn.net	11 KB
1	cicero-mit.com cicero-mit.com	3 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
1	pagiwp.com pagiwp.com	4 KB
87	19

	Domain	Requested by
15	live.demand.supply	saveig.org live.demand.supply pagead2.googlesyndication.com
9	scontent-sjc3-1.cdninstagram.com	saveig.org
8	googleads.g.doubleclick.net	6 redirects pagead2.googlesyndication.com
7	s.vdo.ai	a.vdo.ai saveig.org
7	a.vdo.ai	saveig.org a.vdo.ai
5	www.google-analytics.com	1 redirects saveig.org
5	saveig.org	saveig.org
4	pagead2.googlesyndication.com	live.demand.supply pagead2.googlesyndication.com
4	fonts.gstatic.com	saveig.org www.google-analytics.com
3	track.vdo.ai	saveig.org
2	ib.adnxs.com	a.vdo.ai
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	c.amazon-adsystem.com	saveig.org c.amazon-adsystem.com
2	imasdk.googleapis.com	a.vdo.ai imasdk.googleapis.com
2	anlcld.com	pagiwp.com
1	acdn.adnxs.com	a.vdo.ai
1	www.googletagservices.com	pagead2.googlesyndication.com
1	s0.2mdn.net	imasdk.googleapis.com
1	cicero-mit.com	saveig.org
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	api.demand.supply	live.demand.supply
1	www.google.de	saveig.org
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	a.vdo.ai
1	pagiwp.com	saveig.org
1	scontent-sin6-2.cdninstagram.com	saveig.org
1	scontent-cgk1-1.cdninstagram.com	saveig.org
1	scontent-bom1-1.cdninstagram.com	saveig.org
1	fonts.googleapis.com	saveig.org
87	31

This site contains links to these domains. Also see Links.

Domain
vdo.ai

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-10-06` - `2020-10-05`	a year	crt.sh
demand.supply CloudFlare Inc ECC CA-2	`2019-06-23` - `2020-06-22`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2020-03-22` - `2020-06-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
anlcld.com Let's Encrypt Authority X3	`2020-03-20` - `2020-06-18`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
cicero-mit.com Amazon	`2019-11-26` - `2020-12-26`	a year	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2019-10-15` - `2021-10-15`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-16` - `2020-05-16`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://saveig.org/
Frame ID: 166550B47E66157C712C77D18E10738B
Requests: 75 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: DFC5E8EFFDAB2A284E5D591BA1763CB2
Requests: 2 HTTP requests in this frame

Frame: https://cicero-mit.com/imp/8ba4dbb7-7852-11ea-9264-0a00614f777d/1/BY56I4t3nXnCm1bbekEAy63meuZ03PCcR4U8GhNh5C89l282lBj7sOe-mvuLOOqLegPIEnk-tgOgYIfospYG2gqpAgYMJQKgsc5QTbUN899xG03xTLmP8rs0LTwlga3_PloJmkUC8mS3tJqhYUtRQO5350cN8Fmn6-A5C97wKVTIXd3Lc6eddJWDjp1YIc5Ok0qIptvdN4XpKgFY7L5N-Q8g8jWW_x2OBY70pwCxJXji6WFF1IEvwqNjf4PmxN328llaLk4EdtyNBURF_TZ-hd9lt77oXU-C6-62AB_6docHvoIZG_noMGL9Isc_ru6pH_T7KwVwMlyj7qVzqDqd83uFah8ofykvQeOq5-a6LbHBbDE9WKACo5MOr29OWuLU_VMywLxYe_ur1iz0JuMy-16SZb-fsns3rfjGipWE3CqpSWHGx-TIR6E-oGYX1MCnHoQUwhyLfkX3br7UDLqbXQT100H-p1u7U_W8EzVTbWSxz6vQ-pLE7Buhd1iE_CvLq5EvTs5-KP8C_UtbnSPb1OinnkgBON1bpRVdoa1lJY4-FFHAf_3MR0h0gxvex3rHZ-SiDuQ1H8oYkitt8gmj_F_bK_BHgaiHqDRtO1p2PdI68bxwkM_hP6fJ_a0zmsfaZ_T_C5Esblb-OWp8yhU1yRNw7I-QG8ObtTCit6MW7bWhOK-o_MsTvIvlYIiarUfXIg==.uaiS83mvO8nApFQ3xawsJA==
Frame ID: 255430A8621E4331A5FF7F6DB1291969
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200402/r20190131/zrt_lookup.html
Frame ID: FAD028AB075B74526974E486C46CCE05
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.378.0_en.html
Frame ID: BC2CDEC24147327AE10D57F360A82024
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 6D2A5365B95D9C48F30E845F3F36C420
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&adk=1812271804&adf=3025194257&lmt=1586210651&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsaveig.org%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1586210651626&bpp=4&bdt=517&fdt=116&idt=116&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=7474755358384&frm=20&pv=1&ga_vid=319761314.1586210651&ga_sid=1586210652&ga_hid=1736695617&ga_fc=0&iag=0&icsg=36507364096&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291&oid=3&pvsid=1019175289626464&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=121
Frame ID: BCD39969F78BDB630690F7C0AC0DC6F1
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 1D6E948743EE1AC067A531A53D7932B6
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 99F9D971C20E2CF54FAD3DC92B7EDCDE
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 02C0C0FE86EB713E674AE100A1B96002
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 77675B75786A5075951AFCD7265A1556
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 3BC6E98B0A7FD20DBB258C8EB7E66A2F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: E9E23C201451558AD259D02922CF70D0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: E62F1653071A174080CBC65EA3A3968F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
script /2mdn\.net/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

87
Requests

97 %
HTTPS

86 %
IPv6

19
Domains

31
Subdomains

27
IPs

6
Countries

1442 kB
Transfer

3040 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vdo.ai/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1736695617&t=pageview&_s=1&dl=https%3A%2F%2Fsaveig.org%2F&ul=en-us&de=UTF-8&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KEDAAUAB~&jid=672690704&gjid=546742201&cid=319761314.1586210651&tid=UA-113932176-19&_gid=1435742961.1586210651&_r=1&gtm=2ou3p1&z=884519434 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-113932176-19&cid=319761314.1586210651&jid=672690704&_gid=1435742961.1586210651&gjid=546742201&_v=j81&z=884519434 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113932176-19&cid=319761314.1586210651&jid=672690704&_v=j81&z=884519434 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113932176-19&cid=319761314.1586210651&jid=672690704&_v=j81&z=884519434&slf_rd=1&random=2857327936

Request Chain 61

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=853b2259-003e-469b-b1d1-43f699c283f5&adk=3734547523&adf=1846469579&w=728&lmt=1586210651&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fsaveig.org%2F&flash=0&wgl=1&adsid=NT&dt=1586210651619&bpp=6&bdt=510&fdt=82&idt=82&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7474755358384&frm=20&pv=2&ga_vid=319761314.1586210651&ga_sid=1586210652&ga_hid=1736695617&ga_fc=0&iag=0&icsg=2147625728&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=1110&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291&oid=3&pvsid=1019175289626464&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=1&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4lWWU9GlJf&p=https%3A//saveig.org&dtd=94 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 68

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=ec39dfb7-8dfb-42ff-beda-03ba3d2f9661&adk=3758343075&adf=2009290777&w=900&fwrn=4&fwrnh=100&lmt=1586210651&rafmt=2&psa=0&guci=1.2.0.0.2.2.0.0&format=900x90&url=https%3A%2F%2Fsaveig.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&adsid=NT&dt=1586210651665&bpp=4&bdt=556&fdt=91&idt=91&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=7474755358384&frm=20&pv=1&ga_vid=319761314.1586210651&ga_sid=1586210652&ga_hid=1736695617&ga_fc=0&iag=0&icsg=36507364096&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=343&ady=352&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291&oid=3&pvsid=1019175289626464&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tEiUSYbM3T&p=https%3A//saveig.org&dtd=94 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 69

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=b5a686f1-717d-4835-bfca-d1cd79140732&adk=3911039140&adf=2009290777&w=900&fwrn=4&fwrnh=100&lmt=1586210651&rafmt=2&psa=0&guci=1.2.0.0.2.2.0.0&format=900x90&url=https%3A%2F%2Fsaveig.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&adsid=NT&dt=1586210651848&bpp=3&bdt=739&fdt=3&idt=3&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C900x90&nras=1&correlator=7474755358384&frm=20&pv=1&ga_vid=319761314.1586210651&ga_sid=1586210652&ga_hid=1736695617&ga_fc=0&iag=0&icsg=36507364096&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=343&ady=352&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291&oid=3&pvsid=1019175289626464&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&fsb=1&xpc=89ZabT7Ivt&p=https%3A//saveig.org&dtd=5 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 70

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=c48d2b7e-0c4d-4a2c-b955-b0505db247e9&adk=2913856108&adf=1846469579&w=728&lmt=1586210651&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fsaveig.org%2F&flash=0&wgl=1&adsid=NT&dt=1586210651858&bpp=3&bdt=749&fdt=3&idt=3&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C900x90%2C900x90&nras=1&correlator=7474755358384&frm=20&pv=1&ga_vid=319761314.1586210651&ga_sid=1586210652&ga_hid=1736695617&ga_fc=0&iag=0&icsg=36507364096&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=1110&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291&oid=3&pvsid=1019175289626464&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=1&fu=16&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Al50XuyKUQ&p=https%3A//saveig.org&dtd=6 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 72

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=f05ef150-dae3-4004-b68a-ea67132b6f35&adk=170744382&adf=2009290777&w=900&fwrn=4&fwrnh=100&lmt=1586210652&rafmt=2&psa=0&guci=1.2.0.0.2.2.0.0&format=900x90&url=https%3A%2F%2Fsaveig.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&adsid=NT&dt=1586210652056&bpp=4&bdt=947&fdt=5&idt=5&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C900x90%2C900x90%2C728x90&nras=1&correlator=7474755358384&frm=20&pv=1&ga_vid=319761314.1586210651&ga_sid=1586210652&ga_hid=1736695617&ga_fc=0&iag=0&icsg=36507364096&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=343&ady=352&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291&oid=3&pvsid=1019175289626464&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=5&uci=a!5&fsb=1&xpc=S7GHnCBOSQ&p=https%3A//saveig.org&dtd=7 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 73

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=ecda4504-9728-4a69-82e8-bbf8b75e697b&adk=406626246&adf=1846469579&w=728&lmt=1586210652&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fsaveig.org%2F&flash=0&wgl=1&adsid=NT&dt=1586210652071&bpp=3&bdt=962&fdt=3&idt=3&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C900x90%2C900x90%2C728x90%2C900x90&nras=1&correlator=7474755358384&frm=20&pv=1&ga_vid=319761314.1586210651&ga_sid=1586210652&ga_hid=1736695617&ga_fc=0&iag=0&icsg=36507364096&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=1110&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291&oid=3&pvsid=1019175289626464&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=1&fu=16&bc=31&ifi=6&uci=a!6&fsb=1&xpc=VmDtsj04Gk&p=https%3A//saveig.org&dtd=5 HTTP 302
https://live.demand.supply/ds.2.html

87 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
saveig.org/ 14 KB
5 KB 255ms
215ms Document
text/html 2606:4700:20::681a:8a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f030867c503298f9df466ea63d7fcf8ca8db7f878a4b985c6c21d64379b58485

Request headers

:method: GET
:authority: saveig.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Mon, 06 Apr 2020 22:04:11 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d6d761138d89911667fdd356f4fff05971586210650; expires=Wed, 06-May-20 22:04:10 GMT; path=/; domain=.saveig.org; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57fecd980cf0d6c1-FRA
content-encoding: br

GET
H2 200 up.js Show response
live.demand.supply/ 4 KB
3 KB 275ms
250ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2360cf3062cdcb281aa725e7807341c9253f684642585c782e8da153954bcb07

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-nf-request-id: 5b6f45dc-9886-46d8-aad0-772613eceb3b-11401697
date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 569
cf-polished: origSize=3756
cf-ray: 57fecd999fd116f2-FRA
status: 200
cf-bgj: minify
server: cloudflare
etag: W/"657a11a9289f10f6b52509f7c67bd374-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
timing-allow-origin: *
link: </impl.v9.5.0.js>; rel=preload; as=script,</p2/v9-5-0?url=saveig.org%2F>; rel=preload; as=script
cf-h2-pushed: </impl.v9.5.0.js>,</p2/v9-5-0?url=saveig.org%2F>

GET
H2 200 art.css
saveig.org/css/ 38 KB
6 KB 58ms
57ms Stylesheet
text/css 2606:4700:20::681a:8a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://saveig.org/css/art.css?v88
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bccbfa61bb0b0df621a8392a9059d795f7d1091383d1437e97478a2849eff9b8

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 30 Mar 2020 03:15:46 GMT
server: cloudflare
age: 20933
etag: W/"5e816462-9764"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
cf-ray: 57fecd997851d6c1-FRA
expires: Wed, 06 May 2020 16:15:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
659 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat&display=swap

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9982a23525ba1a5e0273ee56b3dd6b1d9c54a6be4e9081a9d5f3715e1d4b4d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Apr 2020 22:04:11 GMT
server: ESF
date: Mon, 06 Apr 2020 22:04:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Apr 2020 22:04:11 GMT

GET
H2 200 59381178_2348911458724961_5863612957363011584_n.jpg
scontent-bom1-1.cdninstagram.com/v/t51.2885-19/s150x150/ 4 KB
4 KB 373ms
122ms Image
image/jpeg 2a03:2880:f22f:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-bom1-1.cdninstagram.com/v/t51.2885-19/s150x150/59381178_2348911458724961_5863612957363011584_n.jpg?_nc_ht=scontent-bom1-1.cdninstagram.com&_nc_ohc=jm3Y5TBsRiwAX_2oof2&oh=7afe68789f3f864025fbd98eadc6b4ff&oe=5EB3F623
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22f:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: be19eda0e4e70693a613ddacd6354d5c9bba0580f283eec6517bb1092fc98b62

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 1153764853
date: Mon, 06 Apr 2020 22:04:11 GMT, Mon, 06 Apr 2020 22:04:11 GMT
x-fb-trip-id: 1527350943
last-modified: Wed, 08 May 2019 23:06:30 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2603113846
x-fb-config-version-olb-prod: 791
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 4201

GET
H2 200 67310557_649773548849427_4130659181743046656_n.jpg
scontent-cgk1-1.cdninstagram.com/v/t51.2885-19/s150x150/ 8 KB
8 KB 763ms
252ms Image
image/jpeg 2a03:2880:f24d:cb:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-cgk1-1.cdninstagram.com/v/t51.2885-19/s150x150/67310557_649773548849427_4130659181743046656_n.jpg?_nc_ht=scontent-cgk1-1.cdninstagram.com&_nc_ohc=_U-_QjHE514AX-Ew2A3&oh=9664e004f7ef846788e2f636d2914b26&oe=5EB53653
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f24d:cb:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 28163c32d70bb3f4c157b69865ad597e8a4fecae8827ffa52e6cbbf373a59efb

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 3749683837
date: Mon, 06 Apr 2020 22:04:11 GMT, Mon, 06 Apr 2020 22:04:11 GMT
x-fb-trip-id: 1679558926
last-modified: Fri, 16 Aug 2019 15:13:41 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1348960773
x-fb-config-version-olb-prod: 791
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 8280

GET
H2 200 90315510_244620580266149_3178471881476931584_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-19/s150x150/ 3 KB
3 KB 466ms
155ms Image
image/jpeg 2a03:2880:f231:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-19/s150x150/90315510_244620580266149_3178471881476931584_n.jpg?_nc_ht=scontent-sjc3-1.cdninstagram.com&_nc_ohc=nZnSB1V84XoAX8dFggv&oh=53db33252d51b0b7f02e7723bb2da2ed&oe=5EB221A1
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f231:c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6120660877676c01d457e9dd34d993e8cde4146ad3bcefe0a67f2c3a5bef4dd4

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 244268703
date: Mon, 06 Apr 2020 22:04:11 GMT, Mon, 06 Apr 2020 22:04:11 GMT
x-fb-trip-id: 1425083115
last-modified: Wed, 18 Mar 2020 20:18:01 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1887543359
x-fb-config-version-olb-prod: 791
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 3230

GET
H2 200 11850309_1674349799447611_206178162_a.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-19/ 6 KB
6 KB 466ms
155ms Image
image/jpeg 2a03:2880:f231:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-19/11850309_1674349799447611_206178162_a.jpg?_nc_ht=scontent-sjc3-1.cdninstagram.com&_nc_ohc=AUM6BECutXwAX8n-Qqh&oh=0de67379e84354b7de9bbbecec2ab43f&oe=5EB36784
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f231:c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a7abef4b3776c5a08fb1199bef6891ea36ca5c7d713974f9ddbb5689d65b981e

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 3698181606
date: Mon, 06 Apr 2020 22:04:11 GMT, Mon, 06 Apr 2020 22:04:11 GMT
x-fb-trip-id: 1425083115
last-modified: Sun, 16 Aug 2015 12:19:32 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3383123613
x-fb-config-version-olb-prod: 791
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 6016

GET
H2 200 80812750_2461415647505687_1090722136118525952_n.jpg
scontent-sin6-2.cdninstagram.com/v/t51.2885-19/s150x150/ 5 KB
6 KB 485ms
159ms Image
image/jpeg 2a03:2880:f20c:2c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-sin6-2.cdninstagram.com/v/t51.2885-19/s150x150/80812750_2461415647505687_1090722136118525952_n.jpg?_nc_ht=scontent-sin6-2.cdninstagram.com&_nc_ohc=dzTJ-L-U734AX-a_IfR&oh=8b4d60abc5673fa187e745b68b2a2f03&oe=5EB4C9AC
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:2c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 441823a19e6742039ce3e91a1383d834a2d5c8aecafe298e8300d7309c37eee9

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 1202946618
date: Mon, 06 Apr 2020 22:04:11 GMT, Mon, 06 Apr 2020 22:04:11 GMT
x-fb-trip-id: 1814657579
last-modified: Fri, 10 Jan 2020 05:38:56 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2755493590
x-fb-config-version-olb-prod: 791
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 5565

GET
H2 200 88969499_231226268049340_341618078066409472_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-19/s150x150/ 7 KB
7 KB 467ms
156ms Image
image/jpeg 2a03:2880:f231:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-19/s150x150/88969499_231226268049340_341618078066409472_n.jpg?_nc_ht=scontent-sjc3-1.cdninstagram.com&_nc_ohc=pVwTT2oRlvIAX_inGnE&oh=bffc33257554dbe4781beb61adca6216&oe=5EB4120B
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f231:c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 133fcafff101c68321513deab05b815ddedf216ccd211262ac0e562971d8df3a

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 3156482618
date: Mon, 06 Apr 2020 22:04:11 GMT, Mon, 06 Apr 2020 22:04:11 GMT
x-fb-trip-id: 1425083115
last-modified: Tue, 03 Mar 2020 20:36:03 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3257543719
x-fb-config-version-olb-prod: 791
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 7355

GET
H2 200 lazy.jpg
saveig.org/img/ 3 KB
3 KB 22ms
21ms Image
image/jpeg 2606:4700:20::681a:8a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saveig.org/img/lazy.jpg
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 141e849165cd8090d15cc89114aea9cad9b5cc3118447d726bfd68a5459deadf

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jul 2019 07:17:07 GMT
server: cloudflare
age: 578391
etag: "5d1b04f3-a8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 57fecd99785bd6c1-FRA
content-length: 2703
expires: Wed, 29 Apr 2020 12:25:50 GMT

GET
H2 200 art.js Show response
saveig.org/js/ 10 KB
3 KB 22ms
21ms Script
application/javascript 2606:4700:20::681a:8a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://saveig.org/js/art.js?v88
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0374f499c07e140f139c6227f72fb608499848dc31ffeb1586797395f60fae40

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Apr 2020 16:15:03 GMT
server: cloudflare
age: 20933
etag: W/"5e8b5587-260d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
cf-ray: 57fecd997859d6c1-FRA
expires: Wed, 06 May 2020 16:15:11 GMT

GET
H2 200 waWQiOjEwMjQxOTIsInNpZCI6MTAzMjQwNiwid2lkIjo1ODY4MSwic3JjIjoyfQ==eyJ.js Show response
pagiwp.com/pw/ 13 KB
4 KB 52ms
19ms Script
application/javascript 2606:4700:3031::6818:68f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pagiwp.com/pw/waWQiOjEwMjQxOTIsInNpZCI6MTAzMjQwNiwid2lkIjo1ODY4MSwic3JjIjoyfQ==eyJ.js
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:68f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1092832fd4e1c7806a41565aa7dc78257e6b5b013258cb14142ef5b8bd83908

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 4441
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: max-age=14400
cf-ray: 57fecd99a8ca0ea7-FRA
access-control-allow-origin: https://saveig.org

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/saveigv1/ 3 KB
2 KB 40ms
13ms Script
text/javascript 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/saveigv1/vdo.ai.js
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 945881137776aac5df929d7921a9fdbd6a2d30ef82032e154116c1e3b6a37b7b

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 17513
vdo-server: Tag1
x-cache: HIT
status: 200
content-encoding: br
content-type: text/javascript;charset=UTF-8
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 113390634 2131703
cache-control: public, max-age=31536000
cf-ray: 57fecd99fb446449-FRA
expires: Sun, 04 Apr 2021 15:02:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5439
date: Mon, 06 Apr 2020 20:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Mon, 06 Apr 2020 22:33:32 GMT

GET
H2 200 search.png
saveig.org/img/ 2 KB
2 KB 20ms
19ms Image
image/png 2606:4700:20::681a:8a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saveig.org/img/search.png
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b58f9e33cb0610010c4af74e9eb1d407e132047fcd5af593867d92639f4cdc8a

Request headers

Referer: https://saveig.org/css/art.css?v88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jul 2019 07:17:07 GMT
server: cloudflare
age: 75372
etag: "5d1b04f3-869"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 57fecd99d982d6c1-FRA
content-length: 2153
expires: Wed, 22 Apr 2020 08:06:41 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v14/ 19 KB
19 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin: https://saveig.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 10:03:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:19 GMT
server: sffe
age: 2721643
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 19172
x-xss-protection: 0
expires: Sat, 06 Mar 2021 10:03:28 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v14/ 12 KB
12 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

637fc05835856f967578386134fe8a10b4fc4afaae082c8052226d5bd5a23e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin: https://saveig.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 00:30:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:18 GMT
server: sffe
age: 855216
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12196
x-xss-protection: 0
expires: Sun, 28 Mar 2021 00:30:35 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v14/ 17 KB
17 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c75be06dd83179b39507632603aaf3eab56409a1fb41c5a40bb68157d46029d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin: https://saveig.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

date: Sat, 04 Apr 2020 04:58:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:53 GMT
server: sffe
age: 234336
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 17060
x-xss-protection: 0
expires: Sun, 04 Apr 2021 04:58:35 GMT

GET
H2 200 91403413_262352418116785_3640926185153328043_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/ 58 KB
58 KB 392ms
156ms Image
image/jpeg 2a03:2880:f231:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/91403413_262352418116785_3640926185153328043_n.jpg?_nc_ht=scontent-sjc3-1.cdninstagram.com&_nc_cat=101&_nc_ohc=iHzjDYz17CEAX_Mp8-P&oh=4f1b868b5de7b924880839c68c44ccd9&oe=5EB54CC1
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f231:c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5da69d1186f2c1966efca947b0761c6f79533e40dc999431ef5873782934a07a

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 4047526367
date: Mon, 06 Apr 2020 22:04:11 GMT, Mon, 06 Apr 2020 22:04:11 GMT
x-fb-trip-id: 1425083115
last-modified: Fri, 03 Apr 2020 11:02:24 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3473190399
x-fb-config-version-olb-prod: 791
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 59495

GET
H2 200 92031366_281340659550115_6692124519955131794_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/ 58 KB
58 KB 575ms
339ms Image
image/jpeg 2a03:2880:f231:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/92031366_281340659550115_6692124519955131794_n.jpg?_nc_ht=scontent-sjc3-1.cdninstagram.com&_nc_cat=107&_nc_ohc=pOBqI-ZWIlEAX-WZqyV&oh=458004ca1724ed7c358567116c368866&oe=5EB579A3
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f231:c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 02a4625201f6c8fb96b193c3f3beb1448ecf1d1754b305fb833c5edc1b0975a7

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 909674837
date: Mon, 06 Apr 2020 22:04:11 GMT, Mon, 06 Apr 2020 22:04:11 GMT
x-fb-trip-id: 1425083115
last-modified: Wed, 01 Apr 2020 19:31:57 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2763044748
x-fb-config-version-olb-prod: 791
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 59223

GET
H2 200 91520287_304280613875779_7509194354427512970_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 54 KB
54 KB 574ms
339ms Image
image/jpeg 2a03:2880:f231:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/91520287_304280613875779_7509194354427512970_n.jpg?_nc_ht=scontent-sjc3-1.cdninstagram.com&_nc_cat=1&_nc_ohc=uwBN6Bja0i0AX_xsBnY&oh=62a06e1135e13d76342b849b9dfd1a90&oe=5E8DFF94
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f231:c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2848d5f304886d1460d2bbced8fab32713c221f202ee60905e04261d8577c946

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 4085853592
date: Mon, 06 Apr 2020 22:04:11 GMT, Mon, 06 Apr 2020 22:04:11 GMT
x-fb-trip-id: 1425083115
last-modified: Wed, 01 Apr 2020 22:11:38 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3043506962
x-fb-config-version-olb-prod: 24f21f869f4a4296b4ce100e34bcb355
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 55132

GET
H2 200 92947412_290064511981322_1005888688828689005_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/ 120 KB
120 KB 479ms
478ms Image
image/jpeg 2a03:2880:f231:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/92947412_290064511981322_1005888688828689005_n.jpg?_nc_ht=scontent-sjc3-1.cdninstagram.com&_nc_cat=1&_nc_ohc=2EyQAyfC3R8AX9zOlN-&oh=28f6002d22cc73bec52e876688f49e13&oe=5EB3EEFB
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f231:c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: bbe21d32c7f858129bf7230d3739f2f2312097712404f04a179df5b09442985e

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 1791588880
date: Mon, 06 Apr 2020 22:04:11 GMT, Mon, 06 Apr 2020 22:04:11 GMT
x-fb-trip-id: 1425083115
last-modified: Mon, 06 Apr 2020 11:58:19 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 410134952
x-fb-config-version-olb-prod: 791
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 122552

GET
H2 200 91973490_223041445434749_9222841885001038119_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/ 61 KB
61 KB 478ms
478ms Image
image/jpeg 2a03:2880:f231:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/91973490_223041445434749_9222841885001038119_n.jpg?_nc_ht=scontent-sjc3-1.cdninstagram.com&_nc_cat=1&_nc_ohc=YvTs40834_wAX_r82LO&oh=658a6984ec4c591f894e95655d560935&oe=5EB3E6C8
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f231:c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4188d10536e381ae9a081d8784b86c301d8bc9664a6bc1fadb9770cfbf25804a

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 2914591467
date: Mon, 06 Apr 2020 22:04:11 GMT, Mon, 06 Apr 2020 22:04:11 GMT
x-fb-trip-id: 1425083115
last-modified: Mon, 06 Apr 2020 14:13:47 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1150228658
x-fb-config-version-olb-prod: 791
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 62602

GET
H2 200 91806995_924659368004441_6059516212438047297_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/ 45 KB
45 KB 479ms
479ms Image
image/jpeg 2a03:2880:f231:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/91806995_924659368004441_6059516212438047297_n.jpg?_nc_ht=scontent-sjc3-1.cdninstagram.com&_nc_cat=1&_nc_ohc=MW0usN6w_yMAX9Liz9s&oh=45728aac1f63242ad29fa181bb234a75&oe=5E8DAE5E
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f231:c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e66239358b5d33292bb4b25584f8c53ad1ae3a01427e554a85d3403b860457ae

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 1987896350
date: Mon, 06 Apr 2020 22:04:11 GMT, Mon, 06 Apr 2020 22:04:11 GMT
x-fb-trip-id: 1425083115
last-modified: Thu, 02 Apr 2020 12:50:07 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2237548337
x-fb-config-version-olb-prod: 791
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 46024

GET
H2 200 JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v14/ 6 KB
6 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

501dd7304fc93aa0a003777b7e1792da7fd6b8bf8920b3ce279ea8cbbd7c1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin: https://saveig.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 00:20:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:34 GMT
server: sffe
age: 5780638
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 6480
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:20:13 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1736695617&t=pageview&_s=1&dl=https%3A%2F%2Fsaveig.org%2F&ul=en-us&de=UTF-8&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=2024059028&gjid=1505744012&cid=319761314.1586210651&tid=UA-151166660-1&_gid=1435742961.1586210651&_r=1&z=812376389

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 06 Apr 2020 22:04:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wnload Show response
anlcld.com/ 2 KB
1019 B 237ms
212ms Fetch
application/javascript 2a02:b4a:1:7::5647:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://anlcld.com/wnload?a=1&e=aeyJwaWQiOjEwMjQxOTIsInNpZCI6MTAzMjQwNiwid2lkIjo1ODY4MSwiZCI6InNhdmVpZy5vcmciLCJsaSI6MX0=
Requested by: Host: pagiwp.com
URL: https://pagiwp.com/pw/waWQiOjEwMjQxOTIsInNpZCI6MTAzMjQwNiwid2lkIjo1ODY4MSwic3JjIjoyfQ==eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::5647:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7b9e3aa7c0b767afc244bff7653c701d069eb836debf473f3ca4965ffadfd0a5

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: gzip
server: nginx/1.16.1
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true

GET
H2 200 vdo.min.css
a.vdo.ai/core/dependencies_hbv3/ 55 KB
16 KB 20ms
19ms Stylesheet
text/css 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.css
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/saveigv1/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edb6abf0cb2579cee5a029d9f6eab99ef666fe036ce6c0e15f1494e8c1731679

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 17505
x-cache: HIT
status: 200
content-encoding: br
content-type: text/css
last-modified: Sat, 04 Apr 2020 14:59:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-varnish: 108906965 116124213
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=31536000
cf-ray: 57fecd9a2b626449-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_hbv3/ 866 KB
243 KB 21ms
20ms Script
application/javascript 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/saveigv1/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81853bf8267e3df9a3e3424ac04f051f70acb3e2578a373118edc4bbee85a49

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 17505
x-cache: HIT
status: 200
content-encoding: br
content-type: application/javascript; charset=utf-8
last-modified: Sat, 04 Apr 2020 14:59:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-varnish: 108906967 116124245
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=31536000
cf-ray: 57fecd9a2b636449-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 264 KB
90 KB 60ms
41ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/saveigv1/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7037cd810dfbe3f913ba602973be4887f9a206e07fb160f81f0d6e0c4f91b98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 91633
x-xss-protection: 0
expires: Mon, 06 Apr 2020 22:04:11 GMT

GET
H2 200 adframe.js Show response
a.vdo.ai/core/saveigv1/ 2 KB
738 B 15ms
14ms Script
text/javascript 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/saveigv1/adframe.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/saveigv1/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a53398d0a45ad897cb70c21f515f55a6d3cad99905434652e7af130d9d623c34

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 17513
vdo-server: Tag1
x-cache: HIT
status: 200
content-encoding: br
content-type: text/javascript;charset=UTF-8
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 33465561 2982089
cache-control: public, max-age=31536000
cf-ray: 57fecd9a2b646449-FRA
expires: Sun, 04 Apr 2021 15:02:42 GMT

GET
BLOB 200
OK 5ac627f2-c34d-4693-860e-bacc84204861
https://saveig.org/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://saveig.org/5ac627f2-c34d-4693-860e-bacc84204861
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: worker

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 76 KB
28 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-19

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63ffd04c452c218172d825d50fad80a5ad79257e358d27d48b1fdc375450706f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 29064
x-xss-protection: 0
last-modified: Mon, 06 Apr 2020 21:25:25 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Apr 2020 22:04:11 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame DFC5 87 KB
25 KB 88ms
45ms Script
application/javascript 13.225.86.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: ba0c265ab3075d53058c5bf389da28a977c6a6629d084472fea1a79f2a72354f

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:41:12 GMT
content-encoding: gzip
server: Server
age: 15778
etag: 5a6f7c22da51c6b65ddd5cdb2840c3a7
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Gl4ISfHeNYzBI9Ff0rJxRaFRdD9SuENlktHe7AsEPvR79QlkcQXLJw==
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)

GET
H2 200 impl.v9.5.0.js Show response
live.demand.supply/ 64 KB
20 KB 4ms
0ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v9.5.0.js
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7746d8c77f46f5818ea342182c37ef47630a6b5e53d881ec8771c7c06b6fa4b3

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-nf-request-id: 480fabfe-3713-43d4-bd9e-8bf86aecb323-18774759
date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 2272213
cf-polished: origSize=65314
status: 200
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"ca46844d53c7b006c941d3483503fed9-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 57fecd9b1a2716f2-FRA

GET
H2 200 v9-5-0 Show response
live.demand.supply/p2/ 1 KB
642 B 219ms
0ms Script
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p2/v9-5-0?url=saveig.org%2F
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e54e02927f6a0aca7fadf385943ac67051c2c073867597f3a699085b2e5b250a

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: br
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 57fecd9b1a2916f2-FRA

GET
H2 200 allowed_url.php Show response
a.vdo.ai/core/ 85 B
677 B 226ms
212ms XHR
text/html 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/allowed_url.php?type=json&url=saveig.org%2F&tag=saveigv1
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 813e4f8b673f15a6a5221cb0a00fc8cdcd0cb03590327d46bc58b94205a75db2

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
via: 1.1 varnish-v4
cf-cache-status: DYNAMIC
age: 0
cf-ray: 57fecd9b58539814-FRA
x-cache: MISS
status: 200
content-encoding: br
x-varnish: 123664351
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
vdo-server: Tag2
access-control-allow-origin: https://saveig.org
cache-control: public, max-age=31536000
content-type: text/html; charset=UTF-8

POST
H2 200 / Show response
live.demand.supply/e/e.js/ 3 B
310 B 107ms
93ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js/?e=ll&d=276&cs=c
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 57fecd9b5f40dffb-FRA
content-length: 3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
39 KB 38ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c7f67185ed50c5b8680365385ff5d3c68e62552f833c5b7c8e8db63d52de4a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39159
x-xss-protection: 0
server: cafe
etag: 18139634824200265979
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Apr 2020 22:04:11 GMT

GET
H2 200 ds.2.html Show response
live.demand.supply/ 413 B
352 B 123ms
109ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

x-nf-request-id: f5ac08e5-19f4-4919-999c-fb9a0288932f-24980072
date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 103983
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 57fecd9b5f43dffb-FRA

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 119ms
109ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=fs
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 57fecd9b5f41dffb-FRA
content-length: 3

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1736695617&t=pageview&_s=1&dl=https%3A%2F%2Fsaveig.org%2F&ul=en-us&de=UTF-8&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-113932176-19&cid=319761314.1586210651&jid=672690704&_gid=1435742961.1586210651&gjid=546742201&_v=j81&z=884519434
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113932176-19&cid=319761314.1586210651&jid=672690704&_v=j81&z=884519434
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113932176-19&cid=319761314.1586210651&jid=672690704&_v=j81&z=884519434&slf_rd=1&random=2857327936

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113932176-19&cid=319761314.1586210651&jid=672690704&_v=j81&z=884519434&slf_rd=1&random=2857327936

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Apr 2020 22:04:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Apr 2020 22:04:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113932176-19&cid=319761314.1586210651&jid=672690704&_v=j81&z=884519434&slf_rd=1&random=2857327936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 saveig.org_responsive_h Show response
api.demand.supply/v9-5-0/a/ 287 B
369 B 213ms
205ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v9-5-0/a/saveig.org_responsive_h
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b44497fee5b3311caff3f86dcf0cfe73577b5cbd9c4418b1a642312ff39bb75

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2860
etag: W/"11f-RoOihEBU9MzVR8O28kAzwfYthqI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 57fecd9b8f85dffb-FRA
access-control-allow-origin: *

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=saveig.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=saveig.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 wnrw
anlcld.com/ 0
0 12ms
12ms Fetch 2a02:b4a:1:7::5647:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://anlcld.com/wnrw?aid=10190190885763433642&t=1586210651&a=1
Requested by: Host: pagiwp.com
URL: https://pagiwp.com/pw/waWQiOjEwMjQxOTIsInNpZCI6MTAzMjQwNiwid2lkIjo1ODY4MSwic3JjIjoyfQ==eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::5647:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

status: 200
date: Mon, 06 Apr 2020 22:04:11 GMT
server: nginx/1.16.1
access-control-allow-origin: https://saveig.org
content-length: 0

GET
H2 200 BY56I4t3nXnCm1bbekEAy63meuZ03PCcR4U8GhNh5C89l282lBj7sOe-mvuLOOqLegPIEnk-tgOgYIfospYG2gqpAgYMJQKgsc5QTbUN899xG03xTLmP8rs0LTwlga3_PloJmkUC8mS3tJqhYUtRQO5350cN8Fmn6-A5C97wKVTIXd3Lc6eddJWDjp1YIc5Ok0qIp...
cicero-mit.com/imp/8ba4dbb7-7852-11ea-9264-0a00614f777d/1/ Frame 2554 3 KB
3 KB 282ms
90ms Image
image/webp 2600:1f18:40f7:9700:ed0d:4db:b8bb:8a3e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cicero-mit.com/imp/8ba4dbb7-7852-11ea-9264-0a00614f777d/1/BY56I4t3nXnCm1bbekEAy63meuZ03PCcR4U8GhNh5C89l282lBj7sOe-mvuLOOqLegPIEnk-tgOgYIfospYG2gqpAgYMJQKgsc5QTbUN899xG03xTLmP8rs0LTwlga3_PloJmkUC8mS3tJqhYUtRQO5350cN8Fmn6-A5C97wKVTIXd3Lc6eddJWDjp1YIc5Ok0qIptvdN4XpKgFY7L5N-Q8g8jWW_x2OBY70pwCxJXji6WFF1IEvwqNjf4PmxN328llaLk4EdtyNBURF_TZ-hd9lt77oXU-C6-62AB_6docHvoIZG_noMGL9Isc_ru6pH_T7KwVwMlyj7qVzqDqd83uFah8ofykvQeOq5-a6LbHBbDE9WKACo5MOr29OWuLU_VMywLxYe_ur1iz0JuMy-16SZb-fsns3rfjGipWE3CqpSWHGx-TIR6E-oGYX1MCnHoQUwhyLfkX3br7UDLqbXQT100H-p1u7U_W8EzVTbWSxz6vQ-pLE7Buhd1iE_CvLq5EvTs5-KP8C_UtbnSPb1OinnkgBON1bpRVdoa1lJY4-FFHAf_3MR0h0gxvex3rHZ-SiDuQ1H8oYkitt8gmj_F_bK_BHgaiHqDRtO1p2PdI68bxwkM_hP6fJ_a0zmsfaZ_T_C5Esblb-OWp8yhU1yRNw7I-QG8ObtTCit6MW7bWhOK-o_MsTvIvlYIiarUfXIg==.uaiS83mvO8nApFQ3xawsJA==
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:40f7:9700:ed0d:4db:b8bb:8a3e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 2470567143680025952e0de2683fffdbb5c9da0030da3ec35a4cfc41ce2cc440

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Mon, 06 Apr 2020 22:04:11 GMT
content-disposition: inline;filename=f.txt
content-length: 2664
content-type: image/webp

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame DFC5 6 KB
3 KB 64ms
22ms XHR
application/javascript 13.225.86.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

date: Mon, 06 Apr 2020 04:10:22 GMT
content-encoding: gzip
vary: Origin
age: 64430
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 05 Mar 2020 08:28:46 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f0dda47e8f83bee88cb60d3d2e3fa5e5.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Ua36NM1KEI81mO2U86T2CNK9WofFP1QlzpYuRapYOI70voLJPcBXoQ==

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 96ms
96ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=bb&r=saveig.org_auto_728x90_sticky_display_bottom
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 57fecd9c993edffb-FRA
content-length: 3

GET
H2 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 104ms
103ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-nf-request-id: 58410555-f8c9-4507-93b7-16d1ed872633-31398121
date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2555183
etag: W/"5d6e66c7298f44cdb3334d59121a6c80-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
status: 200
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 57fecd9c9caf16f2-FRA

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/ 215 KB
81 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2da2dc80a7d0151db91ff56760824db8d71941db36d761b0094fabc2be9baf69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 82821
x-xss-protection: 0
server: cafe
etag: 14107941289507204222
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Apr 2020 22:04:11 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200402/r20190131/ Frame FAD0 0
0 6ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200402/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200402/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Sat, 04 Apr 2020 09:44:32 GMT
expires: Sat, 18 Apr 2020 09:44:32 GMT
content-type: text/html; charset=UTF-8
etag: 10348540741379653356
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4494
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 217179
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 pixel.gif
track.vdo.ai/ 43 B
139 B 31ms
30ms Image
image/gif 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=saveig.org&tagName=saveigv1&event=initVdo&uid=c2958db5-c38c-4007-845a-cc338cd790e9&1586210651634
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 57fecd9ced896449-FRA
content-length: 43

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
6ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1736695617&t=event&_s=2&dl=https%3A%2F%2Fsaveig.org%2F&ul=en-us&de=UTF-8&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=general&ea=initVdo&_u=KEDAAUAB~&jid=&gjid=&cid=319761314.1586210651&tid=UA-113932176-19&_gid=1435742961.1586210651&gtm=2ou3p1&z=1210426313

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 06 Mar 2020 09:12:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2724728
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 52f7c0e0-a1a5-489a-b332-f619e7b47151
https://saveig.org/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://saveig.org/52f7c0e0-a1a5-489a-b332-f619e7b47151
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46f0e97acb8709a7ca06e13e9f74504f51339fe2a89dd6d100cddba2f3b3ae9c

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: worker

Response headers

Content-Length: 5409
Content-Type: application/javascript

GET
H/1.1 200
OK 5.m3u8 Show response
s.vdo.ai/vhs/ 7 KB
7 KB 347ms
115ms XHR
application/vnd.apple.mpegurl 51.79.98.223
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/5.m3u8
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.98.223 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567465.ip-51-79-98.net
Software: nginx/1.16.1 /
Resource Hash: 8fd52b08880ca6cef6afdacd8578735a020b357569a06ce2bb4e9f7f30a5e641

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

Date: Mon, 06 Apr 2020 22:04:11 GMT
Last-Modified: Thu, 24 Oct 2019 11:58:39 GMT
Server: nginx/1.16.1
ETag: "5db191ef-1cb1"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7345

GET
H2 200 bridge3.378.0_en.html
imasdk.googleapis.com/js/core/ Frame BC2C 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.378.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.378.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 196876
date: Sat, 04 Apr 2020 11:17:26 GMT
expires: Sun, 04 Apr 2021 11:17:26 GMT
last-modified: Wed, 01 Apr 2020 13:00:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 211605
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
11 KB 65ms
41ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Mon, 06 Apr 2020 22:04:11 GMT

GET
H2 200 logo.svg
a.vdo.ai/core/assets/img/ 1 KB
768 B 11ms
11ms Image
image/svg+xml 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/logo.svg
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 17508
x-cache: MISS
status: 200
content-encoding: br
content-type: image/svg+xml
last-modified: Mon, 02 Mar 2020 08:12:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-varnish: 115655947
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=31536000
cf-ray: 57fecd9d1da56449-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 mute.png
a.vdo.ai/core/assets/img/ 874 B
990 B 15ms
14ms Image
image/png 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/mute.png
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48a6023d14207d3d83a55242e918742acd4b56f39a0608d574a161e5b950d88e

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 17508
vdo-server: Tag2
x-cache: MISS
status: 200
content-length: 874
x-varnish: 114809078
last-modified: Mon, 02 Mar 2020 08:07:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57fecd9d1da76449-FRA

GET
H2 200 pixel.gif
track.vdo.ai/ 43 B
97 B 32ms
32ms Image
image/gif 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=saveig.org&tagName=saveigv1&event=forceplay&uid=c2958db5-c38c-4007-845a-cc338cd790e9&1586210651694
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 57fecd9d1da96449-FRA
content-length: 43

GET
H2

200

ds.2.html
live.demand.supply/ Frame 6D2A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=853b2259-003e-469b-b1d1-43f699c283f5&adk=3734547523&adf=1846469579&w=728&lmt=1586210651&psa=0...
https://live.demand.supply/ds.2.html

0
0

24ms
23ms

Document
text/html

2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
date: Mon, 06 Apr 2020 22:04:11 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dec6f1f1b379eb62e7d3c65f7bb6e88431586210651; expires=Wed, 06-May-20 22:04:11 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: f1dedc09-ffd7-45fd-8d3a-cb1b3255bf3a-10695061
cf-cache-status: HIT
age: 2338766
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57fecd9ddee416f2-FRA
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 06 Apr 2020 22:04:11 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 06-Apr-2020 22:19:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 59ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3647b49a385374990c3b8a8ffcc1e7979ef25a7029b3711ac37e1eebb370e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585953408266222"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27981
x-xss-protection: 0
expires: Mon, 06 Apr 2020 22:04:11 GMT

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame BCD3 0
0 15ms
15ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&adk=1812271804&adf=3025194257&lmt=1586210651&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsaveig.org%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1586210651626&bpp=4&bdt=517&fdt=116&idt=116&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=7474755358384&frm=20&pv=1&ga_vid=319761314.1586210651&ga_sid=1586210652&ga_hid=1736695617&ga_fc=0&iag=0&icsg=36507364096&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291&oid=3&pvsid=1019175289626464&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=121

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3831894559014614&output=html&adk=1812271804&adf=3025194257&lmt=1586210651&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsaveig.org%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1586210651626&bpp=4&bdt=517&fdt=116&idt=116&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=7474755358384&frm=20&pv=1&ga_vid=319761314.1586210651&ga_sid=1586210652&ga_hid=1736695617&ga_fc=0&iag=0&icsg=36507364096&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291&oid=3&pvsid=1019175289626464&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=121
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 06 Apr 2020 22:04:11 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 06-Apr-2020 22:19:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Mon, 06 Apr 2020 22:04:11 GMT
cache-control: private

GET
H2 200 pixel.gif
track.vdo.ai/ 43 B
97 B 37ms
36ms Image
image/gif 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=saveig.org&tagName=saveigv1&event=pageview&uid=c2958db5-c38c-4007-845a-cc338cd790e9&1586210651751
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 22:04:11 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 57fecd9d7dcb6449-FRA
content-length: 43

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 7ms
6ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1736695617&t=event&_s=3&dl=https%3A%2F%2Fsaveig.org%2F&ul=en-us&de=UTF-8&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=general&ea=pageview&_u=KEDAAUAB~&jid=&gjid=&cid=319761314.1586210651&tid=UA-113932176-19&_gid=1435742961.1586210651&gtm=2ou3p1&z=714660913

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 06 Mar 2020 09:12:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2724728
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ds.2.html
live.demand.supply/ Frame 1D6E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=ec39dfb7-8dfb-42ff-beda-03ba3d2f9661&adk=3758343075&adf=2009290777&w=900&fwrn=4&fwrnh=100&lmt...
https://live.demand.supply/ds.2.html

0
0

15ms
15ms

Document
text/html

2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
date: Mon, 06 Apr 2020 22:04:11 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dec6f1f1b379eb62e7d3c65f7bb6e88431586210651; expires=Wed, 06-May-20 22:04:11 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: f1dedc09-ffd7-45fd-8d3a-cb1b3255bf3a-10695061
cf-cache-status: HIT
age: 2338766
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57fecd9ddf1816f2-FRA
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 06 Apr 2020 22:04:11 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 06-Apr-2020 22:19:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 99F9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=b5a686f1-717d-4835-bfca-d1cd79140732&adk=3911039140&adf=2009290777&w=900&fwrn=4&fwrnh=100&lmt...
https://live.demand.supply/ds.2.html

0
0

99ms
99ms

Document
text/html

2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
date: Mon, 06 Apr 2020 22:04:12 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=de1f2a478c291b34b06f7cf1785ad26671586210652; expires=Wed, 06-May-20 22:04:12 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: f1dedc09-ffd7-45fd-8d3a-cb1b3255bf3a-10695061
cf-cache-status: HIT
age: 2338767
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57fecd9e785616f2-FRA
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 06 Apr 2020 22:04:11 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUl2rOvE_1Ly4onUyp4UB-IWYK80BNNLFXNxFOL0Eta_bp0-6N_aVeDcWZBi; expires=Sat, 01-May-2021 22:04:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 02C0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=c48d2b7e-0c4d-4a2c-b955-b0505db247e9&adk=2913856108&adf=1846469579&w=728&lmt=1586210651&psa=0...
https://live.demand.supply/ds.2.html

0
0

106ms
105ms

Document
text/html

2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
date: Mon, 06 Apr 2020 22:04:12 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=de1f2a478c291b34b06f7cf1785ad26671586210652; expires=Wed, 06-May-20 22:04:12 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: f1dedc09-ffd7-45fd-8d3a-cb1b3255bf3a-10695061
cf-cache-status: HIT
age: 2338767
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57fecd9e887916f2-FRA
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 06 Apr 2020 22:04:11 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUlm29weI-9uRkptDH0F-BYb6vzqkTuZ2Ll9tVvDcFGf_6KEDjqMHDmTLG6e; expires=Sat, 01-May-2021 22:04:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
BLOB 200
OK 154d0df5-4f47-4e6d-899e-8b0ce40b14a9
https://saveig.org/ 52 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://saveig.org/154d0df5-4f47-4e6d-899e-8b0ce40b14a9
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cf78fde1fd2aea2a23a73ef44fe5fb3159b5294b6b4d235bcefaabffe7b9c23

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: worker

Response headers

Content-Length: 52807
Content-Type: application/javascript

GET
H2

200

ds.2.html
live.demand.supply/ Frame 7767
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=f05ef150-dae3-4004-b68a-ea67132b6f35&adk=170744382&adf=2009290777&w=900&fwrn=4&fwrnh=100&lmt=...
https://live.demand.supply/ds.2.html

0
0

94ms
94ms

Document
text/html

2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
date: Mon, 06 Apr 2020 22:04:12 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=de1f2a478c291b34b06f7cf1785ad26671586210652; expires=Wed, 06-May-20 22:04:12 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: f1dedc09-ffd7-45fd-8d3a-cb1b3255bf3a-10695061
cf-cache-status: HIT
age: 2338767
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57fecd9fca8116f2-FRA
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 06 Apr 2020 22:04:12 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 3BC6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=ecda4504-9728-4a69-82e8-bbf8b75e697b&adk=406626246&adf=1846469579&w=728&lmt=1586210652&psa=0&...
https://live.demand.supply/ds.2.html

0
0

99ms
99ms

Document
text/html

2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
date: Mon, 06 Apr 2020 22:04:12 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=de1f2a478c291b34b06f7cf1785ad26671586210652; expires=Wed, 06-May-20 22:04:12 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: f1dedc09-ffd7-45fd-8d3a-cb1b3255bf3a-10695061
cf-cache-status: HIT
age: 2338767
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57fecda00ad716f2-FRA
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 06 Apr 2020 22:04:12 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

OPTIONS
H/1.1 204
No Content 5.ts Show response
s.vdo.ai/vhs/ 0
399 B 115ms
115ms XHR
text/plain 51.79.98.223
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/5.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.98.223 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567465.ip-51-79-98.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://saveig.org
Referer: https://saveig.org/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Access-Control-Request-Headers: range

Response headers

Date: Mon, 06 Apr 2020 22:04:12 GMT
Server: nginx/1.16.1
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 206
Partial Content 5.ts
s.vdo.ai/vhs/ 80 KB
0 218ms
217ms XHR
video/mp2t 51.79.98.223
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/5.ts
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.98.223 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567465.ip-51-79-98.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Range: bytes=0-299859

Response headers

Date: Mon, 06 Apr 2020 22:04:12 GMT
Last-Modified: Thu, 24 Oct 2019 11:58:59 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5db19203-20bcdf0"
Content-Type: video/mp2t
Content-Range: bytes 0-299859/34328048
Connection: keep-alive
Content-Length: 299860

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 36ms
18ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200402&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9caf428c83447804976cf2df6e8ec724da6a20119f3bd3288588f6cb7094cecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Apr 2020 22:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5179
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 22:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Mon, 06 Apr 2020 22:04:12 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame E9E2 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Mon, 06 Apr 2020 20:46:54 GMT
expires: Tue, 06 Apr 2021 20:46:54 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4638
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
123 B 15ms
15ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200402&jk=1019175289626464&bg=!2dql2sJYO8DOMcfo_EYCAAAAPFIAAAAKmQFWnW9kVQeTl0xP2m41n5OTjdJhqZK6MwnFbAAXM5QN1dCwgErFvoTRDKfjF1wGNTd8DJHW8SbgtKF5HriTdJag7KlqQRGOH2c5QY24W1dhUcClLcRq_9EgyYrqXsDWC5YlceL9ZLCvKxBNQCCG2prj8tE-IuAV2ZsfDvwCm_s55ApMjwsC_ds3jFR5HWconad2bAApM4I8ZY1PExGjz-49yef6jfzkpJOlHA2s9O-Fp5QK1fjaeB7X2rNc0ReJPsCxVAwNLAeDyDoWMrRypLYc2QufeJdp_RkOZsbzNAmgjf4-aYxj7XO9YVxWV8uIEBNYuhqKLROUszKG8qupbBeiTgkmV4L6wPFzl63KMdNR1KrOqWYP67vIfKPE89C-YbY6MOZnR-VWHYs30aqN23dZccP1Oq7kHcqEGH3H_2FkM0HuB7uXIzscbGrEczXwXUZPgyjFme8k

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 06 Apr 2020 22:04:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 107ms
37ms XHR
application/json 185.33.223.202
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.202 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

318.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f5505673139837373c25c799e1c7fe195d2f1bc7cc754dc2636037929c647f5e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 06 Apr 2020 22:04:14 GMT
X-Proxy-Origin: 195.242.213.148; 195.242.213.148; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.45:80
AN-X-Request-Uuid: 5f58f2bb-44d9-4ac4-a992-6f7b5dd7fa65
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://saveig.org
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H/1.1 204
No Content 5.ts Show response
s.vdo.ai/vhs/ 0
399 B 345ms
115ms XHR
text/plain 51.79.98.223
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/5.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.98.223 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567465.ip-51-79-98.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://saveig.org
Referer: https://saveig.org/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Access-Control-Request-Headers: range

Response headers

Date: Mon, 06 Apr 2020 22:04:13 GMT
Server: nginx/1.16.1
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 206
Partial Content 5.ts Show response
s.vdo.ai/vhs/ 293 KB
293 KB 320ms
319ms XHR
video/mp2t 51.79.98.223
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/5.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.98.223 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567465.ip-51-79-98.net
Software: nginx/1.16.1 /
Resource Hash: 0b8e117d4354050698673f2f0d0332d5b6835954c87d06dce821a95a783d30d5

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Range: bytes=0-299859

Response headers

Date: Mon, 06 Apr 2020 22:04:13 GMT
Last-Modified: Thu, 24 Oct 2019 11:58:59 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5db19203-20bcdf0"
Content-Type: video/mp2t
Content-Range: bytes 0-299859/34328048
Connection: keep-alive
Content-Length: 299860

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame E62F 0
0 3093ms
23ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://saveig.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIrpJgEAoYASABKAEw3s6u9AU4AUABSAEQ3s6u9AUYAA..; uuid2=492340117465648202
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Content-Length: 506
Accept-Ranges: bytes
Date: Mon, 06 Apr 2020 22:04:18 GMT
Age: 21126143
Connection: keep-alive
X-Served-By: cache-jfk8138-JFK, cache-fra19162-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 391291, 822776
X-Timer: S1586210659.987576,VS0,VE0
Vary: Accept-Encoding

POST
H2 200 e.js Show response
live.demand.supply/e/ 3 B
188 B 104ms
104ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=saveig.org_sticky_mobile_bottom&e=ubs
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36

Response headers

date: Mon, 06 Apr 2020 22:04:17 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 57fecdc0d8d8dffb-FRA
content-length: 3

OPTIONS
H/1.1 204
No Content 5.ts Show response
s.vdo.ai/vhs/ 0
399 B 115ms
114ms XHR
text/plain 51.79.98.223
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/5.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.98.223 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567465.ip-51-79-98.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://saveig.org
Referer: https://saveig.org/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Access-Control-Request-Headers: range

Response headers

Date: Mon, 06 Apr 2020 22:04:18 GMT
Server: nginx/1.16.1
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 206
Partial Content 5.ts
s.vdo.ai/vhs/ 112 KB
0 318ms
318ms XHR
video/mp2t 51.79.98.223
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/5.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.98.223 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567465.ip-51-79-98.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Range: bytes=299860-560427

Response headers

Date: Mon, 06 Apr 2020 22:04:18 GMT
Last-Modified: Thu, 24 Oct 2019 11:58:59 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5db19203-20bcdf0"
Content-Type: video/mp2t
Content-Range: bytes 299860-560427/34328048
Connection: keep-alive
Content-Length: 260568

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 39ms
39ms XHR
application/json 185.33.223.202
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.202 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

318.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b9086867c1d11a3249b5b8bd7ca30117eef656d5d6769060ec627e40c6bab07c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 06 Apr 2020 22:04:23 GMT
X-Proxy-Origin: 195.242.213.148; 195.242.213.148; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.5:80
AN-X-Request-Uuid: ab5aca9b-d51a-48e1-96b1-041172dc4758
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://saveig.org
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:58:26	Name: IDE Value: AHWqTUlm29weI-9uRkptDH0F-BYb6vzqkTuZ2Ll9tVvDcFGf_6KEDjqMHDmTLG6e
saveig.org/	1970-01-19 08:36:54	Name: 4NjgxXQWzU Value: 1
.saveig.org/	1970-01-20 02:08:02	Name: _ga Value: GA1.2.319761314.1586210651
.saveig.org/	1970-01-19 08:36:50	Name: _gat_gtag_UA_113932176_19 Value: 1
.saveig.org/	1970-01-19 08:38:17	Name: _gid Value: GA1.2.1435742961.1586210651
.saveig.org/	1970-01-19 08:36:50	Name: _gat Value: 1
.saveig.org/	1970-01-19 09:20:02	Name: __cfduid Value: d6d761138d89911667fdd356f4fff05971586210650

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js(Line 26) Message: WARNING: videojs.ima setting adsWillAutoplay is deprecated
console-api	warning	URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js(Line 26) Message: WARNING: videojs.ima setting adsWillPlayMuted is deprecated
console-api	log	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 361) Message: IMA outer:newman
console-api	warning	URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js(Line 26) Message: AdsLoader error: AdError 1009: The VAST response document is empty.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vdo.ai
acdn.adnxs.com
adservice.google.com
adservice.google.de
anlcld.com
api.demand.supply
c.amazon-adsystem.com
cicero-mit.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
live.demand.supply
pagead2.googlesyndication.com
pagiwp.com
s.vdo.ai
s0.2mdn.net
saveig.org
scontent-bom1-1.cdninstagram.com
scontent-cgk1-1.cdninstagram.com
scontent-sin6-2.cdninstagram.com
scontent-sjc3-1.cdninstagram.com
stats.g.doubleclick.net
tpc.googlesyndication.com
track.vdo.ai
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
13.225.86.250
151.101.13.108
185.33.223.202
2600:1f18:40f7:9700:ed0d:4db:b8bb:8a3e
2606:4700:20::681a:8a6
2606:4700:3031::6818:68f1
2606:4700:3034::6812:2a06
2606:4700::6810:8516
2a00:1450:4001:800::2002
2a00:1450:4001:800::2008
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:808::2006
2a00:1450:4001:808::200a
2a00:1450:4001:815::2002
2a00:1450:4001:81a::2001
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::2004
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
2a00:1450:400c:c00::9a
2a02:b4a:1:7::5647:1
2a03:2880:f20c:2c4:face:b00c:0:43fe
2a03:2880:f22f:c4:face:b00c:0:43fe
2a03:2880:f231:c5:face:b00c:0:43fe
2a03:2880:f24d:cb:face:b00c:0:43fe
51.79.98.223
02a4625201f6c8fb96b193c3f3beb1448ecf1d1754b305fb833c5edc1b0975a7
0374f499c07e140f139c6227f72fb608499848dc31ffeb1586797395f60fae40
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8e117d4354050698673f2f0d0332d5b6835954c87d06dce821a95a783d30d5
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
133fcafff101c68321513deab05b815ddedf216ccd211262ac0e562971d8df3a
141e849165cd8090d15cc89114aea9cad9b5cc3118447d726bfd68a5459deadf
2360cf3062cdcb281aa725e7807341c9253f684642585c782e8da153954bcb07
2470567143680025952e0de2683fffdbb5c9da0030da3ec35a4cfc41ce2cc440
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
28163c32d70bb3f4c157b69865ad597e8a4fecae8827ffa52e6cbbf373a59efb
2848d5f304886d1460d2bbced8fab32713c221f202ee60905e04261d8577c946
2da2dc80a7d0151db91ff56760824db8d71941db36d761b0094fabc2be9baf69
4188d10536e381ae9a081d8784b86c301d8bc9664a6bc1fadb9770cfbf25804a
441823a19e6742039ce3e91a1383d834a2d5c8aecafe298e8300d7309c37eee9
46f0e97acb8709a7ca06e13e9f74504f51339fe2a89dd6d100cddba2f3b3ae9c
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
48a6023d14207d3d83a55242e918742acd4b56f39a0608d574a161e5b950d88e
4c7f67185ed50c5b8680365385ff5d3c68e62552f833c5b7c8e8db63d52de4a5
501dd7304fc93aa0a003777b7e1792da7fd6b8bf8920b3ce279ea8cbbd7c1096
5c75be06dd83179b39507632603aaf3eab56409a1fb41c5a40bb68157d46029d
5cf78fde1fd2aea2a23a73ef44fe5fb3159b5294b6b4d235bcefaabffe7b9c23
5da69d1186f2c1966efca947b0761c6f79533e40dc999431ef5873782934a07a
6120660877676c01d457e9dd34d993e8cde4146ad3bcefe0a67f2c3a5bef4dd4
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
637fc05835856f967578386134fe8a10b4fc4afaae082c8052226d5bd5a23e4e
63ffd04c452c218172d825d50fad80a5ad79257e358d27d48b1fdc375450706f
7037cd810dfbe3f913ba602973be4887f9a206e07fb160f81f0d6e0c4f91b98e
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7746d8c77f46f5818ea342182c37ef47630a6b5e53d881ec8771c7c06b6fa4b3
7b9e3aa7c0b767afc244bff7653c701d069eb836debf473f3ca4965ffadfd0a5
813e4f8b673f15a6a5221cb0a00fc8cdcd0cb03590327d46bc58b94205a75db2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8b44497fee5b3311caff3f86dcf0cfe73577b5cbd9c4418b1a642312ff39bb75
8fd52b08880ca6cef6afdacd8578735a020b357569a06ce2bb4e9f7f30a5e641
945881137776aac5df929d7921a9fdbd6a2d30ef82032e154116c1e3b6a37b7b
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9982a23525ba1a5e0273ee56b3dd6b1d9c54a6be4e9081a9d5f3715e1d4b4d36
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9caf428c83447804976cf2df6e8ec724da6a20119f3bd3288588f6cb7094cecd
a3647b49a385374990c3b8a8ffcc1e7979ef25a7029b3711ac37e1eebb370e6d
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a53398d0a45ad897cb70c21f515f55a6d3cad99905434652e7af130d9d623c34
a7abef4b3776c5a08fb1199bef6891ea36ca5c7d713974f9ddbb5689d65b981e
b1092832fd4e1c7806a41565aa7dc78257e6b5b013258cb14142ef5b8bd83908
b58f9e33cb0610010c4af74e9eb1d407e132047fcd5af593867d92639f4cdc8a
b9086867c1d11a3249b5b8bd7ca30117eef656d5d6769060ec627e40c6bab07c
ba0c265ab3075d53058c5bf389da28a977c6a6629d084472fea1a79f2a72354f
bbe21d32c7f858129bf7230d3739f2f2312097712404f04a179df5b09442985e
bccbfa61bb0b0df621a8392a9059d795f7d1091383d1437e97478a2849eff9b8
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
be19eda0e4e70693a613ddacd6354d5c9bba0580f283eec6517bb1092fc98b62
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54e02927f6a0aca7fadf385943ac67051c2c073867597f3a699085b2e5b250a
e66239358b5d33292bb4b25584f8c53ad1ae3a01427e554a85d3403b860457ae
e81853bf8267e3df9a3e3424ac04f051f70acb3e2578a373118edc4bbee85a49
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
edb6abf0cb2579cee5a029d9f6eab99ef666fe036ce6c0e15f1494e8c1731679
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f030867c503298f9df466ea63d7fcf8ca8db7f878a4b985c6c21d64379b58485
f5505673139837373c25c799e1c7fe195d2f1bc7cc754dc2636037929c647f5e

saveig.org Open in urlscan Pro 2606:4700:20::681a:8a6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

87 Requests

97 %HTTPS

86 %IPv6

19 Domains

31 Subdomains

27 IPs

6 Countries

1442 kBTransfer

3040 kBSize

7 Cookies

1 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

saveig.org Open in urlscan Pro
2606:4700:20::681a:8a6 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

97 %
HTTPS

86 %
IPv6

19
Domains

31
Subdomains

27
IPs

6
Countries

1442 kB
Transfer

3040 kB
Size

7
Cookies

87 HTTP transactions
2 data transactions