urlscan.io logo urlscan.io
SecurityTrails logo

saveig.org Open in urlscan Pro
2606:4700:20::681a:9a6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://saveig.org/p/BxMCs-glFZS/
Effective URL: https://saveig.org/p/BxMCs-glFZS/
Submission: On January 07 via manual from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 6 countries across 22 domains to perform 51 HTTP transactions. The main IP is 2606:4700:20::681a:9a6, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is saveig.org.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 6th 2019. Valid for: a year.
This is the only time saveig.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f23... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 154.51.131.137 174 (COGENT-174)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 88.208.35.77 39572 (ADVANCEDH...)
2 178.250.0.165 44788 (ASN-CRITE...)
2 74.214.194.133 59940 (PULSEPOIN...)
6 2a00:1450:400... 15169 (GOOGLE)
1 74.214.194.142 59940 (PULSEPOIN...)
1 45.77.54.226 20473 (AS-CHOOPA)
1 2 52.203.138.37 14618 (AMAZON-AES)
1 104.18.100.194 13335 (CLOUDFLAR...)
1 35.190.72.21 15169 (GOOGLE)
1 35.176.88.2 16509 (AMAZON-02)
1 2 52.18.60.121 16509 (AMAZON-02)
1 2 52.2.118.207 14618 (AMAZON-AES)
2 216.58.205.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.12.166 54113 (FASTLY)
1 91.228.74.226 27281 (QUANTCAST)
51 25
6    2606:4700:20::681a:9a6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
saveig.org
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
6    2a03:2880:f234:1c5:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
scontent-dfw5-2.cdninstagram.com
2    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
6    154.51.131.137 (Hayes, United Kingdom)

ASN174 (COGENT-174 - Cogent Communications, US)
tags.h12-media.com
1    2606:4700:30::6818:68f1 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
pagiwp.com
4    2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    88.208.35.77 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
anlcld.com
2    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    74.214.194.133 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
bid.contextweb.com
6    2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.googletagservices.com
1    74.214.194.142 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
ams-tr.contextweb.com
1    45.77.54.226 (Frankfurt am Main, Germany)

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 45.77.54.226.vultr.com
pp-m.ns1p.net
2    52.203.138.37 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-203-138-37.compute-1.amazonaws.com
thrtle.com
1    104.18.100.194 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
p.adsymptotic.com
1    35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com
idsync.rlcdn.com
1    35.176.88.2 (London, United Kingdom)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-176-88-2.eu-west-2.compute.amazonaws.com
aa.agkn.com
2    52.18.60.121 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-60-121.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    52.2.118.207 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-2-118-207.compute-1.amazonaws.com
i.liadm.com
2    216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
1    2a00:1450:4001:81f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
s0.2mdn.net
1    151.101.12.166 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
bh.contextweb.com
1    91.228.74.226 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com
Domain Requested by
6 tags.h12-media.com saveig.org
tags.h12-media.com
6 scontent-dfw5-2.cdninstagram.com saveig.org
6 saveig.org 1 redirects saveig.org
4 fonts.gstatic.com saveig.org
cdnjs.cloudflare.com
3 pagead2.googlesyndication.com tags.h12-media.com
googleads.g.doubleclick.net
saveig.org
2 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 i.liadm.com 1 redirects saveig.org
2 dpm.demdex.net 1 redirects saveig.org
2 thrtle.com 1 redirects saveig.org
2 googleads.g.doubleclick.net tags.h12-media.com
saveig.org
2 bid.contextweb.com tags.h12-media.com
2 bidder.criteo.com tags.h12-media.com
2 cdnjs.cloudflare.com saveig.org
1 pixel.quantserve.com saveig.org
1 bh.contextweb.com saveig.org
1 s0.2mdn.net saveig.org
1 www.googletagservices.com googleads.g.doubleclick.net
1 aa.agkn.com tags.h12-media.com
1 idsync.rlcdn.com tags.h12-media.com
1 p.adsymptotic.com tags.h12-media.com
1 pp-m.ns1p.net tags.h12-media.com
1 ams-tr.contextweb.com tags.h12-media.com
1 anlcld.com pagiwp.com
1 pagiwp.com saveig.org
1 fonts.googleapis.com saveig.org
51 26

This site contains links to these domains. Also see Links.

Domain
scontent-dfw5-2.cdninstagram.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-10-06 -
2020-10-05		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.instagram.com
DigiCert SHA2 High Assurance Server CA		 2019-12-07 -
2020-03-06		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-05 -
2020-06-12		 6 months crt.sh
*.h12-media.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-11 -
2020-09-17		 a year crt.sh
*.google.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
anlcld.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-26 -
2020-11-25		 a year crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2019-12-05 -
2021-04-08		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2018-07-07 -
2020-06-03		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.ns1p.net
DigiCert SHA2 Secure Server CA		 2018-05-07 -
2020-07-29		 2 years crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2019-05-06 -
2020-05-21		 a year crt.sh
ssl919748.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-25 -
2020-06-02		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-24 -
2020-04-23		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2018-06-21 -
2020-09-16		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.liadm.com
Amazon		 2019-12-28 -
2021-01-28		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh

This page contains 7 frames:

Primary Page: https://saveig.org/p/BxMCs-glFZS/
Frame ID: 03BE64D2946888C645CEAC9D4C8F49D1
Requests: 21 HTTP requests in this frame

Frame: https://tags.h12-media.com/v2/tags.js?placement=e48de04f6c24de7eca2f5b62edfcd4b8&ind2=1&ind=1&allowbackup=true&appearance=standard&type=standard&size=336x280&name=%20&sability=true&bref=https%3A%2F%2Fsaveig.org%2Fp%2FBxMCs-glFZS%2F&rnd=0.5753208885624008&pb=undefined&pname=undefined&href=&cvfsy=0%2C1200&mmtitw=56%2C256&bpos=520%2C156&bposscr=520%2C156&cdim=1600%2C1200&ddim=1600%2C1200&clngs=en-US&mdi=2&mhi=15
Frame ID: 80E8688E1B6F2BBA0CDAEC44A0935378
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-8yQIQ78_RAhjx6thlMAE&v=APEucNWU-dvDD4nFNYXtk6QzSpgV2RDBPlzIsuC7jMVSvZhs_rp0aiIfKSm8yTdiOz0S196hroaiBs6VUgjOuoxHNPw7oegKow
Frame ID: 4D2E0EBC8C0398EA18C99D436C408181
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeNX5v3eKc6Bdyht3yTOR1GwSSEMbI70sbrkOzr74NDkeEKQi6QjJN5f8OMLmZNVlacUl-hYIMZk682QftDtmYPSXCrA&cry=1&dbm_d=AKAmf-Dhjs8Bj-eKuuuwYLV1og-5PJw23GgpP-bVSCzu3ZnE_buqPyr0nkKmbB7_W-6bznLT1iAclLUGi147W4Xnej4coraRCs7zUTOiPujpXk_YuOZvlKXwdneN340tr0qyJOETt1JzX62MqX57jC-EDzxUmdO5UEi0-k9EXIYxuDZLKsGqt6Rq8bD_Tfqu1-0Hn7dXTCTG1Bcd9l6SeQhML9-V2CxmP2IbkCduMaLUKy3g93A0ciaeczoJTPcOLh5aZjZy3ewAx9dvQogbCD0aw_UtqT1Na58vB4jO584Mv-oWGHaw1wH4mhRc6rVcVo9rKosUwJ__W8Man0S5SPW1StOkKxpre5YgBMhm7wBew-MEIdReixb978_jNydAhBxkkPr7W2mnX0d2BkfDWO6_UcxzCI-vKfgpnWuIr7fQ_Wmd0bty6MQbyRWKuZy7lm_LQErDmsurzITuo8qWRR8zn90bPJ0YFaqH8b86J3f_slpO55iSEiQyK6s2tNztHiDYgC281u2VJlKzL60dOCZixGLZEXER6XNn6H-G98Sej95_-9NGvmnEaI5VZyw7IBFbA_BskxhisE_pST0FCAaibwHit4VtgaRwRyh8J0ganqqJujvNIr0h8EqerR5gqsvQ6jRxYUT2SHz3HD0sBbTLg_laDzj1cAp6WVkj7gPHYRvtNh3-vrAHBFOMNhmudxdXgOi90MXpw7fmhIESdtLQo7qQ7OsYPc9r8Jkb7JddWOaESyqv8Ic4t938F9YDi1tBr0Ae5uBqgZTiQ_uB7q9_KqKyObMWCeZ6TUaf7jyrROdIlPR11QrMfNWP91DrJPp_gEFTlSl0c10NTYzOp8O84c0oNIMc5tC4VMuQro16bJxggfS6nIhuexOcb4Cfp6fs7Oo5fdPEs-K4_CzCbbdJ9vh1ojO15BeNCUYygiH1KWbQVM4Unc6PN3NPhax0SvRDSbajV--fDRypUcoXb8es1afUuXyM0Jz84LAdnLhUWW00-ZDJJsbrT-Dle7Ip5ZVAGm5F2YOH-IrtXK3Ahm3S99uoKkFC4gp_RcZxSOewFdex27j2oyttG1D_ya31LIC55KAXnGF_eyFSo7HKzXGHWpmFupgYAGl6v0fTtT7UcNN5pM9TA_W39zr_gHQntV5C3iC7tdRsqvzpeLbrqQmDiqJaH7zpqpRGhYknDNZr_CJBPcYhlhl8AOvIQ7T83eV872VVOv4L6rCiqsOamiYsSkknIfrPqw1xFghnSU2qNV2jAgv3BL0Lg1GthD3BJaxTXIvIwhfyR46oh36Aa7eIqwjc-qZug0K43hI2bSG8kKZm6IC-7DDu-Wsh3OvcEr7OUt6tdVhNp03BN6Ta6Uv0Qae5ZRGv3XsDqc56MrHdWEJRTd7jcoHJ20s_kfxuy6fS9eCOfvh4DLvhzDIxq5pYgz3zlyhIHUA5_FdpRyNnNsWJg03oZks9gbq_Rz_ow9d5ZUE5xWwzJFVLE-49Au6wBP0V5bL32IN9BwBUxMMBYbWw4hTymgNWPI6dpRHrsZGqpjUiCj1HkciUch2z_4mh5zj4yakpxWhjnUBN9RpBStnafWCi1gaW_6j-S0f9Lxf7Eog2_QAvmx4rDtyeLqvkybFbpuIXyfImFK3IDvOyWU3F_QOqM7jlvO1NGvBLkaZWypYbHRjCGv1NwGWnUksOdm-Je9hwUE2Ld3GoV9k8wBp_Sb1pwW85jQwEv6K1N40C7pakix6VAub_U3c0hkr00LYj2Dlj7_xT6HQTxCaNLyQf-qh3RGT47YObRdPTyWodgU0ftRXoHMHzTWCfMH1rXUYhe6EGqqtan4aRoV3YyJ9V10CPiAz23nccxvLQtVfcRHmfuLmUrArG748hRyDG0z0i3c4rHTveskgX2Hgwe6OK8WT9Ri6G4uGaCD97DCGItkdFRPmoEMl29fhJDt-T37d5Xnfa9koHV8TN8hlH6nchj2K1ATJ1C4dVeFUtnXK0nX1c7Kr28gaAq42xi2hwd5ORWpkP1ttb52Fq4TPrpSpEo67AGqAqmFZeSJAN8d6YHwf13lCUP5RyD9XF00u8SWnDbmBKvVSlzsJSilKPAQqT0EX9eNlNjF7aQ7vUml8ektfMoXeYdUGn9DYSscSFCiLaxv2ptiE3vVLazSCQTsmm3q0jHiybRTg2kBO1x5XgL5XxBB7DSDrW3YkqeVQORR5XqLgJayfP0iVCq41rYJfVrhhaqql0-pfzxZPsfckCU7m-tD_66VWaOabCiFfhlkOXD_UVecWla3W4ehf7cX_gMCZZMNlRWKTXgX19KETKi-1uGt0QYNqTUK4exTETqvaffgjlUcVrI_M9k4-EpLXSPDPzTgaw9crpd1tYNFPGHWMBB9Teal6jAtL37uKYqTROWGnc6D_-k4AC1Ixgo9BkAt-UZWAvz3mokEzZ0S70-RqWLA7a0zwPdLFp4vAWow1fhSGzF8M3E1HfuMuIb7GuVFthzFt1QkPrhvZGZhjFOS8gz7aFOw_ruk0taWc-eEgzDIH9Yfikpt8TNyw4x5adsRyeKg2QfPEvwWtt_zscwiLbb_8x&pr=12:XhSU7AAAbWAAUgxCShGRN4h4lg7_tFxnfQg4Vw&cid=CAASBORoJng&xfc=https%3A%2F%2Fams-tr.contextweb.com%2Fbh%2Fct2%3Fi%3DJqjVK01Xlpp3%7Ea%3De971ad8795e2a9a45cb2f91c79452f620c92445f%7Ees%3D1%7Eu%3D
Frame ID: 104FAD3BA95E5923C6684B9EB13C8B64
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DC1E948DC3C51899F51DB2E16A4B5C86
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/visitormatch?tag=683788&pid=557779
Frame ID: 810A1C9A511C993E649D39717711B227
Requests: 1 HTTP requests in this frame

Frame: https://pixel.quantserve.com/pixel/p-01-0VIaSjnOLg.gif?tags=CONTEXTWEB.IAB1-2,PUBLISHER.557779,,CAMPAIGN.613604.815472,AA_30300,AA_30001,AA_30601,AA_30103,AA_30803,AA_30901,AA_30206,ADSIZE.300X600,ZIPCODE.E14%200AA,PUBLISHERDOMAIN.saveig.org,APP_BUNDLE.%%APP_BUNDLE%%
Frame ID: BF113126549AFBDAA927D8A3E08B250F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://saveig.org/p/BxMCs-glFZS/ HTTP 301
    https://saveig.org/p/BxMCs-glFZS/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

51
Requests

100 %
HTTPS

38 %
IPv6

22
Domains

26
Subdomains

25
IPs

6
Countries

813 kB
Transfer

1443 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://saveig.org/p/BxMCs-glFZS/ HTTP 301
    https://saveig.org/p/BxMCs-glFZS/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://thrtle.com/insync?vxii_pid=10015&vxii_pdid=8sAf76jZgUrV HTTP 302
  • https://thrtle.com/insync?vxii_pdid=8sAf76jZgUrV&vxii_pid=12&vxii_pid1=10015&vxii_rcid=3bb708d9-9f3b-43e9-b136-09e5d61ed29e
Request Chain 37
  • https://dpm.demdex.net/ibs:dpid=96678&dpuuid=8sAf76jZgUrV HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=8sAf76jZgUrV
Request Chain 38
  • https://i.liadm.com/s/55660?bidder_id=196609&bidder_uuid=8sAf76jZgUrV HTTP 303
  • https://i.liadm.com/s/55660?bidder_id=196609&bidder_uuid=8sAf76jZgUrV&_li_chk=true&previous_uuid=62c1000b64664071a7be3cb1ce37a8cb

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
saveig.org/p/BxMCs-glFZS/
Redirect Chain
  • http://saveig.org/p/BxMCs-glFZS/
  • https://saveig.org/p/BxMCs-glFZS/
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff009f65a7b3992a23940f848ffd086fc52405ef7e8c602d816d41d6143f53e1

Request headers

:method
GET
:authority
saveig.org
:scheme
https
:path
/p/BxMCs-glFZS/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Tue, 07 Jan 2020 14:25:45 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dddf32e5fce605ef7c96a22c569ebda041578407144; expires=Thu, 06-Feb-20 14:25:44 GMT; path=/; domain=.saveig.org; HttpOnly; SameSite=Lax; Secure __cflb=3661239712; Secure; path=/; expires=Tue, 14-Jan-20 14:25:45 GMT; HttpOnly
vary
Accept-Encoding
cache-control
max-age=86400
cf-cache-status
EXPIRED
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
55169a50392797ae-FRA
content-encoding
br

Redirect headers

Date
Tue, 07 Jan 2020 14:25:44 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Tue, 07 Jan 2020 15:25:44 GMT
Location
https://saveig.org/p/BxMCs-glFZS/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
55169a4fdc5fc29f-FRA
art.css
saveig.org/css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saveig.org/css/art.css?v9
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8677c61bbe8ccbc116f747cd52f0aab1a06bdeec84c9f536626afab9056884f

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 07 Jan 2020 14:25:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Dec 2019 12:18:08 GMT
server
cloudflare
age
885709
etag
W/"5e05f680-8cbc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
cf-ray
55169a561baf97ae-FRA
expires
Mon, 27 Jan 2020 08:23:56 GMT
css
fonts.googleapis.com/ 		2 KB
575 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
648b7ff9a487fa29daebcc2cdb1ac3a46a2185b59dfd080e59e09ef05f8fe416
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 07 Jan 2020 14:25:45 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 07 Jan 2020 14:25:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 07 Jan 2020 14:25:45 GMT
56248153_381797716006207_6611142600663498752_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.2885-19/s150x150/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-dfw5-2.cdninstagram.com/v/t51.2885-19/s150x150/56248153_381797716006207_6611142600663498752_n.jpg?_nc_ht=scontent-dfw5-2.cdninstagram.com&_nc_ohc=ETqnW-tmBZ0AX_D4780&oh=5a37b712823ffda2a6b1a1dea2702d25&oe=5E99D6A3
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f234:1c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
245ba38cddabbcc91f366577571bb06fa92beefb8fdc7896b32f2ba6fcf01796

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-haystack-needlechecksum
3483711645
date
Tue, 07 Jan 2020 14:25:46 GMT
x-fb-trip-id
1984883670
last-modified
Sat, 06 Apr 2019 08:53:48 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-fb-config-version-elb-prod
664
x-fb-edge-debug
4X4nBnfkcIIYlGfgCUb1SVED7Q5sQO1m6BJVH_9HymvUuI6mMfTqvcwGzG2Exorrr9iOe40xqMGwX_MIeGXxRQ
x-needle-checksum
2916908504
x-fb-config-version-olb-prod
664
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
8192
60019826_351556589044768_4061205275164162294_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/60019826_351556589044768_4061205275164162294_n.jpg?_nc_ht=scontent-dfw5-2.cdninstagram.com&_nc_cat=104&_nc_ohc=6gMzY6gfYxUAX-onjf2&oh=b640d5d76b7fd4b69ac7ab097581d47b&oe=5EA9EF41
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f234:1c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b3df7ef0ae394d4bb9eee1cb6a76551b7c5ddc66fdec0391a11cbe68699b1481

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-haystack-needlechecksum
2362698555
date
Tue, 07 Jan 2020 14:25:46 GMT
x-fb-trip-id
1984883670
last-modified
Wed, 08 May 2019 04:29:04 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-fb-config-version-elb-prod
664
x-fb-edge-debug
GlsC6iy-HNCBuhOWmoCzN0ftbi2wYVAc2o451Bsm-dhEEr6XkXK7S1mWjxyJxmT_DFNmfbFyjJ0QVhj0LwogOA
x-needle-checksum
1778774622
x-fb-config-version-olb-prod
664
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
118382
57598462_596653334165778_7892040103193023010_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-dfw5-2.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/57598462_596653334165778_7892040103193023010_n.jpg?_nc_ht=scontent-dfw5-2.cdninstagram.com&_nc_cat=106&_nc_ohc=ZF6BOJQp7GYAX_UA2YS&oh=8a3d091ddf7f0896bd76a12353201abc&oe=5EAB975A
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f234:1c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
ebd3b40fd7b61f3523caefdce2a0fb03f2f29498cf92caf914fb3713e30dc64f

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-haystack-needlechecksum
3693727753
date
Tue, 07 Jan 2020 14:25:46 GMT
x-fb-trip-id
1984883670
last-modified
Wed, 08 May 2019 04:29:04 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-fb-config-version-elb-prod
664
x-fb-edge-debug
PtIHUrZP945WSqsm9KtvxNWvJzOvgczLZ0zFX35zaXWlmk_0UK2-NgY6sTj9exunn49sZ7vYZIlhTgLWhyt3YA
x-needle-checksum
1115370390
x-fb-config-version-olb-prod
664
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
56714
27579897_415095485617621_3395265900545310720_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.2885-19/s150x150/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-dfw5-2.cdninstagram.com/v/t51.2885-19/s150x150/27579897_415095485617621_3395265900545310720_n.jpg?_nc_ht=scontent-dfw5-2.cdninstagram.com&_nc_ohc=Bx7fbAkyqtwAX8cDApT&oh=9632fc82aab99f733489e0f9b2f11aef&oe=5E90D70D
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f234:1c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5d865984a30f8eaae2831babb7748423eb0305bccf38dfadeca7094bbbdc218a

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-haystack-needlechecksum
1527927393
date
Tue, 07 Jan 2020 14:25:46 GMT
x-fb-trip-id
1984883670
last-modified
Sat, 17 Feb 2018 22:38:27 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-fb-config-version-elb-prod
664
x-fb-edge-debug
BKBn4NkrrZpyQuNOfdxk9AIMRFO4n8RB5oYfrIB0Axo7L8fEfpX7-gk1dc4Lxd0wHYJq90RaYPFx56dUSQJy4A
x-needle-checksum
3144300226
x-fb-config-version-olb-prod
664
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
10651
11809995_988930687795187_558338260_a.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.2885-19/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-dfw5-2.cdninstagram.com/v/t51.2885-19/11809995_988930687795187_558338260_a.jpg?_nc_ht=scontent-dfw5-2.cdninstagram.com&_nc_ohc=s_yOTLysd4EAX9_TEMr&oh=0545039da8cd7e17602f195bcef177ac&oe=5EABC322
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f234:1c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
d18241b5e111f6c01f3d9d8b0429d2be3ca0f1f5c8c68e0366acf99b63d0044b

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-haystack-needlechecksum
2558699137
date
Tue, 07 Jan 2020 14:25:46 GMT
x-fb-trip-id
1984883670
last-modified
Sat, 08 Aug 2015 18:15:13 GMT
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-fb-config-version-elb-prod
664
x-fb-edge-debug
iK30JfYgL1Ebd-9duFCUPFEms02Yflro6Hl2ykF7MZ1w6vqgVCnUPgNOkTbw2AHyA_NW-d5C2UZI_2Eb2bQpyQ
x-needle-checksum
2161802025
x-fb-config-version-olb-prod
664
timing-allow-origin
*
alt-svc
h3-24=":443"; ma=3600
content-length
8032
51797098_318544249006329_3807378775784554496_n.jpg
scontent-dfw5-2.cdninstagram.com/v/t51.2885-19/s150x150/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-dfw5-2.cdninstagram.com/v/t51.2885-19/s150x150/51797098_318544249006329_3807378775784554496_n.jpg?_nc_ht=scontent-dfw5-2.cdninstagram.com&_nc_ohc=98HG_gLwyksAX_FTnUn&oh=ffb3fedcacf2623639412f9beb83c33f&oe=5EA8C298
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f234:1c5:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
39400a421f4573caa4a28e17c647a0526591961606a88597e1ab59296d9de166

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-haystack-needlechecksum
3555892627
date
Tue, 07 Jan 2020 14:25:46 GMT
x-fb-config-version-elb-prod
664
status
200
x-fb-config-version-olb-prod
664
alt-svc
h3-24=":443"; ma=3600
content-length
8417
x-fb-trip-id
1984883670
last-modified
Fri, 22 Feb 2019 11:09:40 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
kuB4Xdnhwyvi733l8SLUqzlR4Q4-shA1lAd9GPst2WyKtp_fjNTR7epkED2iAby3pz4qqh7CswxYdpm38Y1r-Q
x-needle-checksum
3942067116
accept-ranges
bytes
timing-allow-origin
*
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 07 Jan 2020 14:25:45 GMT
content-encoding
br
cf-cache-status
HIT
age
6078577
cf-ray
55169a562b7fc2e0-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
cloudflare
etag
W/"5afd497c-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 27 Dec 2020 14:25:45 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.003
swiper.min.js
cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.2/js/ 		122 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.2/js/swiper.min.js
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 07 Jan 2020 14:25:45 GMT
content-encoding
br
cf-cache-status
HIT
age
5985877
cf-ray
55169a562b81c2e0-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 01 Nov 2018 15:47:39 GMT
server
cloudflare
etag
W/"5bdb201b-1e744"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 27 Dec 2020 14:25:45 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.004
art.js
saveig.org/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saveig.org/js/art.js?v9
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
299dba63b13547cc4a44f11044d03c44ffe0eb56b35ff60c1630775ec775d962

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 07 Jan 2020 14:25:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Dec 2019 08:23:08 GMT
server
cloudflare
age
885709
etag
W/"5e0710ec-12fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
cf-ray
55169a562bb597ae-FRA
expires
Mon, 27 Jan 2020 08:23:56 GMT
load.js
tags.h12-media.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.h12-media.com/load.js
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.51.131.137 Hayes, United Kingdom, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ARR/3.0
Resource Hash
b2261ed9845ee787269acd8cd593558ed44d9894d0d4d09cfb42f0dd01ed00d0

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Tue, 07 Jan 2020 14:24:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Aug 2019 00:49:23 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ARR/3.0
ETag
"f935ecaf04bd51:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
4727
waWQiOjEwMjQxOTIsInNpZCI6MTAzMjQwNiwid2lkIjo1ODY4MSwic3JjIjoyfQ==eyJ.js
pagiwp.com/pw/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagiwp.com/pw/waWQiOjEwMjQxOTIsInNpZCI6MTAzMjQwNiwid2lkIjo1ODY4MSwic3JjIjoyfQ==eyJ.js
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:68f1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6559a23068533d28e9e1956281c4899c9df56fbc969115f79132e0940751dc82

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 07 Jan 2020 14:25:45 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3641
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=14400
cf-ray
55169a564ae8dfe3-FRA
access-control-allow-origin
https://saveig.org
search.png
saveig.org/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saveig.org/img/search.png
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b58f9e33cb0610010c4af74e9eb1d407e132047fcd5af593867d92639f4cdc8a

Request headers

Referer
https://saveig.org/css/art.css?v9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 07 Jan 2020 14:25:45 GMT
cf-cache-status
HIT
last-modified
Tue, 17 Dec 2019 02:02:35 GMT
server
cloudflare
age
1847456
etag
"5df8373b-869"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
55169a564bff97ae-FRA
content-length
2153
expires
Thu, 16 Jan 2020 05:12:38 GMT
swiper-pre.png
saveig.org/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saveig.org/img/swiper-pre.png
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab58b1d0ab7385f4fcd78a86d46d463d78f461bd76943c65d1c4f5d2bce6a6b3

Request headers

Referer
https://saveig.org/css/art.css?v9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 07 Jan 2020 14:25:45 GMT
cf-cache-status
HIT
last-modified
Tue, 17 Dec 2019 02:02:35 GMT
server
cloudflare
age
1847340
etag
"5df8373b-1010"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
55169a564c0297ae-FRA
content-length
4112
expires
Thu, 16 Jan 2020 05:12:42 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin
https://saveig.org

Response headers

date
Tue, 19 Nov 2019 01:08:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:48 GMT
server
sffe
age
4281425
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13708
x-xss-protection
0
expires
Wed, 18 Nov 2020 01:08:40 GMT
JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v14/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1529224e7f0d1dbb6cb34912d804e6bdcb2e7a6dff585eae58f53771ef544475
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin
https://saveig.org

Response headers

date
Fri, 22 Nov 2019 01:48:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:39 GMT
server
sffe
age
4019825
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8108
x-xss-protection
0
expires
Sat, 21 Nov 2020 01:48:40 GMT
JTUSjIg1_i6t8kCHKm459WdhyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v14/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WdhyyTh89ZNpQ.woff2
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5eb48c413427765058e001d0c562f2cf4d9341a663e155db8b63e864e9372997
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin
https://saveig.org

Response headers

date
Fri, 20 Dec 2019 00:04:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:43 GMT
server
sffe
age
1606894
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11712
x-xss-protection
0
expires
Sat, 19 Dec 2020 00:04:11 GMT
JTUSjIg1_i6t8kCHKm459WZhyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v14/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WZhyyTh89ZNpQ.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.2/js/swiper.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
cdf0f7d05c2ad1605b7bb817cc7bc6866e4b3be120e6ecc654cc3352ea0c6d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin
https://saveig.org

Response headers

date
Wed, 20 Nov 2019 08:09:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:47 GMT
server
sffe
age
4169758
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
3592
x-xss-protection
0
expires
Thu, 19 Nov 2020 08:09:48 GMT
wnload
anlcld.com/ 		0
72 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://anlcld.com/wnload?a=1&e=aeyJwaWQiOjEwMjQxOTIsInNpZCI6MTAzMjQwNiwid2lkIjo1ODY4MSwiZCI6InNhdmVpZy5vcmciLCJsaSI6MX0=
Requested by
Host: pagiwp.com
URL: https://pagiwp.com/pw/waWQiOjEwMjQxOTIsInNpZCI6MTAzMjQwNiwid2lkIjo1ODY4MSwic3JjIjoyfQ==eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.35.77 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://saveig.org/p/BxMCs-glFZS/
Origin
https://saveig.org

Response headers

status
200
date
Tue, 07 Jan 2020 14:26:15 GMT
server
nginx
content-length
0
content-type
application/javascript; charset=utf-8
tags.js
tags.h12-media.com/v2/ Frame 80E8 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.h12-media.com/v2/tags.js?placement=e48de04f6c24de7eca2f5b62edfcd4b8&ind2=1&ind=1&allowbackup=true&appearance=standard&type=standard&size=336x280&name=%20&sability=true&bref=https%3A%2F%2Fsaveig.org%2Fp%2FBxMCs-glFZS%2F&rnd=0.5753208885624008&pb=undefined&pname=undefined&href=&cvfsy=0%2C1200&mmtitw=56%2C256&bpos=520%2C156&bposscr=520%2C156&cdim=1600%2C1200&ddim=1600%2C1200&clngs=en-US&mdi=2&mhi=15
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.51.131.137 Hayes, United Kingdom, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ARR/3.0
Resource Hash
cf6c70995067eeebdf3a37aa1bb8bd359504bf10c18d0dc984a8c073c223cfe5

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Tue, 07 Jan 2020 14:24:54 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
application/x-javascript; Charset=UTF-8
Cache-Control
no-store,no-cache,max-age=0,private
Content-Length
5418
prebid.js
tags.h12-media.com/v2/ Frame 80E8 		251 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.h12-media.com/v2/prebid.js
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v2/tags.js?placement=e48de04f6c24de7eca2f5b62edfcd4b8&ind2=1&ind=1&allowbackup=true&appearance=standard&type=standard&size=336x280&name=%20&sability=true&bref=https%3A%2F%2Fsaveig.org%2Fp%2FBxMCs-glFZS%2F&rnd=0.5753208885624008&pb=undefined&pname=undefined&href=&cvfsy=0%2C1200&mmtitw=56%2C256&bpos=520%2C156&bposscr=520%2C156&cdim=1600%2C1200&ddim=1600%2C1200&clngs=en-US&mdi=2&mhi=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.51.131.137 Hayes, United Kingdom, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ARR/3.0
Resource Hash
dc255e292a64668de4e3e51466c5b257603a4343c21debcbd69ab50fdcd99843

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Tue, 07 Jan 2020 14:24:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Oct 2019 09:05:23 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ARR/3.0
ETag
"ce6a5254ca8fd51:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Accept-Ranges
bytes
truncated
/ Frame 80E8 		488 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15fc980e2d05cf9333045a7ba43b3b4cbfd7e61e1eb9b47be00f01ce1e14589f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
cdb
bidder.criteo.com/ Frame 80E8 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=16&wv=2.24.0&cb=1067491382
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v2/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
Origin
https://saveig.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Tue, 07 Jan 2020 14:25:46 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://saveig.org
timing-allow-origin
*
vary
Origin
ortb
bid.contextweb.com/header/ Frame 80E8 		0
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v2/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
Origin
https://saveig.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Jan 2020 14:25:47 GMT
server
envoy
status
204
cwdl
22/120,22/120,22/120,22/120
access-control-allow-origin
https://saveig.org
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
87
cw-server
bid-deployment-stage-0
tags.js
tags.h12-media.com/v2/ Frame 80E8 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.h12-media.com/v2/tags.js?placement=e48de04f6c24de7eca2f5b62edfcd4b8&ind2=1&ind=1&type=standard&size=336x280&appearance=standard&pname=CHR&name=%20&code=std&freq=&pb=true&bref=https%3A%2F%2Fsaveig.org%2Fp%2FBxMCs-glFZS%2F&href=&rnd=0.4332704670514933&allowbackup=true&sability=true&cvfsy=0,1200&mmtitw=56,256&bpos=520%2C156&bposscr=520%2C156&cdim=1600%2C1200&ddim=1600%2C1200&clngs=en-US&mdi=2&mhi=15
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v2/tags.js?placement=e48de04f6c24de7eca2f5b62edfcd4b8&ind2=1&ind=1&allowbackup=true&appearance=standard&type=standard&size=336x280&name=%20&sability=true&bref=https%3A%2F%2Fsaveig.org%2Fp%2FBxMCs-glFZS%2F&rnd=0.5753208885624008&pb=undefined&pname=undefined&href=&cvfsy=0%2C1200&mmtitw=56%2C256&bpos=520%2C156&bposscr=520%2C156&cdim=1600%2C1200&ddim=1600%2C1200&clngs=en-US&mdi=2&mhi=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.51.131.137 Hayes, United Kingdom, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ARR/3.0
Resource Hash
7b623f2e8a6c442fe47a16d18a565aba1c611dd1b48a14259b822cb1d74d4e3d

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Tue, 07 Jan 2020 14:24:54 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
application/x-javascript; Charset=UTF-8
Cache-Control
no-store,no-cache,max-age=0,private
Content-Length
4237
prebid.js
tags.h12-media.com/v2/ Frame 80E8 		251 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.h12-media.com/v2/prebid.js
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v2/tags.js?placement=e48de04f6c24de7eca2f5b62edfcd4b8&ind2=1&ind=1&type=standard&size=336x280&appearance=standard&pname=CHR&name=%20&code=std&freq=&pb=true&bref=https%3A%2F%2Fsaveig.org%2Fp%2FBxMCs-glFZS%2F&href=&rnd=0.4332704670514933&allowbackup=true&sability=true&cvfsy=0,1200&mmtitw=56,256&bpos=520%2C156&bposscr=520%2C156&cdim=1600%2C1200&ddim=1600%2C1200&clngs=en-US&mdi=2&mhi=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.51.131.137 Hayes, United Kingdom, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ARR/3.0
Resource Hash
dc255e292a64668de4e3e51466c5b257603a4343c21debcbd69ab50fdcd99843

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Tue, 07 Jan 2020 14:24:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Oct 2019 09:05:23 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ARR/3.0
ETag
"ce6a5254ca8fd51:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Accept-Ranges
bytes
ortb
bid.contextweb.com/header/ Frame 80E8 		10 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v2/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
77314b7ef8cd9bf4afddb9027b22584785fba50860bdefbfa77b69a6e5a5c154

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
Origin
https://saveig.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Jan 2020 14:25:47 GMT
content-encoding
gzip
server
envoy
status
200
cwdl
23/300,22/120,22/120
access-control-allow-origin
https://saveig.org
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
70
content-type
application/json;charset=utf-8
cw-server
bid-deployment-569c86fdb5-jwx7d
content-length
6198
cdb
bidder.criteo.com/ Frame 80E8 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=16&wv=2.24.0&cb=6087206288
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v2/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
Origin
https://saveig.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Tue, 07 Jan 2020 14:25:47 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://saveig.org
timing-allow-origin
*
vary
Origin
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4D2E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-8yQIQ78_RAhjx6thlMAE&v=APEucNWU-dvDD4nFNYXtk6QzSpgV2RDBPlzIsuC7jMVSvZhs_rp0aiIfKSm8yTdiOz0S196hroaiBs6VUgjOuoxHNPw7oegKow
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v2/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CI-8yQIQ78_RAhjx6thlMAE&v=APEucNWU-dvDD4nFNYXtk6QzSpgV2RDBPlzIsuC7jMVSvZhs_rp0aiIfKSm8yTdiOz0S196hroaiBs6VUgjOuoxHNPw7oegKow
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://saveig.org/p/BxMCs-glFZS/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://saveig.org/p/BxMCs-glFZS/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 07 Jan 2020 14:25:48 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 07-Jan-2020 14:40:48 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 07 Jan 2020 14:25:48 GMT
cache-control
private
ad
googleads.g.doubleclick.net/dbm/ Frame 104F 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeNX5v3eKc6Bdyht3yTOR1GwSSEMbI70sbrkOzr74NDkeEKQi6QjJN5f8OMLmZNVlacUl-hYIMZk682QftDtmYPSXCrA&cry=1&dbm_d=AKAmf-Dhjs8Bj-eKuuuwYLV1og-5PJw23GgpP-bVSCzu3ZnE_buqPyr0nkKmbB7_W-6bznLT1iAclLUGi147W4Xnej4coraRCs7zUTOiPujpXk_YuOZvlKXwdneN340tr0qyJOETt1JzX62MqX57jC-EDzxUmdO5UEi0-k9EXIYxuDZLKsGqt6Rq8bD_Tfqu1-0Hn7dXTCTG1Bcd9l6SeQhML9-V2CxmP2IbkCduMaLUKy3g93A0ciaeczoJTPcOLh5aZjZy3ewAx9dvQogbCD0aw_UtqT1Na58vB4jO584Mv-oWGHaw1wH4mhRc6rVcVo9rKosUwJ__W8Man0S5SPW1StOkKxpre5YgBMhm7wBew-MEIdReixb978_jNydAhBxkkPr7W2mnX0d2BkfDWO6_UcxzCI-vKfgpnWuIr7fQ_Wmd0bty6MQbyRWKuZy7lm_LQErDmsurzITuo8qWRR8zn90bPJ0YFaqH8b86J3f_slpO55iSEiQyK6s2tNztHiDYgC281u2VJlKzL60dOCZixGLZEXER6XNn6H-G98Sej95_-9NGvmnEaI5VZyw7IBFbA_BskxhisE_pST0FCAaibwHit4VtgaRwRyh8J0ganqqJujvNIr0h8EqerR5gqsvQ6jRxYUT2SHz3HD0sBbTLg_laDzj1cAp6WVkj7gPHYRvtNh3-vrAHBFOMNhmudxdXgOi90MXpw7fmhIESdtLQo7qQ7OsYPc9r8Jkb7JddWOaESyqv8Ic4t938F9YDi1tBr0Ae5uBqgZTiQ_uB7q9_KqKyObMWCeZ6TUaf7jyrROdIlPR11QrMfNWP91DrJPp_gEFTlSl0c10NTYzOp8O84c0oNIMc5tC4VMuQro16bJxggfS6nIhuexOcb4Cfp6fs7Oo5fdPEs-K4_CzCbbdJ9vh1ojO15BeNCUYygiH1KWbQVM4Unc6PN3NPhax0SvRDSbajV--fDRypUcoXb8es1afUuXyM0Jz84LAdnLhUWW00-ZDJJsbrT-Dle7Ip5ZVAGm5F2YOH-IrtXK3Ahm3S99uoKkFC4gp_RcZxSOewFdex27j2oyttG1D_ya31LIC55KAXnGF_eyFSo7HKzXGHWpmFupgYAGl6v0fTtT7UcNN5pM9TA_W39zr_gHQntV5C3iC7tdRsqvzpeLbrqQmDiqJaH7zpqpRGhYknDNZr_CJBPcYhlhl8AOvIQ7T83eV872VVOv4L6rCiqsOamiYsSkknIfrPqw1xFghnSU2qNV2jAgv3BL0Lg1GthD3BJaxTXIvIwhfyR46oh36Aa7eIqwjc-qZug0K43hI2bSG8kKZm6IC-7DDu-Wsh3OvcEr7OUt6tdVhNp03BN6Ta6Uv0Qae5ZRGv3XsDqc56MrHdWEJRTd7jcoHJ20s_kfxuy6fS9eCOfvh4DLvhzDIxq5pYgz3zlyhIHUA5_FdpRyNnNsWJg03oZks9gbq_Rz_ow9d5ZUE5xWwzJFVLE-49Au6wBP0V5bL32IN9BwBUxMMBYbWw4hTymgNWPI6dpRHrsZGqpjUiCj1HkciUch2z_4mh5zj4yakpxWhjnUBN9RpBStnafWCi1gaW_6j-S0f9Lxf7Eog2_QAvmx4rDtyeLqvkybFbpuIXyfImFK3IDvOyWU3F_QOqM7jlvO1NGvBLkaZWypYbHRjCGv1NwGWnUksOdm-Je9hwUE2Ld3GoV9k8wBp_Sb1pwW85jQwEv6K1N40C7pakix6VAub_U3c0hkr00LYj2Dlj7_xT6HQTxCaNLyQf-qh3RGT47YObRdPTyWodgU0ftRXoHMHzTWCfMH1rXUYhe6EGqqtan4aRoV3YyJ9V10CPiAz23nccxvLQtVfcRHmfuLmUrArG748hRyDG0z0i3c4rHTveskgX2Hgwe6OK8WT9Ri6G4uGaCD97DCGItkdFRPmoEMl29fhJDt-T37d5Xnfa9koHV8TN8hlH6nchj2K1ATJ1C4dVeFUtnXK0nX1c7Kr28gaAq42xi2hwd5ORWpkP1ttb52Fq4TPrpSpEo67AGqAqmFZeSJAN8d6YHwf13lCUP5RyD9XF00u8SWnDbmBKvVSlzsJSilKPAQqT0EX9eNlNjF7aQ7vUml8ektfMoXeYdUGn9DYSscSFCiLaxv2ptiE3vVLazSCQTsmm3q0jHiybRTg2kBO1x5XgL5XxBB7DSDrW3YkqeVQORR5XqLgJayfP0iVCq41rYJfVrhhaqql0-pfzxZPsfckCU7m-tD_66VWaOabCiFfhlkOXD_UVecWla3W4ehf7cX_gMCZZMNlRWKTXgX19KETKi-1uGt0QYNqTUK4exTETqvaffgjlUcVrI_M9k4-EpLXSPDPzTgaw9crpd1tYNFPGHWMBB9Teal6jAtL37uKYqTROWGnc6D_-k4AC1Ixgo9BkAt-UZWAvz3mokEzZ0S70-RqWLA7a0zwPdLFp4vAWow1fhSGzF8M3E1HfuMuIb7GuVFthzFt1QkPrhvZGZhjFOS8gz7aFOw_ruk0taWc-eEgzDIH9Yfikpt8TNyw4x5adsRyeKg2QfPEvwWtt_zscwiLbb_8x&pr=12:XhSU7AAAbWAAUgxCShGRN4h4lg7_tFxnfQg4Vw&cid=CAASBORoJng&xfc=https%3A%2F%2Fams-tr.contextweb.com%2Fbh%2Fct2%3Fi%3DJqjVK01Xlpp3%7Ea%3De971ad8795e2a9a45cb2f91c79452f620c92445f%7Ees%3D1%7Eu%3D
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
aa0db3672633757ed794c111b9a4b286482fee6258796dfaff605b36ed1c3844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jan 2020 14:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16919
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
it
ams-tr.contextweb.com/bh/ Frame 104F 		49 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams-tr.contextweb.com/bh/it?bf=-EiyC7zUu4E%3D&di=kqMbvjRI0s0%3D&dcc=0.000&dl=18m_GbkblfA%3D&nid=s1va_DJ-gzg%3D&advid=GId6jmRhC4w%3D&dm=saveig.org&crpc=-EiyC7zUu4E%3D&bp=m69EpKjxjcE%3D&dt=0EYdXevGxh0%3D&rcpc=-EiyC7zUu4E%3D&vgd=8sAf76jZgUrV&vend=unknown&drc=-EiyC7zUu4E%3D&mpcrs=1&rcpa=-EiyC7zUu4E%3D&ddgpr=kqMbvjRI0s0%3D&wp=2zNeIgUauGw%3D&rcpm=2zNeIgUauGw%3D&key=RlXX9jQEIvhWNZZ_k3ZcSAZoaA1CZOin&cc=DAN4e_KQWL4%3D&st=s1va_DJ-gzg%3D&svc=Nnm8om4SgFw%3D&ad=815472&campid=lWqc7sT96Fk%3D&etid=683788&ci=true&h=037c233f6f260fdf0f19752400873c7f1cd37605&i=JqjVK01Xlpp3&epid=557779&liid=kqMbvjRI0s0%3D&dlr=3dgarZR96dk%3D&cp=2zNeIgUauGw%3D&p=557779&ct=683788&ebp=2zNeIgUauGw%3D&srv=PZU2HZCDj6leoC4kg3MWXMp9GNCZykVyMaNwfguAkzZSx5O3HhWXdA%3D%3D&ts=WDDZgevvciBaowWlmrCigg%3D%3D&dc=3
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v2/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.214.194.142 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 07 Jan 2020 14:25:48 GMT
server
Jetty(9.4.14.v20181114)
vary
Accept-Encoding
content-language
en
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status
200
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
tr-deployment-stage-0
content-length
49
expires
-1
l.gif
pp-m.ns1p.net/a/ Frame 104F 		43 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pp-m.ns1p.net/a/l.gif?t=e1xFu
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v2/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.77.54.226 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
45.77.54.226.vultr.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jan 2020 14:25:48 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
status
200
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
content-length
43
x-xss-protection
1; mode=block
expires
0
insync
thrtle.com/ Frame 104F
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10015&vxii_pdid=8sAf76jZgUrV
  • https://thrtle.com/insync?vxii_pdid=8sAf76jZgUrV&vxii_pid=12&vxii_pid1=10015&vxii_rcid=3bb708d9-9f3b-43e9-b136-09e5d61ed29e
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pdid=8sAf76jZgUrV&vxii_pid=12&vxii_pid1=10015&vxii_rcid=3bb708d9-9f3b-43e9-b136-09e5d61ed29e
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.138.37 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-203-138-37.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Tue, 07 Jan 2020 14:25:48 GMT
server
p3p
CP="NOI OUR BUS UNI COM NAV"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Tue, 07 Jan 2020 14:25:48 GMT
server
p3p
CP="NOI OUR BUS UNI COM NAV"
content-length
158
location
https://thrtle.com/insync?vxii_pdid=8sAf76jZgUrV&vxii_pid=12&vxii_pid1=10015&vxii_rcid=3bb708d9-9f3b-43e9-b136-09e5d61ed29e
content-type
text/html; charset=utf-8
/
p.adsymptotic.com/d/px/ Frame 104F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16114&_psign=3db7b29efbfb28d2f0e0af76d53e6dff&_puuid=8sAf76jZgUrV&_rand=xAGcO
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v2/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.100.194 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers
400066.gif
idsync.rlcdn.com/ Frame 104F 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/400066.gif?partner_uid=8sAf76jZgUrV&gdpr=1&gdpr_consent=BOOgjO9OOgjO9APABAENAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v2/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
21.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
204
date
Tue, 07 Jan 2020 14:25:48 GMT
via
1.1 google
alt-svc
clear
g.pixel
aa.agkn.com/adscores/ Frame 104F 		43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212304178&puid=8sAf76jZgUrV
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v2/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.88.2 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-176-88-2.eu-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jan 2020 14:25:48 GMT
server
AAWebServer
p3p
policyref="http://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
demconf.jpg
dpm.demdex.net/ Frame 104F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=96678&dpuuid=8sAf76jZgUrV
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=8sAf76jZgUrV
42 B
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=8sAf76jZgUrV
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.60.121 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-18-60-121.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v056-004ed32bf.edge-irl1.demdex.com 5.64.2.20191219100008 1ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
0xKrkafDSo8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
rMYtLJd3T4M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=8sAf76jZgUrV
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
55660
i.liadm.com/s/ Frame 104F
Redirect Chain
  • https://i.liadm.com/s/55660?bidder_id=196609&bidder_uuid=8sAf76jZgUrV
  • https://i.liadm.com/s/55660?bidder_id=196609&bidder_uuid=8sAf76jZgUrV&_li_chk=true&previous_uuid=62c1000b64664071a7be3cb1ce37a8cb
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/55660?bidder_id=196609&bidder_uuid=8sAf76jZgUrV&_li_chk=true&previous_uuid=62c1000b64664071a7be3cb1ce37a8cb
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.118.207 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-2-118-207.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Tue, 07 Jan 2020 14:25:48 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
/s/55660?bidder_id=196609&bidder_uuid=8sAf76jZgUrV&_li_chk=true&previous_uuid=62c1000b64664071a7be3cb1ce37a8cb
Date
Tue, 07 Jan 2020 14:25:48 GMT
Connection
keep-alive
Content-Length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 104F 		42 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BYbt2CUhZyR5R2HjTfjbulxzxboLyjemnaNkh07uSbCtYZ4d6Dx5DuZWyohNlpPTY-JLMO2NGzvB8iBdKxiUjD0pCW5gfEtfFlL7-vJRRtLrJ6y7w
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v2/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jan 2020 14:25:48 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20200102/r20110914/ Frame 104F 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200102/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeNX5v3eKc6Bdyht3yTOR1GwSSEMbI70sbrkOzr74NDkeEKQi6QjJN5f8OMLmZNVlacUl-hYIMZk682QftDtmYPSXCrA&cry=1&dbm_d=AKAmf-Dhjs8Bj-eKuuuwYLV1og-5PJw23GgpP-bVSCzu3ZnE_buqPyr0nkKmbB7_W-6bznLT1iAclLUGi147W4Xnej4coraRCs7zUTOiPujpXk_YuOZvlKXwdneN340tr0qyJOETt1JzX62MqX57jC-EDzxUmdO5UEi0-k9EXIYxuDZLKsGqt6Rq8bD_Tfqu1-0Hn7dXTCTG1Bcd9l6SeQhML9-V2CxmP2IbkCduMaLUKy3g93A0ciaeczoJTPcOLh5aZjZy3ewAx9dvQogbCD0aw_UtqT1Na58vB4jO584Mv-oWGHaw1wH4mhRc6rVcVo9rKosUwJ__W8Man0S5SPW1StOkKxpre5YgBMhm7wBew-MEIdReixb978_jNydAhBxkkPr7W2mnX0d2BkfDWO6_UcxzCI-vKfgpnWuIr7fQ_Wmd0bty6MQbyRWKuZy7lm_LQErDmsurzITuo8qWRR8zn90bPJ0YFaqH8b86J3f_slpO55iSEiQyK6s2tNztHiDYgC281u2VJlKzL60dOCZixGLZEXER6XNn6H-G98Sej95_-9NGvmnEaI5VZyw7IBFbA_BskxhisE_pST0FCAaibwHit4VtgaRwRyh8J0ganqqJujvNIr0h8EqerR5gqsvQ6jRxYUT2SHz3HD0sBbTLg_laDzj1cAp6WVkj7gPHYRvtNh3-vrAHBFOMNhmudxdXgOi90MXpw7fmhIESdtLQo7qQ7OsYPc9r8Jkb7JddWOaESyqv8Ic4t938F9YDi1tBr0Ae5uBqgZTiQ_uB7q9_KqKyObMWCeZ6TUaf7jyrROdIlPR11QrMfNWP91DrJPp_gEFTlSl0c10NTYzOp8O84c0oNIMc5tC4VMuQro16bJxggfS6nIhuexOcb4Cfp6fs7Oo5fdPEs-K4_CzCbbdJ9vh1ojO15BeNCUYygiH1KWbQVM4Unc6PN3NPhax0SvRDSbajV--fDRypUcoXb8es1afUuXyM0Jz84LAdnLhUWW00-ZDJJsbrT-Dle7Ip5ZVAGm5F2YOH-IrtXK3Ahm3S99uoKkFC4gp_RcZxSOewFdex27j2oyttG1D_ya31LIC55KAXnGF_eyFSo7HKzXGHWpmFupgYAGl6v0fTtT7UcNN5pM9TA_W39zr_gHQntV5C3iC7tdRsqvzpeLbrqQmDiqJaH7zpqpRGhYknDNZr_CJBPcYhlhl8AOvIQ7T83eV872VVOv4L6rCiqsOamiYsSkknIfrPqw1xFghnSU2qNV2jAgv3BL0Lg1GthD3BJaxTXIvIwhfyR46oh36Aa7eIqwjc-qZug0K43hI2bSG8kKZm6IC-7DDu-Wsh3OvcEr7OUt6tdVhNp03BN6Ta6Uv0Qae5ZRGv3XsDqc56MrHdWEJRTd7jcoHJ20s_kfxuy6fS9eCOfvh4DLvhzDIxq5pYgz3zlyhIHUA5_FdpRyNnNsWJg03oZks9gbq_Rz_ow9d5ZUE5xWwzJFVLE-49Au6wBP0V5bL32IN9BwBUxMMBYbWw4hTymgNWPI6dpRHrsZGqpjUiCj1HkciUch2z_4mh5zj4yakpxWhjnUBN9RpBStnafWCi1gaW_6j-S0f9Lxf7Eog2_QAvmx4rDtyeLqvkybFbpuIXyfImFK3IDvOyWU3F_QOqM7jlvO1NGvBLkaZWypYbHRjCGv1NwGWnUksOdm-Je9hwUE2Ld3GoV9k8wBp_Sb1pwW85jQwEv6K1N40C7pakix6VAub_U3c0hkr00LYj2Dlj7_xT6HQTxCaNLyQf-qh3RGT47YObRdPTyWodgU0ftRXoHMHzTWCfMH1rXUYhe6EGqqtan4aRoV3YyJ9V10CPiAz23nccxvLQtVfcRHmfuLmUrArG748hRyDG0z0i3c4rHTveskgX2Hgwe6OK8WT9Ri6G4uGaCD97DCGItkdFRPmoEMl29fhJDt-T37d5Xnfa9koHV8TN8hlH6nchj2K1ATJ1C4dVeFUtnXK0nX1c7Kr28gaAq42xi2hwd5ORWpkP1ttb52Fq4TPrpSpEo67AGqAqmFZeSJAN8d6YHwf13lCUP5RyD9XF00u8SWnDbmBKvVSlzsJSilKPAQqT0EX9eNlNjF7aQ7vUml8ektfMoXeYdUGn9DYSscSFCiLaxv2ptiE3vVLazSCQTsmm3q0jHiybRTg2kBO1x5XgL5XxBB7DSDrW3YkqeVQORR5XqLgJayfP0iVCq41rYJfVrhhaqql0-pfzxZPsfckCU7m-tD_66VWaOabCiFfhlkOXD_UVecWla3W4ehf7cX_gMCZZMNlRWKTXgX19KETKi-1uGt0QYNqTUK4exTETqvaffgjlUcVrI_M9k4-EpLXSPDPzTgaw9crpd1tYNFPGHWMBB9Teal6jAtL37uKYqTROWGnc6D_-k4AC1Ixgo9BkAt-UZWAvz3mokEzZ0S70-RqWLA7a0zwPdLFp4vAWow1fhSGzF8M3E1HfuMuIb7GuVFthzFt1QkPrhvZGZhjFOS8gz7aFOw_ruk0taWc-eEgzDIH9Yfikpt8TNyw4x5adsRyeKg2QfPEvwWtt_zscwiLbb_8x&pr=12:XhSU7AAAbWAAUgxCShGRN4h4lg7_tFxnfQg4Vw&cid=CAASBORoJng&xfc=https%3A%2F%2Fams-tr.contextweb.com%2Fbh%2Fct2%3Fi%3DJqjVK01Xlpp3%7Ea%3De971ad8795e2a9a45cb2f91c79452f620c92445f%7Ees%3D1%7Eu%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
2cb5dbda7ec3d42bd1127b45b2ddb735d74b45f985c69877179d69e17806d4a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 23:01:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
401037
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11164
x-xss-protection
0
server
cafe
etag
11596334863938724808
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jan 2020 23:01:51 GMT
lidar.js
www.googletagservices.com/activeview/js/current/ Frame 104F 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeNX5v3eKc6Bdyht3yTOR1GwSSEMbI70sbrkOzr74NDkeEKQi6QjJN5f8OMLmZNVlacUl-hYIMZk682QftDtmYPSXCrA&cry=1&dbm_d=AKAmf-Dhjs8Bj-eKuuuwYLV1og-5PJw23GgpP-bVSCzu3ZnE_buqPyr0nkKmbB7_W-6bznLT1iAclLUGi147W4Xnej4coraRCs7zUTOiPujpXk_YuOZvlKXwdneN340tr0qyJOETt1JzX62MqX57jC-EDzxUmdO5UEi0-k9EXIYxuDZLKsGqt6Rq8bD_Tfqu1-0Hn7dXTCTG1Bcd9l6SeQhML9-V2CxmP2IbkCduMaLUKy3g93A0ciaeczoJTPcOLh5aZjZy3ewAx9dvQogbCD0aw_UtqT1Na58vB4jO584Mv-oWGHaw1wH4mhRc6rVcVo9rKosUwJ__W8Man0S5SPW1StOkKxpre5YgBMhm7wBew-MEIdReixb978_jNydAhBxkkPr7W2mnX0d2BkfDWO6_UcxzCI-vKfgpnWuIr7fQ_Wmd0bty6MQbyRWKuZy7lm_LQErDmsurzITuo8qWRR8zn90bPJ0YFaqH8b86J3f_slpO55iSEiQyK6s2tNztHiDYgC281u2VJlKzL60dOCZixGLZEXER6XNn6H-G98Sej95_-9NGvmnEaI5VZyw7IBFbA_BskxhisE_pST0FCAaibwHit4VtgaRwRyh8J0ganqqJujvNIr0h8EqerR5gqsvQ6jRxYUT2SHz3HD0sBbTLg_laDzj1cAp6WVkj7gPHYRvtNh3-vrAHBFOMNhmudxdXgOi90MXpw7fmhIESdtLQo7qQ7OsYPc9r8Jkb7JddWOaESyqv8Ic4t938F9YDi1tBr0Ae5uBqgZTiQ_uB7q9_KqKyObMWCeZ6TUaf7jyrROdIlPR11QrMfNWP91DrJPp_gEFTlSl0c10NTYzOp8O84c0oNIMc5tC4VMuQro16bJxggfS6nIhuexOcb4Cfp6fs7Oo5fdPEs-K4_CzCbbdJ9vh1ojO15BeNCUYygiH1KWbQVM4Unc6PN3NPhax0SvRDSbajV--fDRypUcoXb8es1afUuXyM0Jz84LAdnLhUWW00-ZDJJsbrT-Dle7Ip5ZVAGm5F2YOH-IrtXK3Ahm3S99uoKkFC4gp_RcZxSOewFdex27j2oyttG1D_ya31LIC55KAXnGF_eyFSo7HKzXGHWpmFupgYAGl6v0fTtT7UcNN5pM9TA_W39zr_gHQntV5C3iC7tdRsqvzpeLbrqQmDiqJaH7zpqpRGhYknDNZr_CJBPcYhlhl8AOvIQ7T83eV872VVOv4L6rCiqsOamiYsSkknIfrPqw1xFghnSU2qNV2jAgv3BL0Lg1GthD3BJaxTXIvIwhfyR46oh36Aa7eIqwjc-qZug0K43hI2bSG8kKZm6IC-7DDu-Wsh3OvcEr7OUt6tdVhNp03BN6Ta6Uv0Qae5ZRGv3XsDqc56MrHdWEJRTd7jcoHJ20s_kfxuy6fS9eCOfvh4DLvhzDIxq5pYgz3zlyhIHUA5_FdpRyNnNsWJg03oZks9gbq_Rz_ow9d5ZUE5xWwzJFVLE-49Au6wBP0V5bL32IN9BwBUxMMBYbWw4hTymgNWPI6dpRHrsZGqpjUiCj1HkciUch2z_4mh5zj4yakpxWhjnUBN9RpBStnafWCi1gaW_6j-S0f9Lxf7Eog2_QAvmx4rDtyeLqvkybFbpuIXyfImFK3IDvOyWU3F_QOqM7jlvO1NGvBLkaZWypYbHRjCGv1NwGWnUksOdm-Je9hwUE2Ld3GoV9k8wBp_Sb1pwW85jQwEv6K1N40C7pakix6VAub_U3c0hkr00LYj2Dlj7_xT6HQTxCaNLyQf-qh3RGT47YObRdPTyWodgU0ftRXoHMHzTWCfMH1rXUYhe6EGqqtan4aRoV3YyJ9V10CPiAz23nccxvLQtVfcRHmfuLmUrArG748hRyDG0z0i3c4rHTveskgX2Hgwe6OK8WT9Ri6G4uGaCD97DCGItkdFRPmoEMl29fhJDt-T37d5Xnfa9koHV8TN8hlH6nchj2K1ATJ1C4dVeFUtnXK0nX1c7Kr28gaAq42xi2hwd5ORWpkP1ttb52Fq4TPrpSpEo67AGqAqmFZeSJAN8d6YHwf13lCUP5RyD9XF00u8SWnDbmBKvVSlzsJSilKPAQqT0EX9eNlNjF7aQ7vUml8ektfMoXeYdUGn9DYSscSFCiLaxv2ptiE3vVLazSCQTsmm3q0jHiybRTg2kBO1x5XgL5XxBB7DSDrW3YkqeVQORR5XqLgJayfP0iVCq41rYJfVrhhaqql0-pfzxZPsfckCU7m-tD_66VWaOabCiFfhlkOXD_UVecWla3W4ehf7cX_gMCZZMNlRWKTXgX19KETKi-1uGt0QYNqTUK4exTETqvaffgjlUcVrI_M9k4-EpLXSPDPzTgaw9crpd1tYNFPGHWMBB9Teal6jAtL37uKYqTROWGnc6D_-k4AC1Ixgo9BkAt-UZWAvz3mokEzZ0S70-RqWLA7a0zwPdLFp4vAWow1fhSGzF8M3E1HfuMuIb7GuVFthzFt1QkPrhvZGZhjFOS8gz7aFOw_ruk0taWc-eEgzDIH9Yfikpt8TNyw4x5adsRyeKg2QfPEvwWtt_zscwiLbb_8x&pr=12:XhSU7AAAbWAAUgxCShGRN4h4lg7_tFxnfQg4Vw&cid=CAASBORoJng&xfc=https%3A%2F%2Fams-tr.contextweb.com%2Fbh%2Fct2%3Fi%3DJqjVK01Xlpp3%7Ea%3De971ad8795e2a9a45cb2f91c79452f620c92445f%7Ees%3D1%7Eu%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0800f0b19e6c7f35369d10505dd05e02352bb255fd88b63d1ab3f1628eaf5f06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 07 Jan 2020 14:25:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1578313968550048"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28589
x-xss-protection
0
expires
Tue, 07 Jan 2020 14:25:48 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 104F 		0
104 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstXg88PNgcRDXSnwhiVBoVUD9aAsOzwTotvx88ADU4kRbJQs-J_1FQeBYppa-yBE5iTfwPefDnL_84xJkF728dL1vWxgq7D0OmqVc22UAXDDrtOsywz2dGalCCwN4wDyohUPlVFy1cXVrSpNIiiBqOfq_HflTYqzGtXqppGVSBh6KE4BDPdZrEgEq4T301tfVF7YubMWzoYuJH5brJmS9799acxa3bkoTQK1metXZMb08pSlftGYoE1SofZdSvQrpBHS7MO4CD8Qe0SfzG8PBPypLfyntr0mT2Hq67NM54ovAsNKd5odf2Rl3oYm0_PIjOzveAHCnglkMmNgb6KFXPNbNgR904a-44szpS_XHeOUqPZxadLodsp7nzvUwga2f1GiPgzPnAW6jFBs3FsRxWbmnqPdJ2EdgcPxhuyy40mQgo3_5qbUuPaOt-DeqcsEn-ru6IrciEg8ZlVcMH54vKdqZcg3dr0tLwCEjNKOJA7rT6PYqN8e0QdOGLiHft-x2_cwR-zeTo8TcJOkY97aMkkxQu0kS9Ge5V84UnxIwsOwPARjN3cCBlCcN38xEbKCHRsyHstAEgKWLwvYN-hT8k_X1RU24KXRknnWNi6piNzwO5LPdAkMV3sSNP44d3pNmYrqcGEgaNwf7yQ5TJMPGJkZFeshQhwLUVb0n1ZOSKopc3qBx-hRySYq3_BYZWrOb28E1yURMY0j9v8mXgoEq1aCi0a558coAA6l28CoRnLO55aVNuG0dRj5louiqUO-Y7JJLNwffHtbJn1rGueSiFYEO9JhJQ1InDq82--nigEeaDh5U6CYkH8Bh-RgdiwRnfHe5sSfZPydXbIKwchWWg0q2OPWkC7dVzY5lMpHMSz9o0p-fo&sai=AMfl-YRj3JZeAJZeZP5_6l2g6s2-NInT-KrFmDmwXO25ai5AAXcktyB2NqzF9rQqglfPkxDKfNlsFPSERR8477rIDYnggFvX9if21kn-f57IaiLZFYEg-g&sig=Cg0ArKJSzMQfxN2LVKcCEAE&pr=12:XhSU7AAAbWAAUgxCShGRN4h4lg7_tFxnfQg4Vw&urlfix=1&omid=0&rm=1&ctpt=1&cstd=0&cisv=r20200102&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeNX5v3eKc6Bdyht3yTOR1GwSSEMbI70sbrkOzr74NDkeEKQi6QjJN5f8OMLmZNVlacUl-hYIMZk682QftDtmYPSXCrA&cry=1&dbm_d=AKAmf-Dhjs8Bj-eKuuuwYLV1og-5PJw23GgpP-bVSCzu3ZnE_buqPyr0nkKmbB7_W-6bznLT1iAclLUGi147W4Xnej4coraRCs7zUTOiPujpXk_YuOZvlKXwdneN340tr0qyJOETt1JzX62MqX57jC-EDzxUmdO5UEi0-k9EXIYxuDZLKsGqt6Rq8bD_Tfqu1-0Hn7dXTCTG1Bcd9l6SeQhML9-V2CxmP2IbkCduMaLUKy3g93A0ciaeczoJTPcOLh5aZjZy3ewAx9dvQogbCD0aw_UtqT1Na58vB4jO584Mv-oWGHaw1wH4mhRc6rVcVo9rKosUwJ__W8Man0S5SPW1StOkKxpre5YgBMhm7wBew-MEIdReixb978_jNydAhBxkkPr7W2mnX0d2BkfDWO6_UcxzCI-vKfgpnWuIr7fQ_Wmd0bty6MQbyRWKuZy7lm_LQErDmsurzITuo8qWRR8zn90bPJ0YFaqH8b86J3f_slpO55iSEiQyK6s2tNztHiDYgC281u2VJlKzL60dOCZixGLZEXER6XNn6H-G98Sej95_-9NGvmnEaI5VZyw7IBFbA_BskxhisE_pST0FCAaibwHit4VtgaRwRyh8J0ganqqJujvNIr0h8EqerR5gqsvQ6jRxYUT2SHz3HD0sBbTLg_laDzj1cAp6WVkj7gPHYRvtNh3-vrAHBFOMNhmudxdXgOi90MXpw7fmhIESdtLQo7qQ7OsYPc9r8Jkb7JddWOaESyqv8Ic4t938F9YDi1tBr0Ae5uBqgZTiQ_uB7q9_KqKyObMWCeZ6TUaf7jyrROdIlPR11QrMfNWP91DrJPp_gEFTlSl0c10NTYzOp8O84c0oNIMc5tC4VMuQro16bJxggfS6nIhuexOcb4Cfp6fs7Oo5fdPEs-K4_CzCbbdJ9vh1ojO15BeNCUYygiH1KWbQVM4Unc6PN3NPhax0SvRDSbajV--fDRypUcoXb8es1afUuXyM0Jz84LAdnLhUWW00-ZDJJsbrT-Dle7Ip5ZVAGm5F2YOH-IrtXK3Ahm3S99uoKkFC4gp_RcZxSOewFdex27j2oyttG1D_ya31LIC55KAXnGF_eyFSo7HKzXGHWpmFupgYAGl6v0fTtT7UcNN5pM9TA_W39zr_gHQntV5C3iC7tdRsqvzpeLbrqQmDiqJaH7zpqpRGhYknDNZr_CJBPcYhlhl8AOvIQ7T83eV872VVOv4L6rCiqsOamiYsSkknIfrPqw1xFghnSU2qNV2jAgv3BL0Lg1GthD3BJaxTXIvIwhfyR46oh36Aa7eIqwjc-qZug0K43hI2bSG8kKZm6IC-7DDu-Wsh3OvcEr7OUt6tdVhNp03BN6Ta6Uv0Qae5ZRGv3XsDqc56MrHdWEJRTd7jcoHJ20s_kfxuy6fS9eCOfvh4DLvhzDIxq5pYgz3zlyhIHUA5_FdpRyNnNsWJg03oZks9gbq_Rz_ow9d5ZUE5xWwzJFVLE-49Au6wBP0V5bL32IN9BwBUxMMBYbWw4hTymgNWPI6dpRHrsZGqpjUiCj1HkciUch2z_4mh5zj4yakpxWhjnUBN9RpBStnafWCi1gaW_6j-S0f9Lxf7Eog2_QAvmx4rDtyeLqvkybFbpuIXyfImFK3IDvOyWU3F_QOqM7jlvO1NGvBLkaZWypYbHRjCGv1NwGWnUksOdm-Je9hwUE2Ld3GoV9k8wBp_Sb1pwW85jQwEv6K1N40C7pakix6VAub_U3c0hkr00LYj2Dlj7_xT6HQTxCaNLyQf-qh3RGT47YObRdPTyWodgU0ftRXoHMHzTWCfMH1rXUYhe6EGqqtan4aRoV3YyJ9V10CPiAz23nccxvLQtVfcRHmfuLmUrArG748hRyDG0z0i3c4rHTveskgX2Hgwe6OK8WT9Ri6G4uGaCD97DCGItkdFRPmoEMl29fhJDt-T37d5Xnfa9koHV8TN8hlH6nchj2K1ATJ1C4dVeFUtnXK0nX1c7Kr28gaAq42xi2hwd5ORWpkP1ttb52Fq4TPrpSpEo67AGqAqmFZeSJAN8d6YHwf13lCUP5RyD9XF00u8SWnDbmBKvVSlzsJSilKPAQqT0EX9eNlNjF7aQ7vUml8ektfMoXeYdUGn9DYSscSFCiLaxv2ptiE3vVLazSCQTsmm3q0jHiybRTg2kBO1x5XgL5XxBB7DSDrW3YkqeVQORR5XqLgJayfP0iVCq41rYJfVrhhaqql0-pfzxZPsfckCU7m-tD_66VWaOabCiFfhlkOXD_UVecWla3W4ehf7cX_gMCZZMNlRWKTXgX19KETKi-1uGt0QYNqTUK4exTETqvaffgjlUcVrI_M9k4-EpLXSPDPzTgaw9crpd1tYNFPGHWMBB9Teal6jAtL37uKYqTROWGnc6D_-k4AC1Ixgo9BkAt-UZWAvz3mokEzZ0S70-RqWLA7a0zwPdLFp4vAWow1fhSGzF8M3E1HfuMuIb7GuVFthzFt1QkPrhvZGZhjFOS8gz7aFOw_ruk0taWc-eEgzDIH9Yfikpt8TNyw4x5adsRyeKg2QfPEvwWtt_zscwiLbb_8x&pr=12:XhSU7AAAbWAAUgxCShGRN4h4lg7_tFxnfQg4Vw&cid=CAASBORoJng&xfc=https%3A%2F%2Fams-tr.contextweb.com%2Fbh%2Fct2%3Fi%3DJqjVK01Xlpp3%7Ea%3De971ad8795e2a9a45cb2f91c79452f620c92445f%7Ees%3D1%7Eu%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
Origin
https://saveig.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
date
Tue, 07 Jan 2020 14:25:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 104F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeNX5v3eKc6Bdyht3yTOR1GwSSEMbI70sbrkOzr74NDkeEKQi6QjJN5f8OMLmZNVlacUl-hYIMZk682QftDtmYPSXCrA&cry=1&dbm_d=AKAmf-Dhjs8Bj-eKuuuwYLV1og-5PJw23GgpP-bVSCzu3ZnE_buqPyr0nkKmbB7_W-6bznLT1iAclLUGi147W4Xnej4coraRCs7zUTOiPujpXk_YuOZvlKXwdneN340tr0qyJOETt1JzX62MqX57jC-EDzxUmdO5UEi0-k9EXIYxuDZLKsGqt6Rq8bD_Tfqu1-0Hn7dXTCTG1Bcd9l6SeQhML9-V2CxmP2IbkCduMaLUKy3g93A0ciaeczoJTPcOLh5aZjZy3ewAx9dvQogbCD0aw_UtqT1Na58vB4jO584Mv-oWGHaw1wH4mhRc6rVcVo9rKosUwJ__W8Man0S5SPW1StOkKxpre5YgBMhm7wBew-MEIdReixb978_jNydAhBxkkPr7W2mnX0d2BkfDWO6_UcxzCI-vKfgpnWuIr7fQ_Wmd0bty6MQbyRWKuZy7lm_LQErDmsurzITuo8qWRR8zn90bPJ0YFaqH8b86J3f_slpO55iSEiQyK6s2tNztHiDYgC281u2VJlKzL60dOCZixGLZEXER6XNn6H-G98Sej95_-9NGvmnEaI5VZyw7IBFbA_BskxhisE_pST0FCAaibwHit4VtgaRwRyh8J0ganqqJujvNIr0h8EqerR5gqsvQ6jRxYUT2SHz3HD0sBbTLg_laDzj1cAp6WVkj7gPHYRvtNh3-vrAHBFOMNhmudxdXgOi90MXpw7fmhIESdtLQo7qQ7OsYPc9r8Jkb7JddWOaESyqv8Ic4t938F9YDi1tBr0Ae5uBqgZTiQ_uB7q9_KqKyObMWCeZ6TUaf7jyrROdIlPR11QrMfNWP91DrJPp_gEFTlSl0c10NTYzOp8O84c0oNIMc5tC4VMuQro16bJxggfS6nIhuexOcb4Cfp6fs7Oo5fdPEs-K4_CzCbbdJ9vh1ojO15BeNCUYygiH1KWbQVM4Unc6PN3NPhax0SvRDSbajV--fDRypUcoXb8es1afUuXyM0Jz84LAdnLhUWW00-ZDJJsbrT-Dle7Ip5ZVAGm5F2YOH-IrtXK3Ahm3S99uoKkFC4gp_RcZxSOewFdex27j2oyttG1D_ya31LIC55KAXnGF_eyFSo7HKzXGHWpmFupgYAGl6v0fTtT7UcNN5pM9TA_W39zr_gHQntV5C3iC7tdRsqvzpeLbrqQmDiqJaH7zpqpRGhYknDNZr_CJBPcYhlhl8AOvIQ7T83eV872VVOv4L6rCiqsOamiYsSkknIfrPqw1xFghnSU2qNV2jAgv3BL0Lg1GthD3BJaxTXIvIwhfyR46oh36Aa7eIqwjc-qZug0K43hI2bSG8kKZm6IC-7DDu-Wsh3OvcEr7OUt6tdVhNp03BN6Ta6Uv0Qae5ZRGv3XsDqc56MrHdWEJRTd7jcoHJ20s_kfxuy6fS9eCOfvh4DLvhzDIxq5pYgz3zlyhIHUA5_FdpRyNnNsWJg03oZks9gbq_Rz_ow9d5ZUE5xWwzJFVLE-49Au6wBP0V5bL32IN9BwBUxMMBYbWw4hTymgNWPI6dpRHrsZGqpjUiCj1HkciUch2z_4mh5zj4yakpxWhjnUBN9RpBStnafWCi1gaW_6j-S0f9Lxf7Eog2_QAvmx4rDtyeLqvkybFbpuIXyfImFK3IDvOyWU3F_QOqM7jlvO1NGvBLkaZWypYbHRjCGv1NwGWnUksOdm-Je9hwUE2Ld3GoV9k8wBp_Sb1pwW85jQwEv6K1N40C7pakix6VAub_U3c0hkr00LYj2Dlj7_xT6HQTxCaNLyQf-qh3RGT47YObRdPTyWodgU0ftRXoHMHzTWCfMH1rXUYhe6EGqqtan4aRoV3YyJ9V10CPiAz23nccxvLQtVfcRHmfuLmUrArG748hRyDG0z0i3c4rHTveskgX2Hgwe6OK8WT9Ri6G4uGaCD97DCGItkdFRPmoEMl29fhJDt-T37d5Xnfa9koHV8TN8hlH6nchj2K1ATJ1C4dVeFUtnXK0nX1c7Kr28gaAq42xi2hwd5ORWpkP1ttb52Fq4TPrpSpEo67AGqAqmFZeSJAN8d6YHwf13lCUP5RyD9XF00u8SWnDbmBKvVSlzsJSilKPAQqT0EX9eNlNjF7aQ7vUml8ektfMoXeYdUGn9DYSscSFCiLaxv2ptiE3vVLazSCQTsmm3q0jHiybRTg2kBO1x5XgL5XxBB7DSDrW3YkqeVQORR5XqLgJayfP0iVCq41rYJfVrhhaqql0-pfzxZPsfckCU7m-tD_66VWaOabCiFfhlkOXD_UVecWla3W4ehf7cX_gMCZZMNlRWKTXgX19KETKi-1uGt0QYNqTUK4exTETqvaffgjlUcVrI_M9k4-EpLXSPDPzTgaw9crpd1tYNFPGHWMBB9Teal6jAtL37uKYqTROWGnc6D_-k4AC1Ixgo9BkAt-UZWAvz3mokEzZ0S70-RqWLA7a0zwPdLFp4vAWow1fhSGzF8M3E1HfuMuIb7GuVFthzFt1QkPrhvZGZhjFOS8gz7aFOw_ruk0taWc-eEgzDIH9Yfikpt8TNyw4x5adsRyeKg2QfPEvwWtt_zscwiLbb_8x&pr=12:XhSU7AAAbWAAUgxCShGRN4h4lg7_tFxnfQg4Vw&cid=CAASBORoJng&xfc=https%3A%2F%2Fams-tr.contextweb.com%2Fbh%2Fct2%3Fi%3DJqjVK01Xlpp3%7Ea%3De971ad8795e2a9a45cb2f91c79452f620c92445f%7Ees%3D1%7Eu%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 07 Jan 2020 08:45:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 May 2018 20:45:00 GMT
server
sffe
age
20430
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
expires
Wed, 06 Jan 2021 08:45:18 GMT
1127978893742905884
s0.2mdn.net/simgad/ Frame 104F 		190 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1127978893742905884
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a229d90bb4292aec2ae05c7e88c8e443607f0b636fac606c5277c6bbee5ff112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 16:12:06 GMT
x-content-type-options
nosniff
age
2499222
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
194708
x-xss-protection
0
last-modified
Mon, 09 Dec 2019 13:53:43 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Dec 2020 16:12:06 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DC1E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://saveig.org/p/BxMCs-glFZS/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://saveig.org/p/BxMCs-glFZS/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
8395
date
Tue, 07 Jan 2020 12:36:32 GMT
expires
Wed, 06 Jan 2021 12:36:32 GMT
last-modified
Wed, 09 May 2018 20:45:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6556
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
view
googleads4.g.doubleclick.net/pcs/ Frame 104F 		0
658 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstXg88PNgcRDXSnwhiVBoVUD9aAsOzwTotvx88ADU4kRbJQs-J_1FQeBYppa-yBE5iTfwPefDnL_84xJkF728dL1vWxgq7D0OmqVc22UAXDDrtOsywz2dGalCCwN4wDyohUPlVFy1cXVrSpNIiiBqOfq_HflTYqzGtXqppGVSBh6KE4BDPdZrEgEq4T301tfVF7YubMWzoYuJH5brJmS9799acxa3bkoTQK1metXZMb08pSlftGYoE1SofZdSvQrpBHS7MO4CD8Qe0SfzG8PBPypLfyntr0mT2Hq67NM54ovAsNKd5odf2Rl3oYm0_PIjOzveAHCnglkMmNgb6KFXPNbNgR904a-44szpS_XHeOUqPZxadLodsp7nzvUwga2f1GiPgzPnAW6jFBs3FsRxWbmnqPdJ2EdgcPxhuyy40mQgo3_5qbUuPaOt-DeqcsEn-ru6IrciEg8ZlVcMH54vKdqZcg3dr0tLwCEjNKOJA7rT6PYqN8e0QdOGLiHft-x2_cwR-zeTo8TcJOkY97aMkkxQu0kS9Ge5V84UnxIwsOwPARjN3cCBlCcN38xEbKCHRsyHstAEgKWLwvYN-hT8k_X1RU24KXRknnWNi6piNzwO5LPdAkMV3sSNP44d3pNmYrqcGEgaNwf7yQ5TJMPGJkZFeshQhwLUVb0n1ZOSKopc3qBx-hRySYq3_BYZWrOb28E1yURMY0j9v8mXgoEq1aCi0a558coAA6l28CoRnLO55aVNuG0dRj5louiqUO-Y7JJLNwffHtbJn1rGueSiFYEO9JhJQ1InDq82--nigEeaDh5U6CYkH8Bh-RgdiwRnfHe5sSfZPydXbIKwchWWg0q2OPWkC7dVzY5lMpHMSz9o0p-fo&sai=AMfl-YRj3JZeAJZeZP5_6l2g6s2-NInT-KrFmDmwXO25ai5AAXcktyB2NqzF9rQqglfPkxDKfNlsFPSERR8477rIDYnggFvX9if21kn-f57IaiLZFYEg-g&sig=Cg0ArKJSzMQfxN2LVKcCEAE&pr=12:XhSU7AAAbWAAUgxCShGRN4h4lg7_tFxnfQg4Vw&urlfix=1&omid=0&rm=1&ctpt=45&vt=11&dtpt=44&dett=2&cstd=0&cisv=r20200102&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeNX5v3eKc6Bdyht3yTOR1GwSSEMbI70sbrkOzr74NDkeEKQi6QjJN5f8OMLmZNVlacUl-hYIMZk682QftDtmYPSXCrA&cry=1&dbm_d=AKAmf-Dhjs8Bj-eKuuuwYLV1og-5PJw23GgpP-bVSCzu3ZnE_buqPyr0nkKmbB7_W-6bznLT1iAclLUGi147W4Xnej4coraRCs7zUTOiPujpXk_YuOZvlKXwdneN340tr0qyJOETt1JzX62MqX57jC-EDzxUmdO5UEi0-k9EXIYxuDZLKsGqt6Rq8bD_Tfqu1-0Hn7dXTCTG1Bcd9l6SeQhML9-V2CxmP2IbkCduMaLUKy3g93A0ciaeczoJTPcOLh5aZjZy3ewAx9dvQogbCD0aw_UtqT1Na58vB4jO584Mv-oWGHaw1wH4mhRc6rVcVo9rKosUwJ__W8Man0S5SPW1StOkKxpre5YgBMhm7wBew-MEIdReixb978_jNydAhBxkkPr7W2mnX0d2BkfDWO6_UcxzCI-vKfgpnWuIr7fQ_Wmd0bty6MQbyRWKuZy7lm_LQErDmsurzITuo8qWRR8zn90bPJ0YFaqH8b86J3f_slpO55iSEiQyK6s2tNztHiDYgC281u2VJlKzL60dOCZixGLZEXER6XNn6H-G98Sej95_-9NGvmnEaI5VZyw7IBFbA_BskxhisE_pST0FCAaibwHit4VtgaRwRyh8J0ganqqJujvNIr0h8EqerR5gqsvQ6jRxYUT2SHz3HD0sBbTLg_laDzj1cAp6WVkj7gPHYRvtNh3-vrAHBFOMNhmudxdXgOi90MXpw7fmhIESdtLQo7qQ7OsYPc9r8Jkb7JddWOaESyqv8Ic4t938F9YDi1tBr0Ae5uBqgZTiQ_uB7q9_KqKyObMWCeZ6TUaf7jyrROdIlPR11QrMfNWP91DrJPp_gEFTlSl0c10NTYzOp8O84c0oNIMc5tC4VMuQro16bJxggfS6nIhuexOcb4Cfp6fs7Oo5fdPEs-K4_CzCbbdJ9vh1ojO15BeNCUYygiH1KWbQVM4Unc6PN3NPhax0SvRDSbajV--fDRypUcoXb8es1afUuXyM0Jz84LAdnLhUWW00-ZDJJsbrT-Dle7Ip5ZVAGm5F2YOH-IrtXK3Ahm3S99uoKkFC4gp_RcZxSOewFdex27j2oyttG1D_ya31LIC55KAXnGF_eyFSo7HKzXGHWpmFupgYAGl6v0fTtT7UcNN5pM9TA_W39zr_gHQntV5C3iC7tdRsqvzpeLbrqQmDiqJaH7zpqpRGhYknDNZr_CJBPcYhlhl8AOvIQ7T83eV872VVOv4L6rCiqsOamiYsSkknIfrPqw1xFghnSU2qNV2jAgv3BL0Lg1GthD3BJaxTXIvIwhfyR46oh36Aa7eIqwjc-qZug0K43hI2bSG8kKZm6IC-7DDu-Wsh3OvcEr7OUt6tdVhNp03BN6Ta6Uv0Qae5ZRGv3XsDqc56MrHdWEJRTd7jcoHJ20s_kfxuy6fS9eCOfvh4DLvhzDIxq5pYgz3zlyhIHUA5_FdpRyNnNsWJg03oZks9gbq_Rz_ow9d5ZUE5xWwzJFVLE-49Au6wBP0V5bL32IN9BwBUxMMBYbWw4hTymgNWPI6dpRHrsZGqpjUiCj1HkciUch2z_4mh5zj4yakpxWhjnUBN9RpBStnafWCi1gaW_6j-S0f9Lxf7Eog2_QAvmx4rDtyeLqvkybFbpuIXyfImFK3IDvOyWU3F_QOqM7jlvO1NGvBLkaZWypYbHRjCGv1NwGWnUksOdm-Je9hwUE2Ld3GoV9k8wBp_Sb1pwW85jQwEv6K1N40C7pakix6VAub_U3c0hkr00LYj2Dlj7_xT6HQTxCaNLyQf-qh3RGT47YObRdPTyWodgU0ftRXoHMHzTWCfMH1rXUYhe6EGqqtan4aRoV3YyJ9V10CPiAz23nccxvLQtVfcRHmfuLmUrArG748hRyDG0z0i3c4rHTveskgX2Hgwe6OK8WT9Ri6G4uGaCD97DCGItkdFRPmoEMl29fhJDt-T37d5Xnfa9koHV8TN8hlH6nchj2K1ATJ1C4dVeFUtnXK0nX1c7Kr28gaAq42xi2hwd5ORWpkP1ttb52Fq4TPrpSpEo67AGqAqmFZeSJAN8d6YHwf13lCUP5RyD9XF00u8SWnDbmBKvVSlzsJSilKPAQqT0EX9eNlNjF7aQ7vUml8ektfMoXeYdUGn9DYSscSFCiLaxv2ptiE3vVLazSCQTsmm3q0jHiybRTg2kBO1x5XgL5XxBB7DSDrW3YkqeVQORR5XqLgJayfP0iVCq41rYJfVrhhaqql0-pfzxZPsfckCU7m-tD_66VWaOabCiFfhlkOXD_UVecWla3W4ehf7cX_gMCZZMNlRWKTXgX19KETKi-1uGt0QYNqTUK4exTETqvaffgjlUcVrI_M9k4-EpLXSPDPzTgaw9crpd1tYNFPGHWMBB9Teal6jAtL37uKYqTROWGnc6D_-k4AC1Ixgo9BkAt-UZWAvz3mokEzZ0S70-RqWLA7a0zwPdLFp4vAWow1fhSGzF8M3E1HfuMuIb7GuVFthzFt1QkPrhvZGZhjFOS8gz7aFOw_ruk0taWc-eEgzDIH9Yfikpt8TNyw4x5adsRyeKg2QfPEvwWtt_zscwiLbb_8x&pr=12:XhSU7AAAbWAAUgxCShGRN4h4lg7_tFxnfQg4Vw&cid=CAASBORoJng&xfc=https%3A%2F%2Fams-tr.contextweb.com%2Fbh%2Fct2%3Fi%3DJqjVK01Xlpp3%7Ea%3De971ad8795e2a9a45cb2f91c79452f620c92445f%7Ees%3D1%7Eu%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
Origin
https://saveig.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 07 Jan 2020 14:25:48 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
Cookie set visitormatch
bh.contextweb.com/bh/ Frame 810A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/bh/visitormatch?tag=683788&pid=557779
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.166 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash

Request headers

Host
bh.contextweb.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://saveig.org/p/BxMCs-glFZS/
Accept-Encoding
gzip, deflate, br
Cookie
V=8sAf76jZgUrV; wf=0; gdpr=BOOgjO9OOgjO9APABAENAi-AAAAWd7_______9____7_9uz_Gv_r_ff_3nW0739P1A_r_Oz_rm_-zzV44_lpQQRCEA; vf=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://saveig.org/p/BxMCs-glFZS/

Response headers

Cache-Control
private, max-age=0, no-cache, no-store
Content-Encoding
gzip
Content-Language
en
Content-Type
text/html; charset=utf-8
Cw-Server
bh-deployment-5d57bcf698-7lcvg
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Server
Jetty(9.4.14.v20181114)
Set-Cookie
_dbefe=http://10.223.18.43:8080; Path=/ pb_rtb_ev=3-xxl|7E9.0|7Ot.0|7Eb.0|79f.0|88b.0|7ef.0|7Ty.0|7C4.0|7Nq.0|7Bj.0|7jM.0|7aw.0|7TY.0|7hN.0|7TZ.0|7fK.0|7Fl.0|824.0|89i.0|7br.0|7Fn.0|7bs.0|7WX.0|6zB.0|7Xh.0|83u.0|78K.0|7i3.0|87G.0|2N.0|7RY.0|6T6.0|7As.0|7dN.0|85M.0|4is.0|7Rn.0|1Em.0|17m.0|76Y.0|3oy.0|86H.0|0.0|5Ql.0|81B.0|86L.0;Path=/;Domain=.contextweb.com;Expires=Wed, 06-Jan-2021 14:25:48 GMT;Max-Age=31536000 V=8sAf76jZgUrV;Path=/;Domain=.contextweb.com;Expires=Fri, 01-Jan-2021 14:25:48 GMT;Max-Age=31104000
Content-Length
1776
Accept-Ranges
bytes
Date
Tue, 07 Jan 2020 14:25:48 GMT
Via
1.1 varnish
Connection
keep-alive
X-Served-By
cache-fra19168-FRA
X-Cache
MISS
X-Cache-Hits
0
Vary
Accept-Encoding
Cookie set p-01-0VIaSjnOLg.gif
pixel.quantserve.com/pixel/ Frame BF11 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.quantserve.com/pixel/p-01-0VIaSjnOLg.gif?tags=CONTEXTWEB.IAB1-2,PUBLISHER.557779,,CAMPAIGN.613604.815472,AA_30300,AA_30001,AA_30601,AA_30103,AA_30803,AA_30901,AA_30206,ADSIZE.300X600,ZIPCODE.E14%200AA,PUBLISHERDOMAIN.saveig.org,APP_BUNDLE.%%APP_BUNDLE%%
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.226 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash

Request headers

Host
pixel.quantserve.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://saveig.org/p/BxMCs-glFZS/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://saveig.org/p/BxMCs-glFZS/

Response headers

Cache-Control
private, no-cache, no-store, proxy-revalidate
Content-Type
image/gif
Date
Tue, 07 Jan 2020 14:25:48 GMT
Expires
Fri, 04 Aug 1978 12:00:00 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Pragma
no-cache
Server
QS
Set-Cookie
mc=5e1494ec-5f19a-2129f-2e3de; expires=Sat, 06-Feb-2021 14:25:48 GMT; path=/; domain=.quantserve.com; SameSite=None
Content-Length
35
Connection
keep-alive
activeview
pagead2.googlesyndication.com/pcs/ Frame 104F 		42 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuB6BHIk4is-a7qPWJmvwJhrrDG_CbSb3BHUMgKiQ4XIEFxG6HaBEukROgUkQ38dVummh3bbxOchw&sig=Cg0ArKJSzJWZ6l7qCVIKEAE&id=lidar2&adk=1&p=0,0,600,300&tos=1006,0,0,0,0&mtos=1006,1006,1006,1006,1006&mcvt=1006&rs=5&tfs=228&tls=1234&mc=1&lte=-1&bas=0&bac=0&met=no&avms=nio&niot_obs=122&niot_cbk=128&lm=4&imams=1&bs=1585,1200&ps=1585,2344&ss=1600,1200&tt=1117&pt=118&bin=2&deb=1-1-1-4-11-0-0-11-0-0-0&tvt=1110&iframe_loc=https%253A%252F%252Fsaveig.org%252Fp%252FBxMCs-glFZS%252F&is=300,600&url=https%3A%2F%2Fsaveig.org%2Fp%2FBxMCs-glFZS%2F&itpl=32&r=v&v=20200106
Requested by
Host: saveig.org
URL: https://saveig.org/p/BxMCs-glFZS/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jan 2020 14:25:49 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
tags.h12-media.com/rtb/ Frame 80E8 		14 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.h12-media.com/rtb/?pname=hb_result&pn=CH2&ins=hb_imp_raw&placement=e48de04f6c24de7eca2f5b62edfcd4b8&ifr=17442172&cc=GB&dt=DESK&size=300x600&wp=0.03&bd=pulsepoint&d=1
Requested by
Host: tags.h12-media.com
URL: https://tags.h12-media.com/v2/tags.js?placement=e48de04f6c24de7eca2f5b62edfcd4b8&ind2=1&ind=1&type=standard&size=336x280&appearance=standard&pname=CHR&name=%20&code=std&freq=&pb=true&bref=https%3A%2F%2Fsaveig.org%2Fp%2FBxMCs-glFZS%2F&href=&rnd=0.4332704670514933&allowbackup=true&sability=true&cvfsy=0,1200&mmtitw=56,256&bpos=520%2C156&bposscr=520%2C156&cdim=1600%2C1200&ddim=1600%2C1200&clngs=en-US&mdi=2&mhi=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.51.131.137 Hayes, United Kingdom, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ARR/3.0
Resource Hash
03170be1a3e868ed7cb8ab9fd5fe22f4d66610ceac08602b83ca2b294e159f28

Request headers

Referer
https://saveig.org/p/BxMCs-glFZS/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Tue, 07 Jan 2020 14:24:56 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
ARR/3.0
Vary
Accept-Encoding
Content-Type
application/x-javascript; Charset=UTF-8
Cache-Control
no-store,no-cache,max-age=0,private
Srg-X
x-.152
Content-Length
133

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| h12precont object| h12_adarray function| $ function| jQuery function| Swiper undefined| $items undefined| tpl function| addAsen function| saveImages function| downloadImages function| download function| get function| renderHigh function| renderItems function| throttle function| isMobile object| mySwiper number| h12_adscount object| __h12jsonobj object| h12_uop number| CurScrTop number| CurViewFrameHeight function| view_handler

2 Cookies

Domain/Path Name / Value
saveig.org/ Name: __cflb
Value: 3661239712
.saveig.org/ Name: __cfduid
Value: dddf32e5fce605ef7c96a22c569ebda041578407144

2 Console Messages

Source Level URL
Text
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js(Line 2)
Message:
jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at HTMLDocument.<anonymous> (https://saveig.org/js/art.js?v9:1:2813) at l (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js:2:29375) at c (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js:2:29677) undefined
console-api log URL: https://tags.h12-media.com/v2/tags.js?placement=e48de04f6c24de7eca2f5b62edfcd4b8&ind2=1&ind=1&type=standard&size=336x280&appearance=standard&pname=CHR&name=%20&code=std&freq=&pb=true&bref=https%3A%2F%2Fsaveig.org%2Fp%2FBxMCs-glFZS%2F&href=&rnd=0.4332704670514933&allowbackup=true&sability=true&cvfsy=0,1200&mmtitw=56,256&bpos=520%2C156&bposscr=520%2C156&cdim=1600%2C1200&ddim=1600%2C1200&clngs=en-US&mdi=2&mhi=15(Line 54)
Message:
w: 0.03 s: 0.03 banner

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ams-tr.contextweb.com
anlcld.com
bh.contextweb.com
bid.contextweb.com
bidder.criteo.com
cdnjs.cloudflare.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.liadm.com
idsync.rlcdn.com
p.adsymptotic.com
pagead2.googlesyndication.com
pagiwp.com
pixel.quantserve.com
pp-m.ns1p.net
s0.2mdn.net
saveig.org
scontent-dfw5-2.cdninstagram.com
tags.h12-media.com
thrtle.com
tpc.googlesyndication.com
www.googletagservices.com
104.18.100.194
151.101.12.166
154.51.131.137
178.250.0.165
216.58.205.226
2606:4700:20::681a:9a6
2606:4700:30::6818:68f1
2606:4700::6811:4004
2a00:1450:4001:816::2001
2a00:1450:4001:817::2002
2a00:1450:4001:817::2003
2a00:1450:4001:81f::2006
2a00:1450:4001:824::200a
2a03:2880:f234:1c5:face:b00c:0:43fe
35.176.88.2
35.190.72.21
45.77.54.226
52.18.60.121
52.2.118.207
52.203.138.37
74.214.194.133
74.214.194.142
88.208.35.77
91.228.74.226
03170be1a3e868ed7cb8ab9fd5fe22f4d66610ceac08602b83ca2b294e159f28
0800f0b19e6c7f35369d10505dd05e02352bb255fd88b63d1ab3f1628eaf5f06
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
1529224e7f0d1dbb6cb34912d804e6bdcb2e7a6dff585eae58f53771ef544475
15fc980e2d05cf9333045a7ba43b3b4cbfd7e61e1eb9b47be00f01ce1e14589f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
245ba38cddabbcc91f366577571bb06fa92beefb8fdc7896b32f2ba6fcf01796
299dba63b13547cc4a44f11044d03c44ffe0eb56b35ff60c1630775ec775d962
2cb5dbda7ec3d42bd1127b45b2ddb735d74b45f985c69877179d69e17806d4a8
39400a421f4573caa4a28e17c647a0526591961606a88597e1ab59296d9de166
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5d865984a30f8eaae2831babb7748423eb0305bccf38dfadeca7094bbbdc218a
5eb48c413427765058e001d0c562f2cf4d9341a663e155db8b63e864e9372997
648b7ff9a487fa29daebcc2cdb1ac3a46a2185b59dfd080e59e09ef05f8fe416
6559a23068533d28e9e1956281c4899c9df56fbc969115f79132e0940751dc82
77314b7ef8cd9bf4afddb9027b22584785fba50860bdefbfa77b69a6e5a5c154
7b623f2e8a6c442fe47a16d18a565aba1c611dd1b48a14259b822cb1d74d4e3d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a229d90bb4292aec2ae05c7e88c8e443607f0b636fac606c5277c6bbee5ff112
aa0db3672633757ed794c111b9a4b286482fee6258796dfaff605b36ed1c3844
ab58b1d0ab7385f4fcd78a86d46d463d78f461bd76943c65d1c4f5d2bce6a6b3
b2261ed9845ee787269acd8cd593558ed44d9894d0d4d09cfb42f0dd01ed00d0
b3df7ef0ae394d4bb9eee1cb6a76551b7c5ddc66fdec0391a11cbe68699b1481
b58f9e33cb0610010c4af74e9eb1d407e132047fcd5af593867d92639f4cdc8a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cdf0f7d05c2ad1605b7bb817cc7bc6866e4b3be120e6ecc654cc3352ea0c6d7e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6c70995067eeebdf3a37aa1bb8bd359504bf10c18d0dc984a8c073c223cfe5
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d18241b5e111f6c01f3d9d8b0429d2be3ca0f1f5c8c68e0366acf99b63d0044b
dc255e292a64668de4e3e51466c5b257603a4343c21debcbd69ab50fdcd99843
df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8677c61bbe8ccbc116f747cd52f0aab1a06bdeec84c9f536626afab9056884f
ebd3b40fd7b61f3523caefdce2a0fb03f2f29498cf92caf914fb3713e30dc64f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff009f65a7b3992a23940f848ffd086fc52405ef7e8c602d816d41d6143f53e1