saveig.org Open in urlscan Pro
2606:4700:20::681a:8a6 Public Scan

URL:
https://saveig.org/
Submission: On March 04 via manual (March 4th 2020, 6:23:50 am UTC) from MA

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 15 domains to perform 61 HTTP transactions. The main IP is 2606:4700:20::681a:8a6, located in United States and belongs to CLOUDFLARENET, US. The main domain is saveig.org.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 6th 2019. Valid for: a year.

This is the only time saveig.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:20:... 2606:4700:20::681a:8a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f20... 2a03:2880:f20c:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f24... 2a03:2880:f242:1cb:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f22... 2a03:2880:f22c:1c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f23... 2a03:2880:f231:c5:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f20... 2a03:2880:f20d:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f20... 2a03:2880:f20c:2c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f21... 2a03:2880:f212:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2804:48c:100:... 2804:48c:100:153:face:b00c:3333:a3f	262699 (FOX Inter...) (FOX Internet Banda Larga)
1	2001:678:604:... 2001:678:604:1:face:b00c:3333:a3f	49824 (ACTPA-AS ...) (ACTPA-AS ISP ACTPA)
1	2a03:2887:ff0... 2a03:2887:ff02:200:face:b00c:3333:a3f	9498 (BBIL-AP B...) (BBIL-AP BHARTI Airtel Ltd.)
1	2a03:2880:f20... 2a03:2880:f204:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a02:2d8:0:60... 2a02:2d8:0:6005:face:b00c:3333:a3f	9002 (RETN-AS) (RETN-AS)
1	2403:6200:fff... 2403:6200:ffff:fb01:face:b00c:3333:a3f	45758 (TRIPLETNE...) (TRIPLETNET-AS-AP Triple T Internet/Triple T Broadband)
1	2a03:2880:f21... 2a03:2880:f21c:80c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f20... 2a03:2880:f20f:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2804:fe4:2:0:... 2804:fe4:2:0:face:b00c:3333:a3f	262980 (WBT Inter...) (WBT Internet Ltda ME)
2	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	88.208.60.53 88.208.60.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
6 11	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6818:6ad2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
61	28

4 2606:4700:20::681a:8a6 (United States)

ASN13335 (CLOUDFLARENET, US)

saveig.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f20c:c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-sin6-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f242:1cb:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-mrs2-2.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f22c:1c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-mia3-2.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f231:c5:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-sjc3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f20d:c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-lax3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f20c:2c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-sin6-2.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f212:c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-lga3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:48c:100:153:face:b00c:3333:a3f (Brazil)

ASN262699 (FOX Internet Banda Larga, BR)

instagram.fsjp8-1.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:604:1:face:b00c:3333:a3f (Krasnodar, Russian Federation)

ASN49824 (ACTPA-AS ISP ACTPA, Lviv, Lazarenka 2, UA)

instagram.flwo3-1.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2887:ff02:200:face:b00c:3333:a3f (Ireland)

ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN)

instagram.fblr1-3.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f204:c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-mad1-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2d8:0:6005:face:b00c:3333:a3f (St Petersburg, Russian Federation)

ASN9002 (RETN-AS, EU)

instagram.fhen1-1.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2403:6200:ffff:fb01:face:b00c:3333:a3f (Thailand)

ASN45758 (TRIPLETNET-AS-AP Triple T Internet/Triple T Broadband, TH)

instagram.fkkc3-1.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:80c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f20f:c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK, US)

scontent-nrt1-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:fe4:2:0:face:b00c:3333:a3f (Brazil)

ASN262980 (WBT Internet Ltda ME, BR)

instagram.fjoi3-1.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.60.53 (Heemstede, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

nativesubscribe.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6818:6ad2 (United States)

ASN13335 (CLOUDFLARENET, US)

metosk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	demand.supply live.demand.supply api.demand.supply	26 KB
12	cdninstagram.com scontent-sin6-1.cdninstagram.com scontent-mrs2-2.cdninstagram.com scontent-mia3-2.cdninstagram.com scontent-sjc3-1.cdninstagram.com scontent-lax3-1.cdninstagram.com scontent-sin6-2.cdninstagram.com scontent-lga3-1.cdninstagram.com scontent-mad1-1.cdninstagram.com scontent-frt3-1.cdninstagram.com scontent-nrt1-1.cdninstagram.com	611 KB
8	doubleclick.net 6 redirects googleads.g.doubleclick.net	708 B
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	131 KB
6	fbcdn.net instagram.fsjp8-1.fna.fbcdn.net instagram.flwo3-1.fna.fbcdn.net instagram.fblr1-3.fna.fbcdn.net instagram.fhen1-1.fna.fbcdn.net instagram.fkkc3-1.fna.fbcdn.net instagram.fjoi3-1.fna.fbcdn.net	471 KB
4	gstatic.com fonts.gstatic.com	37 KB
4	saveig.org saveig.org	16 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	cloudflare.com cdnjs.cloudflare.com	60 KB
1	metosk.com metosk.com	2 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	nativesubscribe.pro nativesubscribe.pro	2 KB
1	googleapis.com fonts.googleapis.com	997 B
61	15

	Domain	Requested by
15	live.demand.supply	saveig.org live.demand.supply pagead2.googlesyndication.com
8	googleads.g.doubleclick.net	6 redirects pagead2.googlesyndication.com
4	pagead2.googlesyndication.com	live.demand.supply pagead2.googlesyndication.com
4	fonts.gstatic.com	saveig.org
4	saveig.org	saveig.org
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	api.demand.supply	live.demand.supply
2	www.google-analytics.com	saveig.org
2	cdnjs.cloudflare.com	saveig.org
2	scontent-lga3-1.cdninstagram.com	saveig.org
2	scontent-lax3-1.cdninstagram.com	saveig.org
1	metosk.com	nativesubscribe.pro
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	nativesubscribe.pro	saveig.org
1	instagram.fjoi3-1.fna.fbcdn.net	saveig.org
1	scontent-nrt1-1.cdninstagram.com	saveig.org
1	scontent-frt3-1.cdninstagram.com	saveig.org
1	instagram.fkkc3-1.fna.fbcdn.net	saveig.org
1	instagram.fhen1-1.fna.fbcdn.net	saveig.org
1	scontent-mad1-1.cdninstagram.com	saveig.org
1	instagram.fblr1-3.fna.fbcdn.net	saveig.org
1	instagram.flwo3-1.fna.fbcdn.net	saveig.org
1	instagram.fsjp8-1.fna.fbcdn.net	saveig.org
1	scontent-sin6-2.cdninstagram.com	saveig.org
1	scontent-sjc3-1.cdninstagram.com	saveig.org
1	scontent-mia3-2.cdninstagram.com	saveig.org
1	scontent-mrs2-2.cdninstagram.com	saveig.org
1	scontent-sin6-1.cdninstagram.com	saveig.org
1	fonts.googleapis.com	saveig.org
61	31

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-10-06` - `2020-10-05`	a year	crt.sh
demand.supply CloudFlare Inc ECC CA-2	`2019-06-23` - `2020-06-22`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2020-02-21` - `2020-04-20`	2 months	crt.sh
*.fsjp8-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2020-01-18` - `2020-04-17`	3 months	crt.sh
*.flwo3-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2020-01-19` - `2020-04-17`	3 months	crt.sh
*.fblr1-3.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2020-01-24` - `2020-04-23`	3 months	crt.sh
*.fhen1-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2020-01-23` - `2020-04-22`	3 months	crt.sh
*.fkkc3-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2019-10-05` - `2020-10-04`	a year	crt.sh
*.fjoi3-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2020-01-21` - `2020-04-20`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
nativesubscribe.pro Let's Encrypt Authority X3	`2020-01-20` - `2020-04-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://saveig.org/
Frame ID: 9CDC1FCD6D6B4BF0EE225041E0D90C81
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200224/r20190131/zrt_lookup.html
Frame ID: 4B7F98C1A8D80A28119DD71F837537D5
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: F3D6813026546E8BA69EF8EB9BCF0DFC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&adk=1812271804&adf=3025194257&lmt=1583303009&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsaveig.org%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1583303009271&bpp=5&bdt=505&fdt=95&idt=95&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90&nras=1&correlator=3376958735416&frm=20&pv=1&ga_vid=1284503449.1583303009&ga_sid=1583303009&ga_hid=347182823&ga_fc=0&iag=0&icsg=41951875&dssz=14&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=712879847559006&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104
Frame ID: F70A25A0D1A566824FE19FE586DFD11B
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: CD9D486D1A1B7788F05E3F9DA194BF97
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 3C676B2C932242DBF272EDC22DC06EB1
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 10344F0D07C5F3CBEA1E24C5C2F854B5
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: CA876CDB5D9E0E412DA4FE1CEF89F9B9
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: BDCCF0D501AA0B55B4971C438D31D4E1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 0588362B9AE823C0676A87F9D2D768EA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

61
Requests

100 %
HTTPS

96 %
IPv6

15
Domains

31
Subdomains

28
IPs

7
Countries

1402 kB
Transfer

1927 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=ec39dfb7-8dfb-42ff-beda-03ba3d2f9661&adk=1895683892&adf=4246767698&w=900&fwrn=4&fwrnh=100&lmt=1583303009&rafmt=2&psa=0&guci=1.2.0.0.2.2.0.0&format=900x90&url=https%3A%2F%2Fsaveig.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&adsid=NT&dt=1583303009262&bpp=9&bdt=497&fdt=54&idt=54&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3376958735416&frm=20&pv=2&ga_vid=1284503449.1583303009&ga_sid=1583303009&ga_hid=347182823&ga_fc=0&iag=0&icsg=8397443&dssz=13&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=343&ady=352&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=712879847559006&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=pCU72e7JiJ&p=https%3A//saveig.org&dtd=70 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 49

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=853b2259-003e-469b-b1d1-43f699c283f5&adk=2234287940&adf=1217663374&w=728&lmt=1583303009&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fsaveig.org%2F&flash=0&wgl=1&adsid=NT&dt=1583303009405&bpp=4&bdt=639&fdt=5&idt=5&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90%2C0x0&nras=1&correlator=3376958735416&frm=20&pv=1&ga_vid=1284503449.1583303009&ga_sid=1583303009&ga_hid=347182823&ga_fc=0&iag=0&icsg=41951875&dssz=14&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=1110&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=712879847559006&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=1&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Ksmebkmbkh&p=https%3A//saveig.org&dtd=8 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 52

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=b5a686f1-717d-4835-bfca-d1cd79140732&adk=3823955009&adf=4246767698&w=900&fwrn=4&fwrnh=100&lmt=1583303009&rafmt=2&psa=0&guci=1.2.0.0.2.2.0.0&format=900x90&url=https%3A%2F%2Fsaveig.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&adsid=NT&dt=1583303009534&bpp=4&bdt=768&fdt=4&idt=4&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90%2C0x0%2C728x90&nras=1&correlator=3376958735416&frm=20&pv=1&ga_vid=1284503449.1583303009&ga_sid=1583303009&ga_hid=347182823&ga_fc=0&iag=0&icsg=41951875&dssz=14&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=343&ady=352&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=712879847559006&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&fsb=1&xpc=tZgcAUkYEh&p=https%3A//saveig.org&dtd=6 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 53

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=c48d2b7e-0c4d-4a2c-b955-b0505db247e9&adk=1965487342&adf=1217663374&w=728&lmt=1583303009&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fsaveig.org%2F&flash=0&wgl=1&adsid=NT&dt=1583303009577&bpp=5&bdt=812&fdt=5&idt=5&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90%2C0x0%2C728x90%2C900x90&nras=1&correlator=3376958735416&frm=20&pv=1&ga_vid=1284503449.1583303009&ga_sid=1583303009&ga_hid=347182823&ga_fc=0&iag=0&icsg=41951875&dssz=14&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=1110&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=712879847559006&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=1&fu=16&bc=31&ifi=4&uci=a!4&fsb=1&xpc=25eekKihCp&p=https%3A//saveig.org&dtd=8 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 55

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=f05ef150-dae3-4004-b68a-ea67132b6f35&adk=150136212&adf=4246767698&w=900&fwrn=4&fwrnh=100&lmt=1583303009&rafmt=2&psa=0&guci=1.2.0.0.2.2.0.0&format=900x90&url=https%3A%2F%2Fsaveig.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&adsid=NT&dt=1583303009729&bpp=2&bdt=963&fdt=3&idt=3&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90%2C0x0%2C728x90%2C900x90%2C728x90&nras=1&correlator=3376958735416&frm=20&pv=1&ga_vid=1284503449.1583303009&ga_sid=1583303009&ga_hid=347182823&ga_fc=0&iag=0&icsg=167807491&dssz=15&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=343&ady=352&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=712879847559006&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=5&uci=a!5&fsb=1&xpc=clkbgAJQXA&p=https%3A//saveig.org&dtd=5 HTTP 302
https://live.demand.supply/ds.2.html

Request Chain 56

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=ecda4504-9728-4a69-82e8-bbf8b75e697b&adk=1622738907&adf=1217663374&w=728&lmt=1583303009&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fsaveig.org%2F&flash=0&wgl=1&adsid=NT&dt=1583303009785&bpp=4&bdt=1019&fdt=4&idt=4&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90%2C0x0%2C728x90%2C900x90%2C728x90%2C900x90&nras=1&correlator=3376958735416&frm=20&pv=1&ga_vid=1284503449.1583303009&ga_sid=1583303009&ga_hid=347182823&ga_fc=0&iag=0&icsg=167807491&dssz=15&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=1110&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=712879847559006&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=1&fu=16&bc=31&ifi=6&uci=a!6&fsb=1&xpc=lziY3XqsNF&p=https%3A//saveig.org&dtd=10 HTTP 302
https://live.demand.supply/ds.2.html

61 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
saveig.org/ 13 KB
5 KB 71ms
19ms Document
text/html 2606:4700:20::681a:8a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd100a6c4991a199a63aabd18500d2cbb22d70b52c9bcf076e778ba4b711c69a

Request headers

:method: GET
:authority: saveig.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Wed, 04 Mar 2020 06:23:28 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=ddd0eff8a53ec8f79350af8f0da918f9c1583303008; expires=Fri, 03-Apr-20 06:23:28 GMT; path=/; domain=.saveig.org; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
cache-control: max-age=3600
cf-cache-status: HIT
age: 3009
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56e9823cac45c2f4-FRA
content-encoding: br

GET
H2 200 up.js Show response
live.demand.supply/ 4 KB
3 KB 249ms
220ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5b82a7bd184d6442b70e73e2e6404b1950bf96f01f4056d538aaa361e6855f

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-nf-request-id: 3d25f5aa-e725-44ad-9058-b13744e96775-11235370
date: Wed, 04 Mar 2020 06:23:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 747
cf-polished: origSize=3756
cf-ray: 56e9823cfa5c9aaa-FRA
status: 200
cf-bgj: minify
server: cloudflare
etag: W/"327c28ffe7edf9ff90d675bf0a52e5c4-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
timing-allow-origin: *
link: </impl.v9.3.0.js>; rel=preload; as=script,</p2/v9-2-0?url=saveig.org%2F>; rel=preload; as=script
cf-h2-pushed: </impl.v9.3.0.js>,</p2/v9-2-0?url=saveig.org%2F>

GET
H2 200 art.css
saveig.org/css/ 37 KB
6 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::681a:8a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://saveig.org/css/art.css?v50
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a432877af648131848d10484c39f470b5ef2279038fecc343055f8d2e639baa

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 04 Mar 2020 06:23:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Feb 2020 12:05:08 GMT
server: cloudflare
age: 256278
etag: W/"5e53bbf4-93ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
cf-ray: 56e9823cccc3c2f4-FRA
expires: Tue, 31 Mar 2020 07:12:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
997 B 31ms
18ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat&display=swap

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87eb7663270ab92e205a026860434401ccf302a11626069dcc463ca9a8931208

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Mar 2020 06:23:28 GMT
server: ESF
date: Wed, 04 Mar 2020 06:23:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Mar 2020 06:23:28 GMT

GET
H2 200 59381178_2348911458724961_5863612957363011584_n.jpg
scontent-sin6-1.cdninstagram.com/v/t51.2885-19/s150x150/ 4 KB
4 KB 530ms
174ms Image
image/jpeg 2a03:2880:f20c:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-sin6-1.cdninstagram.com/v/t51.2885-19/s150x150/59381178_2348911458724961_5863612957363011584_n.jpg?_nc_ht=scontent-sin6-1.cdninstagram.com&_nc_ohc=5XBNiCbifYYAX-uRraz&oh=6de3bbdff5bc0f37d62acd147fdf33b5&oe=5EC9125D
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: be19eda0e4e70693a613ddacd6354d5c9bba0580f283eec6517bb1092fc98b62

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 1153764853
date: Wed, 04 Mar 2020 06:23:29 GMT, Wed, 04 Mar 2020 06:23:29 GMT
x-fb-trip-id: 1460883810
last-modified: Wed, 08 May 2019 23:06:30 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2603113846
x-fb-config-version-olb-prod: 759
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 4201

GET
H2 200 67310557_649773548849427_4130659181743046656_n.jpg
scontent-mrs2-2.cdninstagram.com/v/t51.2885-19/s150x150/ 8 KB
8 KB 69ms
20ms Image
image/jpeg 2a03:2880:f242:1cb:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-mrs2-2.cdninstagram.com/v/t51.2885-19/s150x150/67310557_649773548849427_4130659181743046656_n.jpg?_nc_ht=scontent-mrs2-2.cdninstagram.com&_nc_ohc=inD1FqWbymIAX8mD8M0&oh=dab2b9e3b81ee71c4f9ec93d98021a3b&oe=5E8B2D2D
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f242:1cb:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 28163c32d70bb3f4c157b69865ad597e8a4fecae8827ffa52e6cbbf373a59efb

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 3749683837
date: Wed, 04 Mar 2020 06:23:28 GMT, Wed, 04 Mar 2020 06:23:28 GMT
x-fb-trip-id: 664085054
last-modified: Fri, 16 Aug 2019 15:13:41 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1348960773
x-fb-config-version-olb-prod: 759
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 8280

GET
H2 200 83502952_184110849337275_396798808568102912_n.jpg
scontent-mia3-2.cdninstagram.com/v/t51.2885-19/s150x150/ 6 KB
6 KB 359ms
117ms Image
image/jpeg 2a03:2880:f22c:1c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-mia3-2.cdninstagram.com/v/t51.2885-19/s150x150/83502952_184110849337275_396798808568102912_n.jpg?_nc_ht=scontent-mia3-2.cdninstagram.com&_nc_ohc=q7YJu75vmp8AX8zXtrT&oh=934b355361dd488558e7a3c6e9776f59&oe=5EE36C53
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22c:1c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4f3b31fb93aa1de24009d847013f09baabec186a2f2b2efb2267c431304fcc5c

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 3429997612
date: Wed, 04 Mar 2020 06:23:29 GMT, Wed, 04 Mar 2020 06:23:29 GMT
x-fb-trip-id: 664085054
last-modified: Mon, 27 Jan 2020 21:23:50 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 4144337011
x-fb-config-version-olb-prod: 758
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 5729

GET
H2 200 11850309_1674349799447611_206178162_a.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.2885-19/ 6 KB
6 KB 477ms
156ms Image
image/jpeg 2a03:2880:f231:c5:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-sjc3-1.cdninstagram.com/v/t51.2885-19/11850309_1674349799447611_206178162_a.jpg?_nc_ht=scontent-sjc3-1.cdninstagram.com&_nc_ohc=qV18_c28M50AX9Mri3t&oh=2c5c6c24534f70482aa660ae3041e121&oe=5F00FFFC
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f231:c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a7abef4b3776c5a08fb1199bef6891ea36ca5c7d713974f9ddbb5689d65b981e

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 3698181606
date: Wed, 04 Mar 2020 06:23:29 GMT, Wed, 04 Mar 2020 06:23:29 GMT
x-fb-trip-id: 1425083115
last-modified: Sun, 16 Aug 2015 12:19:32 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3383123613
x-fb-config-version-olb-prod: 759
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 6016

GET
H2 200 80812750_2461415647505687_1090722136118525952_n.jpg
scontent-lax3-1.cdninstagram.com/v/t51.2885-19/s150x150/ 5 KB
6 KB 460ms
152ms Image
image/jpeg 2a03:2880:f20d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lax3-1.cdninstagram.com/v/t51.2885-19/s150x150/80812750_2461415647505687_1090722136118525952_n.jpg?_nc_ht=scontent-lax3-1.cdninstagram.com&_nc_ohc=IBb0W0RRf_cAX9ImHeJ&oh=1923d7dfa84c5b8cc720ac545a3a2ec7&oe=5EFF9DD4
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 441823a19e6742039ce3e91a1383d834a2d5c8aecafe298e8300d7309c37eee9

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 1202946618
date: Wed, 04 Mar 2020 06:23:29 GMT, Wed, 04 Mar 2020 06:23:29 GMT
x-fb-trip-id: 1082456386
last-modified: Fri, 10 Jan 2020 05:38:56 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2755493590
x-fb-config-version-olb-prod: 760
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 5565

GET
H2 200 82237626_173417403725554_5667052013830012928_n.jpg
scontent-sin6-2.cdninstagram.com/v/t51.2885-19/s150x150/ 6 KB
6 KB 531ms
174ms Image
image/jpeg 2a03:2880:f20c:2c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-sin6-2.cdninstagram.com/v/t51.2885-19/s150x150/82237626_173417403725554_5667052013830012928_n.jpg?_nc_ht=scontent-sin6-2.cdninstagram.com&_nc_ohc=Cz3p2pXwXsYAX-mffRe&oh=3d2ca2b2c18fcaf1e215db39b9aa6a66&oe=5E8398AB
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:2c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d96cdbc8de3c122221c8b2d85cff8b421fc1db18c94bad8a18904206c9497df0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 962998602
date: Wed, 04 Mar 2020 06:23:29 GMT, Wed, 04 Mar 2020 06:23:29 GMT
x-fb-trip-id: 1460883810
last-modified: Fri, 17 Jan 2020 05:12:14 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1923807950
x-fb-config-version-olb-prod: 759
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 5866

GET
H2 200 88197180_2789851427718024_6958741246958833298_n.jpg
scontent-lga3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 79 KB
80 KB 258ms
83ms Image
image/jpeg 2a03:2880:f212:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lga3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/88197180_2789851427718024_6958741246958833298_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=1&_nc_ohc=T-S1arzFHKUAX97Vm0d&oh=e46081ef70bc1325f81ae3c1e0551de8&oe=5E985FC0
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 97ba2272cbd4b41eaf1e36a506bd9015bd97d1d3baff0ac46ec41cbd82161205

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 166070773
date: Wed, 04 Mar 2020 06:23:28 GMT, Wed, 04 Mar 2020 06:23:28 GMT
x-fb-trip-id: 2074150462
last-modified: Fri, 28 Feb 2020 16:41:34 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2724474919
x-fb-config-version-olb-prod: 759
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 81242

GET
H2 200 83908437_869580966836676_5865341356451652150_n.jpg
instagram.fsjp8-1.fna.fbcdn.net/v/t51.2885-15/sh0.08/e35/p640x640/ 124 KB
125 KB 706ms
232ms Image
image/jpeg 2804:48c:100:153:face:b00c:3333:a3f
FOX Internet Band...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instagram.fsjp8-1.fna.fbcdn.net/v/t51.2885-15/sh0.08/e35/p640x640/83908437_869580966836676_5865341356451652150_n.jpg?_nc_ht=instagram.fsjp8-1.fna.fbcdn.net&_nc_cat=1&_nc_ohc=rWN6z9gDGf4AX-Wkd4m&oh=534e5dccee5e6198660be45daf2b2299&oe=5E9858B5
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2804:48c:100:153:face:b00c:3333:a3f , Brazil, ASN262699 (FOX Internet Banda Larga, BR),
Reverse DNS
Software: /
Resource Hash: e98709a688981f627d403d65d2921d7aeed8d87d928d2fda64b35e4574e7cd7e

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 3086839533
date: Wed, 04 Mar 2020 06:23:29 GMT
x-fb-config-version-elb-prod: 759
last-modified: Sun, 01 Mar 2020 22:29:15 GMT
access-control-allow-origin: *
x-fb-config-version-flb-prod: 413
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 893004129
x-fb-config-version-olb-prod: 758
timing-allow-origin: *
content-length: 127472

GET
H2 200 88127222_3126968907335589_8061102066144890459_n.jpg
instagram.flwo3-1.fna.fbcdn.net/v/t51.2885-15/sh0.08/e35/s640x640/ 22 KB
22 KB 101ms
31ms Image
image/jpeg 2001:678:604:1:face:b00c:3333:a3f
ACTPA-AS ISP ACTPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instagram.flwo3-1.fna.fbcdn.net/v/t51.2885-15/sh0.08/e35/s640x640/88127222_3126968907335589_8061102066144890459_n.jpg?_nc_ht=instagram.flwo3-1.fna.fbcdn.net&_nc_cat=1&_nc_ohc=Vl3037j9lAsAX-WvQhk&oh=fbb80f436fd0a41e2c60b188f48f27dd&oe=5E84218D
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:678:604:1:face:b00c:3333:a3f Krasnodar, Russian Federation, ASN49824 (ACTPA-AS ISP ACTPA, Lviv, Lazarenka 2, UA),
Reverse DNS
Software: /
Resource Hash: 6d5294bb7e8ef3b333e9f073962bdab605609a9d9d573772283303a98d23b89b

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 2305445689
date: Wed, 04 Mar 2020 06:23:28 GMT
x-fb-config-version-elb-prod: 758
last-modified: Sun, 01 Mar 2020 07:35:55 GMT
access-control-allow-origin: *
x-fb-config-version-flb-prod: 413
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2222497039
x-fb-config-version-olb-prod: 758
timing-allow-origin: *
content-length: 22714

GET
H2 200 88276336_188027112486177_1438004520866508020_n.jpg
scontent-lax3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 62 KB
62 KB 421ms
153ms Image
image/jpeg 2a03:2880:f20d:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lax3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/88276336_188027112486177_1438004520866508020_n.jpg?_nc_ht=scontent-lax3-1.cdninstagram.com&_nc_cat=1&_nc_ohc=HnUDTBpOISoAX8t8_j-&oh=b94e4a8b857aefa22e19a0491897ab45&oe=5E885D36
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20d:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 04b4d5d4bdacdac0fb044369bc5d2a4a3f8f4c4f59930b048514f15a9bbf33f6

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 2702855593
date: Wed, 04 Mar 2020 06:23:29 GMT, Wed, 04 Mar 2020 06:23:29 GMT
x-fb-trip-id: 1082456386
last-modified: Mon, 02 Mar 2020 00:28:31 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 961893373
x-fb-config-version-olb-prod: 759
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 63230

GET
H2 200 88378941_200344731203444_2450074809739375337_n.jpg
instagram.fblr1-3.fna.fbcdn.net/v/t51.2885-15/sh0.08/e35/s640x640/ 96 KB
96 KB 426ms
140ms Image
image/jpeg 2a03:2887:ff02:200:face:b00c:3333:a3f
BBIL-AP BHARTI Ai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instagram.fblr1-3.fna.fbcdn.net/v/t51.2885-15/sh0.08/e35/s640x640/88378941_200344731203444_2450074809739375337_n.jpg?_nc_ht=instagram.fblr1-3.fna.fbcdn.net&_nc_cat=1&_nc_ohc=02_zGP1vVTcAX98Drx0&oh=537bc13f1fe5c9b7266e801a0984c59b&oe=5E962DAB
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2887:ff02:200:face:b00c:3333:a3f , Ireland, ASN9498 (BBIL-AP BHARTI Airtel Ltd., IN),
Reverse DNS
Software: /
Resource Hash: 0fe76356c292997e6dcb2ecd0d058974adf8590bd177a6616f37bd17c6c5a245

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 3015871666
date: Wed, 04 Mar 2020 06:23:29 GMT
x-fb-config-version-elb-prod: 759
last-modified: Tue, 03 Mar 2020 02:22:38 GMT
access-control-allow-origin: *
x-fb-config-version-flb-prod: 413
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3669866924
x-fb-config-version-olb-prod: 759
timing-allow-origin: *
content-length: 98378

GET
H2 200 88281172_199429341275234_6877421072060219087_n.jpg
scontent-mad1-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 120 KB
120 KB 109ms
33ms Image
image/jpeg 2a03:2880:f204:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-mad1-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/88281172_199429341275234_6877421072060219087_n.jpg?_nc_ht=scontent-mad1-1.cdninstagram.com&_nc_cat=1&_nc_ohc=bM515KnRPPgAX_RcCpS&oh=b85fc312a48d3704aba5a3a41d835d2f&oe=5E8DC4CE
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f204:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c257872170ef8e0c383742620b052aa0d09d44251652cf5d36996dc214018035

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 2699987171
date: Wed, 04 Mar 2020 06:23:28 GMT, Wed, 04 Mar 2020 06:23:28 GMT
x-fb-trip-id: 664085054
last-modified: Sat, 29 Feb 2020 09:57:36 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2666468493
x-fb-config-version-olb-prod: 758
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 122972

GET
H2 200 88303489_222962888884430_4927729679623104036_n.jpg
instagram.fhen1-1.fna.fbcdn.net/v/t51.2885-15/sh0.08/e35/s640x640/ 89 KB
89 KB 95ms
28ms Image
image/jpeg 2a02:2d8:0:6005:face:b00c:3333:a3f
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instagram.fhen1-1.fna.fbcdn.net/v/t51.2885-15/sh0.08/e35/s640x640/88303489_222962888884430_4927729679623104036_n.jpg?_nc_ht=instagram.fhen1-1.fna.fbcdn.net&_nc_cat=1&_nc_ohc=o-93h9LvxcQAX8rI_fq&oh=c6f4ec9f759dc1d0c11ebb50715e8cc3&oe=5E95A9AE
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2d8:0:6005:face:b00c:3333:a3f St Petersburg, Russian Federation, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: /
Resource Hash: a4d6230f9a40c740a5254abbb717a36d8a4d7320045b3671e3cbf2966395d953

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 4005570099
date: Wed, 04 Mar 2020 06:23:28 GMT
x-fb-config-version-elb-prod: 758
last-modified: Mon, 02 Mar 2020 10:54:44 GMT
access-control-allow-origin: *
x-fb-config-version-flb-prod: 413
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2893451135
x-fb-config-version-olb-prod: 758
timing-allow-origin: *
content-length: 91127

GET
H2 200 88397673_219771282481777_8691670114323233632_n.jpg
instagram.fkkc3-1.fna.fbcdn.net/v/t51.2885-15/e15/p640x640/ 55 KB
56 KB 638ms
210ms Image
image/jpeg 2403:6200:ffff:fb01:face:b00c:3333:a3f
TRIPLETNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instagram.fkkc3-1.fna.fbcdn.net/v/t51.2885-15/e15/p640x640/88397673_219771282481777_8691670114323233632_n.jpg?_nc_ht=instagram.fkkc3-1.fna.fbcdn.net&_nc_cat=1&_nc_ohc=p577bxnPqmkAX-lsvFI&oh=0ff1ebefb7e10bef5a74e9a644e0e73a&oe=5E9A2722
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2403:6200:ffff:fb01:face:b00c:3333:a3f , Thailand, ASN45758 (TRIPLETNET-AS-AP Triple T Internet/Triple T Broadband, TH),
Reverse DNS
Software: /
Resource Hash: 91e038ae8678eb23ab6264a2577bd59566b97f40fba6ba6ef81f5e03e294f42c

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 1757851982
date: Wed, 04 Mar 2020 06:23:29 GMT
x-fb-config-version-elb-prod: 758
last-modified: Mon, 02 Mar 2020 15:00:15 GMT
access-control-allow-origin: *
x-fb-config-version-flb-prod: 413
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 448068412
x-fb-config-version-olb-prod: 758
timing-allow-origin: *
content-length: 56808

GET
H2 200 89089906_923879904698769_5622763352625061552_n.jpg
scontent-frt3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 96 KB
96 KB 19ms
6ms Image
image/jpeg 2a03:2880:f21c:80c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/89089906_923879904698769_5622763352625061552_n.jpg?_nc_ht=scontent-frt3-1.cdninstagram.com&_nc_cat=1&_nc_ohc=rC5n_DVg1B4AX9AfjWu&oh=e5f917f62f02a87a7cd3d2eb87eb8956&oe=5E952937
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:80c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 968b61590c3a96eb3778c2d13641ea0aeafcb318464e8ed578ab0e26944c26c4

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 1886040096
date: Wed, 04 Mar 2020 06:23:28 GMT, Wed, 04 Mar 2020 06:23:28 GMT
x-fb-trip-id: 2050670934
last-modified: Mon, 02 Mar 2020 19:16:51 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1960233923
x-fb-config-version-olb-prod: 758
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 97893

GET
H2 200 87710729_552219478973637_7486379845517200643_n.jpg
scontent-nrt1-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/ 131 KB
131 KB 816ms
270ms Image
image/jpeg 2a03:2880:f20f:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/87710729_552219478973637_7486379845517200643_n.jpg?_nc_ht=scontent-nrt1-1.cdninstagram.com&_nc_cat=1&_nc_ohc=yEQqGU1r4OQAX_-IIbe&oh=aeed8ccce3fed62101647f291eedd75f&oe=5E92DDB3
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20f:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 65bdde7f4c9a489b370233e49ab181503a4b1f0fe4714fd0a4c8649f4b9e4382

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 404486618
date: Wed, 04 Mar 2020 06:23:29 GMT, Wed, 04 Mar 2020 06:23:29 GMT
x-fb-trip-id: 780166575
last-modified: Sun, 01 Mar 2020 13:52:06 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 716546836
x-fb-config-version-olb-prod: 759
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 134088

GET
H2 200 88257529_941516279598500_8899236641124765588_n.jpg
scontent-lga3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/ 86 KB
86 KB 214ms
83ms Image
image/jpeg 2a03:2880:f212:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lga3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/88257529_941516279598500_8899236641124765588_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=1&_nc_ohc=h79nd_WNFVAAX8PyHrR&oh=718bdf3c6e68cc8950079df15f35829d&oe=5E8DBAAB
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6a865c32967dd8d6e49e4dec2a713f89a0115d76ab995c21e530a4adb77d552c

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 1690048111
date: Wed, 04 Mar 2020 06:23:28 GMT, Wed, 04 Mar 2020 06:23:28 GMT
x-fb-trip-id: 2074150462
last-modified: Mon, 02 Mar 2020 02:52:57 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1144068858
x-fb-config-version-olb-prod: 759
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=3600
content-length: 88056

GET
H2 200 87786906_1286191108436137_2314321364165428818_n.jpg
instagram.fjoi3-1.fna.fbcdn.net/v/t51.2885-15/sh0.08/e35/p640x640/ 82 KB
82 KB 703ms
232ms Image
image/jpeg 2804:fe4:2:0:face:b00c:3333:a3f
WBT Internet Ltda ME

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instagram.fjoi3-1.fna.fbcdn.net/v/t51.2885-15/sh0.08/e35/p640x640/87786906_1286191108436137_2314321364165428818_n.jpg?_nc_ht=instagram.fjoi3-1.fna.fbcdn.net&_nc_cat=1&_nc_ohc=mo8_cCY4tvMAX9kr_3A&oh=8a4d7fa2e140616830fa62112dadb562&oe=5E9A0082
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2804:fe4:2:0:face:b00c:3333:a3f , Brazil, ASN262980 (WBT Internet Ltda ME, BR),
Reverse DNS
Software: /
Resource Hash: 67d9813f8c9e5c6d9e97f104be5e13ddc24bdf119c825cbf4a4bf77f7acdbd71

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-haystack-needlechecksum: 2888184879
date: Wed, 04 Mar 2020 06:23:29 GMT
x-fb-config-version-elb-prod: 759
last-modified: Tue, 03 Mar 2020 12:24:32 GMT
access-control-allow-origin: *
x-fb-config-version-flb-prod: 413
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3197148299
x-fb-config-version-olb-prod: 759
timing-allow-origin: *
content-length: 83694

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
29 KB 38ms
24ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:23:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 10974440
cf-ray: 56e9823ced1296f8-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:21:00 GMT
server: cloudflare
etag: W/"5afd497c-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 22 Feb 2021 06:23:28 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.003

GET
H2 200 swiper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.2/js/ 122 KB
31 KB 32ms
18ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.2/js/swiper.min.js

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:23:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 10881740
cf-ray: 56e9823ced1496f8-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 01 Nov 2018 15:47:39 GMT
server: cloudflare
etag: W/"5bdb201b-1e744"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 22 Feb 2021 06:23:28 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.004

GET
H2 200 art.js Show response
saveig.org/js/ 6 KB
2 KB 20ms
17ms Script
application/javascript 2606:4700:20::681a:8a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://saveig.org/js/art.js?v50
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fce17e75445522c4ff9c3fadfe53e7e22ac569cddfde616bd60377fad5ff947c

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:23:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Mar 2020 07:04:52 GMT
server: cloudflare
age: 256278
etag: W/"5e5b5e94-1816"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
cf-ray: 56e9823cdcd1c2f4-FRA
expires: Tue, 31 Mar 2020 07:12:06 GMT

GET
H2 200 search.png
saveig.org/img/ 2 KB
2 KB 18ms
18ms Image
image/png 2606:4700:20::681a:8a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saveig.org/img/search.png
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b58f9e33cb0610010c4af74e9eb1d407e132047fcd5af593867d92639f4cdc8a

Request headers

Referer: https://saveig.org/css/art.css?v50
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 06:23:28 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Dec 2019 01:22:53 GMT
server: cloudflare
age: 2351750
etag: "5df97f6d-869"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 56e9823d0d36c2f4-FRA
content-length: 2153
expires: Sat, 07 Mar 2020 01:07:02 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin: https://saveig.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:17:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 2531167
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13708
x-xss-protection: 0
expires: Tue, 02 Feb 2021 23:17:21 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v14/ 8 KB
8 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1529224e7f0d1dbb6cb34912d804e6bdcb2e7a6dff585eae58f53771ef544475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin: https://saveig.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 10:36:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:39 GMT
server: sffe
age: 2490438
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8108
x-xss-protection: 0
expires: Wed, 03 Feb 2021 10:36:10 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WdhyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v14/ 11 KB
12 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WdhyyTh89ZNpQ.woff2

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb48c413427765058e001d0c562f2cf4d9341a663e155db8b63e864e9372997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin: https://saveig.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 08:05:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:43 GMT
server: sffe
age: 512303
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11712
x-xss-protection: 0
expires: Fri, 26 Feb 2021 08:05:05 GMT

GET
H2 200 native.js Show response
nativesubscribe.pro/code/ 3 KB
2 KB 879ms
39ms Script
application/javascript 88.208.60.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nativesubscribe.pro/code/native.js?h=waWQiOjEwMjQxOTIsInNpZCI6MTAyOTkwNywid2lkIjo1MzkwMCwic3JjIjoyfQ==eyJ
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.60.53 Heemstede, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.3 /
Resource Hash: f2e7b95168e21a90906ddc773d000d9ffdd24bab36f95690e75eb843b5cc3e5f

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:23:29 GMT
content-encoding: gzip
server: nginx/1.17.3
access-control-allow-origin: https://saveig.org
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
x-zone: eu4

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1877
date: Wed, 04 Mar 2020 05:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Wed, 04 Mar 2020 07:52:11 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WZhyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v14/ 4 KB
4 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WZhyyTh89ZNpQ.woff2

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdf0f7d05c2ad1605b7bb817cc7bc6866e4b3be120e6ecc654cc3352ea0c6d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin: https://saveig.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Feb 2020 08:37:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:47 GMT
server: sffe
age: 683132
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 3592
x-xss-protection: 0
expires: Wed, 24 Feb 2021 08:37:56 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=347182823&t=pageview&_s=1&dl=https%3A%2F%2Fsaveig.org%2F&ul=en-us&de=UTF-8&dt=download%20instagram%20stories%20highlights%2C%20photos%20and%20videos%20online%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1204617197&gjid=1773675381&cid=1284503449.1583303009&tid=UA-151166660-1&_gid=737695736.1583303009&_r=1&z=1250650817

Requested by

Host: saveig.org
URL: https://saveig.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 06:23:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.v9.3.0.js Show response
live.demand.supply/ 63 KB
19 KB 88ms
0ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v9.3.0.js
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 925c9a8af20d8a617e97ead1b05f1cd87bd8c26fa07ef464e38c5368ea598be9

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-nf-request-id: f21e5a34-f4bd-4b56-9350-246e841e3370-648306
date: Wed, 04 Mar 2020 06:23:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 580201
cf-polished: origSize=64724
status: 200
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"f239ba3f08131ef94a6e7cd4ab011894-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 56e9823e5b739aaa-FRA

GET
H2 200 v9-2-0 Show response
live.demand.supply/p2/ 1 KB
642 B 256ms
0ms Script
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p2/v9-2-0?url=saveig.org%2F
Requested by: Host: saveig.org
URL: https://saveig.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60adc8177647a1259643b4417ad8afd98a740c09f9ce433c8a13cf51149bf7ce

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:23:29 GMT
content-encoding: br
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 56e9823e5b749aaa-FRA

POST
H2 200 / Show response
live.demand.supply/e/e.js/ 3 B
78 B 112ms
95ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js/?e=ll&d=251&cs=c
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 06:23:29 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 56e9823e7c18c2bd-FRA
content-length: 3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 106 KB
38 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

349bc8c6ee461b5192d69c34c160b8f67b0ef0201c8ad85d1fcf312845054e48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38529
x-xss-protection: 0
server: cafe
etag: 7517423647798500416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Mar 2020 06:23:29 GMT

GET
H2 200 ds.2.html Show response
live.demand.supply/ 413 B
585 B 39ms
23ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id: 668a983d-19e2-43f7-be87-f3057924e143-9826738
date: Wed, 04 Mar 2020 06:23:29 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 1020263
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 56e9823e7c19c2bd-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=saveig.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=saveig.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 95ms
94ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=fs
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.3.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 06:23:29 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 56e9823efd2bc2bd-FRA
content-length: 3

GET
H2 200 saveig.org_responsive_h Show response
api.demand.supply/v9-2-0/a/ 287 B
359 B 112ms
104ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v9-2-0/a/saveig.org_responsive_h
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.3.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b4cb4f1337a9e572ab60d6e698c2e905a1eb952564ee8810e99dbca49832ca

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 06:23:29 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 367
etag: W/"11f-Jnaa4ZxR32a1OjOJ/c+X6i8OTRg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 56e9823f3da8c2bd-FRA
access-control-allow-origin: *

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/ 221 KB
83 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8c08be12e015648be6e4b0040898dd78a7b950926792cd750ee70a12930b89c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84611
x-xss-protection: 0
server: cafe
etag: 8867122644226960194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Mar 2020 06:23:29 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200224/r20190131/ Frame 4B7F 0
0 7ms
6ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200224/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200224/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 27 Feb 2020 11:28:14 GMT
expires: Thu, 12 Mar 2020 11:28:14 GMT
content-type: text/html; charset=UTF-8
etag: 3560819023258359450
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4495
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 500115
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 saveig.org_auto_728x90_sticky_display_bottom Show response
api.demand.supply/v9-2-0/a/ 297 B
290 B 118ms
118ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v9-2-0/a/saveig.org_auto_728x90_sticky_display_bottom
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.3.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba21d4d6e7924c0dab49a48c00e24baceb23dc310c96145d3fc05bd698580505

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 06:23:29 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 771
etag: W/"129-gsxMlBFY44Fllt0gzXIXH8RPNH4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 56e9823fff89c2bd-FRA
access-control-allow-origin: *

GET
H2

200

ds.2.html
live.demand.supply/ Frame F3D6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=ec39dfb7-8dfb-42ff-beda-03ba3d2f9661&adk=1895683892&adf=4246767698&w=900&fwrn=4&fwrnh=100&lmt...
https://live.demand.supply/ds.2.html

0
0

101ms
100ms

Document
text/html

2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
date: Wed, 04 Mar 2020 06:23:29 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db4bea9a87fd1338cbc0fae79ea8171231583303009; expires=Fri, 03-Apr-20 06:23:29 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: 2a267dfb-ae0f-4097-a23f-e7874ba1012c-2414983
cf-cache-status: HIT
age: 2023125
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56e98240ed579aaa-FRA
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 04 Mar 2020 06:23:29 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 04-Mar-2020 06:38:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a5bdf67d362c322582135748215c4533bc194ffbd946519785964f1b7088bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1583152538719053"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27714
x-xss-protection: 0
expires: Wed, 04 Mar 2020 06:23:29 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F70A 0
0 16ms
15ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&adk=1812271804&adf=3025194257&lmt=1583303009&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsaveig.org%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1583303009271&bpp=5&bdt=505&fdt=95&idt=95&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90&nras=1&correlator=3376958735416&frm=20&pv=1&ga_vid=1284503449.1583303009&ga_sid=1583303009&ga_hid=347182823&ga_fc=0&iag=0&icsg=41951875&dssz=14&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=712879847559006&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3831894559014614&output=html&adk=1812271804&adf=3025194257&lmt=1583303009&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsaveig.org%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1583303009271&bpp=5&bdt=505&fdt=95&idt=95&shv=r20200224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90&nras=1&correlator=3376958735416&frm=20&pv=1&ga_vid=1284503449.1583303009&ga_sid=1583303009&ga_hid=347182823&ga_fc=0&iag=0&icsg=41951875&dssz=14&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=712879847559006&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 04 Mar 2020 06:23:29 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 04-Mar-2020 06:38:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Wed, 04 Mar 2020 06:23:29 GMT
cache-control: private

POST
H2 200 / Show response
live.demand.supply/x/ 3 B
57 B 91ms
90ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/?ce=bb&r=saveig.org_auto_728x90_sticky_display_bottom
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.3.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 06:23:29 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 56e98240c920c2bd-FRA
content-length: 3

GET
H2 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 96ms
96ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.3.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-nf-request-id: c5975c60-2ccc-4938-b8ab-a10294dc145a-1130165
date: Wed, 04 Mar 2020 06:23:29 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2239542
etag: W/"62449d075f4a3e3d52199d55096fc6f2-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
status: 200
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 56e98240cd469aaa-FRA

GET
H2

200

ds.2.html
live.demand.supply/ Frame CD9D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=853b2259-003e-469b-b1d1-43f699c283f5&adk=2234287940&adf=1217663374&w=728&lmt=1583303009&psa=0...
https://live.demand.supply/ds.2.html

0
0

89ms
89ms

Document
text/html

2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
date: Wed, 04 Mar 2020 06:23:29 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db4bea9a87fd1338cbc0fae79ea8171231583303009; expires=Fri, 03-Apr-20 06:23:29 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: 2a267dfb-ae0f-4097-a23f-e7874ba1012c-2414983
cf-cache-status: HIT
age: 2023125
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56e982413da49aaa-FRA
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 04 Mar 2020 06:23:29 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUmfmZrUxwVgsRi1XYsfaQBGLhPPMHGIyGoY_l13htf-SBSu3cpoz3-vBBw1; expires=Mon, 29-Mar-2021 06:23:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

ds.2.html
live.demand.supply/ Frame 3C67
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=b5a686f1-717d-4835-bfca-d1cd79140732&adk=3823955009&adf=4246767698&w=900&fwrn=4&fwrnh=100&lmt...
https://live.demand.supply/ds.2.html

0
0

113ms
112ms

Document
text/html

2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
date: Wed, 04 Mar 2020 06:23:29 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db4bea9a87fd1338cbc0fae79ea8171231583303009; expires=Fri, 03-Apr-20 06:23:29 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: 2a267dfb-ae0f-4097-a23f-e7874ba1012c-2414983
cf-cache-status: HIT
age: 2023125
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56e982420e329aaa-FRA
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 04 Mar 2020 06:23:29 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame 1034
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=c48d2b7e-0c4d-4a2c-b955-b0505db247e9&adk=1965487342&adf=1217663374&w=728&lmt=1583303009&psa=0...
https://live.demand.supply/ds.2.html

0
0

89ms
89ms

Document
text/html

2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
date: Wed, 04 Mar 2020 06:23:29 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db4bea9a87fd1338cbc0fae79ea8171231583303009; expires=Fri, 03-Apr-20 06:23:29 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: 2a267dfb-ae0f-4097-a23f-e7874ba1012c-2414983
cf-cache-status: HIT
age: 2023125
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56e982428e9f9aaa-FRA
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 04 Mar 2020 06:23:29 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 sdk.js Show response
metosk.com/v1/ 4 KB
2 KB 29ms
14ms Script
application/javascript 2606:4700:3033::6818:6ad2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metosk.com/v1/sdk.js?h=waWQiOjEwMjQxOTIsInNpZCI6MTAyOTkwNywid2lkIjo1MzkwMCwic3JjIjoyfQ==eyJ&d=saveig.org&sw=sdd.js
Requested by: Host: nativesubscribe.pro
URL: https://nativesubscribe.pro/code/native.js?h=waWQiOjEwMjQxOTIsInNpZCI6MTAyOTkwNywid2lkIjo1MzkwMCwic3JjIjoyfQ==eyJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6ad2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8226ff3777658f7922b9a9fea541bfadff49e6c09bdee2f8108806e89fc6886

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:23:29 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 560
etag: W/"V4+50gVAbGJp6qsXzA5gS6VoO5g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=14400
cf-ray: 56e98242db15bea6-FRA
access-control-allow-origin: https://saveig.org
x-zone: eu

GET
H2

200

ds.2.html
live.demand.supply/ Frame CA87
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=f05ef150-dae3-4004-b68a-ea67132b6f35&adk=150136212&adf=4246767698&w=900&fwrn=4&fwrnh=100&lmt=...
https://live.demand.supply/ds.2.html

0
0

94ms
93ms

Document
text/html

2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
date: Wed, 04 Mar 2020 06:23:29 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db4bea9a87fd1338cbc0fae79ea8171231583303009; expires=Fri, 03-Apr-20 06:23:29 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: 2a267dfb-ae0f-4097-a23f-e7874ba1012c-2414983
cf-cache-status: HIT
age: 2023125
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56e982432f539aaa-FRA
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 04 Mar 2020 06:23:29 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

ds.2.html
live.demand.supply/ Frame BDCC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=ecda4504-9728-4a69-82e8-bbf8b75e697b&adk=1622738907&adf=1217663374&w=728&lmt=1583303009&psa=0...
https://live.demand.supply/ds.2.html

0
0

95ms
95ms

Document
text/html

2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: live.demand.supply
:scheme: https
:path: /ds.2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
date: Wed, 04 Mar 2020 06:23:29 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db4bea9a87fd1338cbc0fae79ea8171231583303009; expires=Fri, 03-Apr-20 06:23:29 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id: 2a267dfb-ae0f-4097-a23f-e7874ba1012c-2414983
cf-cache-status: HIT
age: 2023125
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56e982439fb49aaa-FRA
content-encoding: br

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://live.demand.supply/ds.2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 04 Mar 2020 06:23:29 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 17ms
16ms XHR
application/json 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200224&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a15a64ad1fae8d0dce1718254621076e6536e77a543164af34caa207c4f62bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 04 Mar 2020 06:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200224/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Wed, 04 Mar 2020 06:23:30 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 0588 0
0 6ms
5ms Document
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://saveig.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://saveig.org/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Wed, 04 Mar 2020 05:58:07 GMT
expires: Thu, 04 Mar 2021 05:58:07 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1523
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 15ms
14ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200224&jk=712879847559006&bg=!XF-lX0dYm8Q1owmMaOECAAAAPFIAAAAJmQFWew-qkQ3CpD_lW3XxbiMFFpjn3sagzaubhiHgfUSxQK0Z1N8-WLcbXUKAHwAI5XP5qULVM80Ws5TPCpX7CL7_opOGDRJbe0T2-s1A_Xemy0rh3c6EMay9o_OXhpN2QNuw6-KauOdZG-FDuodVwfIvWcswx3Efkt8Pw460H9rxUlHXTarMNKrkVqXfqQEWrBA89xMVM19vrs3rKO7FK6wrpW0Fex-pLtRJocZ3hE2hR3EIkCJ3fFmEoFT7oZ4H5rP-rlbV_buqr62NDWSDt-LQi8XNGHbyAtzXhs6R0cXGRLPyq4-6yEGQoKV6FiXixlaU0zzzATEJGROiVnOPhjuYq2QApFTRDXnJGfrtqQpSbr8DBnNoMQCvIgAwqIauVPss03BKQz6azWgbXn36H9ZL3y00qGTjSQUqw6EfKQ0nTIoaO989K0NzgNLxswpGneyNX81A7mTM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saveig.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 06:23:30 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 e.js Show response
live.demand.supply/e/ 3 B
187 B 95ms
95ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=saveig.org_sticky_mobile_bottom&e=ubs
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.3.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://saveig.org/
Origin: https://saveig.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 06:23:35 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 56e982647ef5c2bd-FRA
content-length: 3

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:09:59	Name: IDE Value: AHWqTUmfmZrUxwVgsRi1XYsfaQBGLhPPMHGIyGoY_l13htf-SBSu3cpoz3-vBBw1
.saveig.org/	1970-01-19 07:49:49	Name: _gid Value: GA1.2.737695736.1583303009
.saveig.org/	1970-01-19 07:48:23	Name: _gat Value: 1
.saveig.org/	1970-01-20 01:19:35	Name: _ga Value: GA1.2.1284503449.1583303009
.saveig.org/	1970-01-19 08:31:35	Name: __cfduid Value: ddd0eff8a53ec8f79350af8f0da918f9c1583303008

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js(Line 2) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at HTMLDocument.<anonymous> (https://saveig.org/js/art.js?v50:1:3283) at l (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js:2:29375) at c (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js:2:29677) undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.demand.supply
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
instagram.fblr1-3.fna.fbcdn.net
instagram.fhen1-1.fna.fbcdn.net
instagram.fjoi3-1.fna.fbcdn.net
instagram.fkkc3-1.fna.fbcdn.net
instagram.flwo3-1.fna.fbcdn.net
instagram.fsjp8-1.fna.fbcdn.net
live.demand.supply
metosk.com
nativesubscribe.pro
pagead2.googlesyndication.com
saveig.org
scontent-frt3-1.cdninstagram.com
scontent-lax3-1.cdninstagram.com
scontent-lga3-1.cdninstagram.com
scontent-mad1-1.cdninstagram.com
scontent-mia3-2.cdninstagram.com
scontent-mrs2-2.cdninstagram.com
scontent-nrt1-1.cdninstagram.com
scontent-sin6-1.cdninstagram.com
scontent-sin6-2.cdninstagram.com
scontent-sjc3-1.cdninstagram.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
2001:678:604:1:face:b00c:3333:a3f
2403:6200:ffff:fb01:face:b00c:3333:a3f
2606:4700:20::681a:8a6
2606:4700:3033::6818:6ad2
2606:4700::6810:8616
2606:4700::6811:4004
2804:48c:100:153:face:b00c:3333:a3f
2804:fe4:2:0:face:b00c:3333:a3f
2a00:1450:4001:815::2002
2a00:1450:4001:819::2001
2a00:1450:4001:819::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:820::2002
2a00:1450:4001:821::200e
2a02:2d8:0:6005:face:b00c:3333:a3f
2a03:2880:f204:c4:face:b00c:0:43fe
2a03:2880:f20c:2c4:face:b00c:0:43fe
2a03:2880:f20c:c4:face:b00c:0:43fe
2a03:2880:f20d:c4:face:b00c:0:43fe
2a03:2880:f20f:c4:face:b00c:0:43fe
2a03:2880:f212:c4:face:b00c:0:43fe
2a03:2880:f21c:80c4:face:b00c:0:43fe
2a03:2880:f22c:1c4:face:b00c:0:43fe
2a03:2880:f231:c5:face:b00c:0:43fe
2a03:2880:f242:1cb:face:b00c:0:43fe
2a03:2887:ff02:200:face:b00c:3333:a3f
88.208.60.53
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04b4d5d4bdacdac0fb044369bc5d2a4a3f8f4c4f59930b048514f15a9bbf33f6
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0fe76356c292997e6dcb2ecd0d058974adf8590bd177a6616f37bd17c6c5a245
1529224e7f0d1dbb6cb34912d804e6bdcb2e7a6dff585eae58f53771ef544475
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a5bdf67d362c322582135748215c4533bc194ffbd946519785964f1b7088bf7
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
28163c32d70bb3f4c157b69865ad597e8a4fecae8827ffa52e6cbbf373a59efb
349bc8c6ee461b5192d69c34c160b8f67b0ef0201c8ad85d1fcf312845054e48
34b4cb4f1337a9e572ab60d6e698c2e905a1eb952564ee8810e99dbca49832ca
441823a19e6742039ce3e91a1383d834a2d5c8aecafe298e8300d7309c37eee9
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4f3b31fb93aa1de24009d847013f09baabec186a2f2b2efb2267c431304fcc5c
5eb48c413427765058e001d0c562f2cf4d9341a663e155db8b63e864e9372997
5f5b82a7bd184d6442b70e73e2e6404b1950bf96f01f4056d538aaa361e6855f
60adc8177647a1259643b4417ad8afd98a740c09f9ce433c8a13cf51149bf7ce
65bdde7f4c9a489b370233e49ab181503a4b1f0fe4714fd0a4c8649f4b9e4382
67d9813f8c9e5c6d9e97f104be5e13ddc24bdf119c825cbf4a4bf77f7acdbd71
6a865c32967dd8d6e49e4dec2a713f89a0115d76ab995c21e530a4adb77d552c
6d5294bb7e8ef3b333e9f073962bdab605609a9d9d573772283303a98d23b89b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87eb7663270ab92e205a026860434401ccf302a11626069dcc463ca9a8931208
91e038ae8678eb23ab6264a2577bd59566b97f40fba6ba6ef81f5e03e294f42c
925c9a8af20d8a617e97ead1b05f1cd87bd8c26fa07ef464e38c5368ea598be9
968b61590c3a96eb3778c2d13641ea0aeafcb318464e8ed578ab0e26944c26c4
97ba2272cbd4b41eaf1e36a506bd9015bd97d1d3baff0ac46ec41cbd82161205
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a432877af648131848d10484c39f470b5ef2279038fecc343055f8d2e639baa
a15a64ad1fae8d0dce1718254621076e6536e77a543164af34caa207c4f62bc2
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a4d6230f9a40c740a5254abbb717a36d8a4d7320045b3671e3cbf2966395d953
a7abef4b3776c5a08fb1199bef6891ea36ca5c7d713974f9ddbb5689d65b981e
b58f9e33cb0610010c4af74e9eb1d407e132047fcd5af593867d92639f4cdc8a
ba21d4d6e7924c0dab49a48c00e24baceb23dc310c96145d3fc05bd698580505
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
be19eda0e4e70693a613ddacd6354d5c9bba0580f283eec6517bb1092fc98b62
c257872170ef8e0c383742620b052aa0d09d44251652cf5d36996dc214018035
cd100a6c4991a199a63aabd18500d2cbb22d70b52c9bcf076e778ba4b711c69a
cdf0f7d05c2ad1605b7bb817cc7bc6866e4b3be120e6ecc654cc3352ea0c6d7e
d96cdbc8de3c122221c8b2d85cff8b421fc1db18c94bad8a18904206c9497df0
df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98709a688981f627d403d65d2921d7aeed8d87d928d2fda64b35e4574e7cd7e
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f2e7b95168e21a90906ddc773d000d9ffdd24bab36f95690e75eb843b5cc3e5f
f8226ff3777658f7922b9a9fea541bfadff49e6c09bdee2f8108806e89fc6886
f8c08be12e015648be6e4b0040898dd78a7b950926792cd750ee70a12930b89c
fce17e75445522c4ff9c3fadfe53e7e22ac569cddfde616bd60377fad5ff947c

saveig.org Open in urlscan Pro 2606:4700:20::681a:8a6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

96 %IPv6

15 Domains

31 Subdomains

28 IPs

7 Countries

1402 kBTransfer

1927 kBSize

5 Cookies

0 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

saveig.org Open in urlscan Pro
2606:4700:20::681a:8a6 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

96 %
IPv6

15
Domains

31
Subdomains

28
IPs

7
Countries

1402 kB
Transfer

1927 kB
Size

5
Cookies

61 HTTP transactions
2 data transactions