mail.save-ukraine.live Open in urlscan Pro
139.162.186.93  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

• https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1646602658861 HTTP 302
• https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1646602658861

Request Chain 41

• http://connect.facebook.net/en_US/fbevents.js HTTP 307
• https://connect.facebook.net/en_US/fbevents.js

Request Chain 47

• https://cm.everesttech.net/cm/dd?d_uuid=36317768831545690351409426647893275418 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiUpowAAAEAU5gPx

Request Chain 63

• https://pixel.sitescout.com/dmp/asyncPixelSync HTTP 302
• https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

Request Chain 64

• https://pixel.sitescout.com/iap/5919bb7250f42d43 HTTP 302
• https://pixel.sitescout.com/iap/5919bb7250f42d43?cookieQ=1

Request Chain 73

• https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341

Request Chain 74

• https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent= HTTP 302
• https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
• https://load77.exelator.com/pixel.gif

Request Chain 76

• https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent= HTTP 302
• https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent=&ct=y

Request Chain 81

• http://dpx.airpr.com/px?hostname=mail.save-ukraine.live&profile=405343&om_account_type=OM&om_c=311294D19D5A9BD6-60000DFC53BD8EB1&om_fallback_c=undefined&an=true HTTP 302
• https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=16275297246 HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdpx.airpr.com%2Fanpx%3Fadnxs_uid%3D%24UID%26airpr_id%3D16275297246 HTTP 302
• https://dpx.airpr.com/anpx?adnxs_uid=5956904793354044640&airpr_id=16275297246

Request Chain 88

• http://10359930.fls.doubleclick.net/activityi;src=10359930;type=leadg0;cat=leadg0;ord=7687148731782;gtm=2wg320;auiddc=973636797.1646602661;~oref=http%3A%2F%2Fmail.save-ukraine.live%2F HTTP 302
• http://10359930.fls.doubleclick.net/activityi;dc_pre=CP2W0_W4svYCFZgG0AQdOvQCSQ;src=10359930;type=leadg0;cat=leadg0;ord=7687148731782;gtm=2wg320;auiddc=973636797.1646602661;~oref=http%3A%2F%2Fmail.save-ukraine.live%2F

Request Chain 105

• https://sync.search.spotxchange.com/partner?adv_id=7308&uid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7308&uid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&__user_check__=1&sync_id=a69fe80d-9d95-11ec-ad3b-1b186c970403

Request Chain 107

• https://us-u.openx.net/w/1.0/sd?id=537072977&val=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent= HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent=

Request Chain 108

• http://dpx.airpr.com/px?hostname=mail.save-ukraine.live&profile=405343&om_account_type=OM&om_c=311294D2E2C6B967-400015CC7DFF8CB4&om_fallback_c=undefined&an=true HTTP 302
• https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=16275297505 HTTP 302
• https://dpx.airpr.com/anpx?adnxs_uid=5956904793354044640&airpr_id=16275297505

Request Chain 110

• http://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvjd8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=0e96414c-3f9d-47b5-9ad1-fd5adabd0a37&tw_document_href=http%3A%2F%2Fmail.save-ukraine.live%2F HTTP 301
• https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvjd8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=0e96414c-3f9d-47b5-9ad1-fd5adabd0a37&tw_document_href=http%3A%2F%2Fmail.save-ukraine.live%2F

Request Chain 116

• https://gum.criteo.com/sid/json?origin=onetag&domain=save-ukraine.live&sn=ChromeSyncframe&so=0&topUrl=mail.save-ukraine.live&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=7YY943x4eHMvSUN0RUlTY2h2M2RuV3dFTE45bExKTE5BbU9qMzZGeXRNbXMwWVB3TlRBSmh4T0pWemhubXQzWUNmcnBXZkd3bjJrZ2I1N3pUWjBiQXBLN1JyY3djQ0ZiMlFxVzBwZU53VkVycVgxWjFGT0t5WTBIZE1RTGhjTlhxbjUyenRCSWg4YWZFZytDWHRMSDMvYU1EZUg2cG5JaHFEV1BpT0RwdVBCdVRHVzhVT010K0RMbjhDL29ZWjdHN0tFdmVGNjEvQXNtNkNoTTBkRE9CTGhjYzdMTFhpQUx0RGR5NkhaZk5jMHhRM2hLQUdHY3BQamVrMDF6VXpRMVV1T2EwNTlyK012dkFJeEo1dkE5K3VhRkZXZz09fA&cppv=2

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response mail.save-ukraine.live/	100 KB 100 KB	200ms 101ms	Document text/html	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 0d8e6732b69b636b673dae144e97fb362e969c98c55402a4bf35373eab13537d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers Date Sun, 06 Mar 2022 21:37:37 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Last-Modified Sun, 06 Mar 2022 21:37:15 GMT Accept-Ranges bytes Content-Length 102027 Content-Type text/html
GET H/1.1	200 OK	clientlib-vendor.98417dd671c9971fd8f4053e024f7acf.css mail.save-ukraine.live/files/	4 KB 4 KB	212ms 104ms	Stylesheet text/css	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/clientlib-vendor.98417dd671c9971fd8f4053e024f7acf.css Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 680cfbbaa8a2a1cd8a34b50dc714a8624e4643021cbbdba66ae21a4e7bd4e773 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:37 GMT Last-Modified Sat, 05 Mar 2022 20:04:41 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type text/css Content-Length 4065
GET H/1.1	200 OK	clientlib-all.b6a5d27d93fa9e091e9728d887632fff.css mail.save-ukraine.live/files/	485 KB 486 KB	209ms 103ms	Stylesheet text/css	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/clientlib-all.b6a5d27d93fa9e091e9728d887632fff.css Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash d6c7ec92976c427415d67096565bc36b19b54f706cf4e96c6e6e19bd293f2e98 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:37 GMT Last-Modified Sun, 06 Mar 2022 20:19:48 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type text/css Content-Length 497021
GET H/1.1	200 OK	sv.js.download Show response mail.save-ukraine.live/files/	64 KB 64 KB	210ms 104ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/sv.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash ca906fcc972c7a8ddadd9cb4c7d83d92005a8d2a61d4304148f443c79647f3cb Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:37 GMT Last-Modified Sat, 05 Mar 2022 20:04:42 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 65466
GET H/1.1	200 OK	airpr.js.download Show response mail.save-ukraine.live/files/	7 KB 7 KB	604ms 102ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/airpr.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 529b9c583e6cf8da02c9cadf8c38b5714198f0fde2dcde01da2d5ee681228738 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sat, 05 Mar 2022 20:04:43 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 7406
GET H/1.1	200 OK	obtp.js.download Show response mail.save-ukraine.live/files/	8 KB 8 KB	713ms 102ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/obtp.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sat, 05 Mar 2022 20:04:43 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 7727
GET H/1.1	200 OK	savethechildren.js.download Show response mail.save-ukraine.live/files/	73 KB 73 KB	326ms 99ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/savethechildren.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash e8f5ff36a19c6bc4d860a76a102ed258146875cbac93ca77db446ac2e49921b5 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sat, 05 Mar 2022 20:04:44 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 74668
GET H/1.1	200 OK	uwt.js.download Show response mail.save-ukraine.live/files/	14 KB 14 KB	282ms 101ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/uwt.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sat, 05 Mar 2022 20:04:44 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 14407
GET H/1.1	200 OK	di.js.download Show response mail.save-ukraine.live/files/	177 KB 178 KB	213ms 102ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/di.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 99105a532b4f1f386691fa4803a0c966c6f66dd568b64f72021ade22d232f222 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sat, 05 Mar 2022 20:04:45 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 181592
GET H/1.1	200 OK	fbevents.js.download Show response mail.save-ukraine.live/files/	99 KB 100 KB	215ms 111ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/fbevents.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sat, 05 Mar 2022 20:04:45 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 101716
GET H/1.1	200 OK	cc.js.download Show response mail.save-ukraine.live/files/	39 B 282 B	212ms 107ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/cc.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 540d4ffaf2a87424f49c4e5f16f2bc954a5948c787417141e00211b9d3bb8fa3 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sat, 05 Mar 2022 20:04:45 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 39
GET H/1.1	200 OK	gtm.js.download Show response mail.save-ukraine.live/files/	207 KB 207 KB	207ms 105ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/gtm.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash f0d9cd1c8f9ae6bf6b96746f8143abfb8f982cab1f1b0bc826fe813f20a5f2be Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sat, 05 Mar 2022 20:04:46 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 211789
GET H/1.1	200 OK	uc.js.download Show response mail.save-ukraine.live/files/	91 KB 91 KB	207ms 103ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/uc.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 8d21dcd4801573edce931aa643b2293ca9ca1ad8664feb497bbfa146c3c881b4 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sat, 05 Mar 2022 20:04:46 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 92930
GET H/1.1	200 OK	launch-d47d2de11878.min.js.download Show response mail.save-ukraine.live/files/	333 KB 333 KB	211ms 105ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/launch-d47d2de11878.min.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 540d73bc514967dffebc3db669a40125f228568fe8781aa096abff4f4c49931c Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:37 GMT Last-Modified Sat, 05 Mar 2022 20:04:47 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 341148
GET H/1.1	200 OK	AppMeasurement.min.js.download Show response mail.save-ukraine.live/files/	33 KB 33 KB	206ms 105ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/AppMeasurement.min.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sat, 05 Mar 2022 20:04:47 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 33522
GET H/1.1	200 OK	AppMeasurement_Module_ActivityMap.min.js.download Show response mail.save-ukraine.live/files/	3 KB 3 KB	210ms 104ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/AppMeasurement_Module_ActivityMap.min.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:40 GMT Last-Modified Sat, 05 Mar 2022 20:04:47 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 3303
GET H2	200	css fonts.googleapis.com/	708 B 869 B	84ms 37ms	Stylesheet text/css	2607:f8b0:4006:80d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato&display=swap Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 06 Mar 2022 20:02:04 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 06 Mar 2022 21:37:37 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 06 Mar 2022 21:37:37 GMT
GET H/1.1	200 OK	slogo.png mail.save-ukraine.live/files/	4 KB 5 KB	193ms 106ms	Image image/png	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL http://mail.save-ukraine.live/files/slogo.png Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash a40cc2978c3ba0dfdbac3e7e0d21cca432027f3feb6cf31a9e7749a663233c6c Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sun, 06 Mar 2022 13:49:15 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type image/png Content-Length 4468
GET H/1.1	200 OK	icrclogo.png mail.save-ukraine.live/files/	9 KB 9 KB	185ms 105ms	Image image/png	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL http://mail.save-ukraine.live/files/icrclogo.png Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 7bd34e64620b33c9a5f4f5854cefd50bb8ae86874798ae4421638fd650331a11 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sun, 06 Mar 2022 17:45:02 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type image/png Content-Length 9153
GET H/1.1	200 OK	zsulogo.png mail.save-ukraine.live/files/	12 KB 12 KB	377ms 103ms	Image image/png	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL http://mail.save-ukraine.live/files/zsulogo.png Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 0f04dbbc1dc995635e179a633b5987fe1ab13a9438ca20589d25b0cd5a5293fc Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sun, 06 Mar 2022 17:51:41 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type image/png Content-Length 12340
GET H/1.1	200 OK	img1.jpg mail.save-ukraine.live/files/	40 KB 40 KB	382ms 101ms	Image image/jpeg	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL http://mail.save-ukraine.live/files/img1.jpg Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 3c398b903ad03de03cc6dae913517054b73cba96960fbfc5e35b0a5d20c1578f Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sat, 05 Mar 2022 20:04:48 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type image/jpeg Content-Length 41233
GET H/1.1	200 OK	img2.jpg mail.save-ukraine.live/files/	80 KB 80 KB	204ms 103ms	Image image/jpeg	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL http://mail.save-ukraine.live/files/img2.jpg Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 836a61b71e10792ef867583293679527b50e177fd56fa2255acac129231e5d6d Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:40 GMT Last-Modified Sat, 05 Mar 2022 20:04:48 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type image/jpeg Content-Length 81520
GET H/1.1	200 OK	img3.jpg mail.save-ukraine.live/files/	631 KB 631 KB	205ms 104ms	Image image/jpeg	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL http://mail.save-ukraine.live/files/img3.jpg Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash f7d6f4510379b7b5bcbfd97e47581e8ca8b7d0686fc0596ab77ddb89522faee9 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:40 GMT Last-Modified Sun, 06 Mar 2022 16:39:16 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type image/jpeg Content-Length 645960
GET H/1.1	200 OK	amazon.jpg mail.save-ukraine.live/files/	53 KB 53 KB	201ms 103ms	Image image/jpeg	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL http://mail.save-ukraine.live/files/amazon.jpg Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash acc886eb0ffdf7d53f527f352d3492fd51b390b4ed3552ac5c4be1ee0dfafeac Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:40 GMT Last-Modified Sun, 06 Mar 2022 20:11:07 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type image/jpeg Content-Length 53775
GET H/1.1	200 OK	ebay.jpg mail.save-ukraine.live/files/	89 KB 89 KB	199ms 102ms	Image image/jpeg	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL http://mail.save-ukraine.live/files/ebay.jpg Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash d0c45c271403d0d8df18881ad2435583998c1aec1fa3d195e330a28118c9058c Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:40 GMT Last-Modified Sun, 06 Mar 2022 20:07:32 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type image/jpeg Content-Length 91227
GET H/1.1	200 OK	udemy.jpg mail.save-ukraine.live/files/	46 KB 46 KB	199ms 100ms	Image image/jpeg	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL http://mail.save-ukraine.live/files/udemy.jpg Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash e14e35f0f3dea2382dbbbd4f4eccc2bae72f04ac5ea1ec0f1fb9f2393c399fe1 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:40 GMT Last-Modified Sun, 06 Mar 2022 20:22:41 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type image/jpeg Content-Length 46839
GET H/1.1	200 OK	walmart.jpg mail.save-ukraine.live/files/	73 KB 73 KB	204ms 106ms	Image image/jpeg	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL http://mail.save-ukraine.live/files/walmart.jpg Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 7c22d8954635858f95e86b1a0b771d5de99ee136aa97454d9d66702b93079abe Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:40 GMT Last-Modified Sun, 06 Mar 2022 20:32:58 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type image/jpeg Content-Length 74492
GET H/1.1	200 OK	clientlib-vendor.5b5e83dfed6bd60101f7bd5731b97552.js.download Show response mail.save-ukraine.live/files/	734 KB 735 KB	199ms 103ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/clientlib-vendor.5b5e83dfed6bd60101f7bd5731b97552.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 3fa8447f380e3a8bdd425cbc8e19d4bae44876bb2fdcc70ca197da18a158b54e Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:38 GMT Last-Modified Sat, 05 Mar 2022 20:04:50 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 752120
GET H/1.1	200 OK	clientlib-datalayer.8e49d1c8076e9bab47ae8f043e187874.js.download Show response mail.save-ukraine.live/files/	58 KB 59 KB	199ms 101ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/clientlib-datalayer.8e49d1c8076e9bab47ae8f043e187874.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash dd281a7531203c3adf83ee03d209629c54c5c39dcdec1ebdd8fcd1be74e54132 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:38 GMT Last-Modified Sat, 05 Mar 2022 20:04:50 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 59778
GET H/1.1	200 OK	clientlib-site.8f7ed616e2262e1f5914d6d180859b79.js.download Show response mail.save-ukraine.live/files/	134 KB 134 KB	196ms 99ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/clientlib-site.8f7ed616e2262e1f5914d6d180859b79.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 8b8bb51dc9298e8e7b03961d0660a44230bfdf42fc3fa6effae48877da37795d Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:38 GMT Last-Modified Sat, 05 Mar 2022 20:04:50 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 137018
GET H/1.1	200 OK	api.min.js.download Show response mail.save-ukraine.live/files/	205 KB 205 KB	194ms 99ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/api.min.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 507ce7426c190c3d954909e634c514914c57d3f311fc022b560260614b596196 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:40 GMT Last-Modified Sat, 05 Mar 2022 20:04:50 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 209543
GET H/1.1	200 OK	ld.js.download Show response mail.save-ukraine.live/files/	40 KB 40 KB	410ms 102ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/ld.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sat, 05 Mar 2022 20:04:50 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 40879
GET H/1.1	200 OK	Bootstrap.js.download Show response mail.save-ukraine.live/files/	29 KB 29 KB	417ms 99ms	Script application/javascript	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/Bootstrap.js.download Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash ae38175bf519816017968af83cf5a9eb4d325d9fd274a3c6f9e00b9d6c2516e7 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Last-Modified Sat, 05 Mar 2022 20:04:52 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Accept-Ranges bytes Content-Type application/javascript Content-Length 29321
GET H/1.1	200 OK	rd Show response dpm.demdex.net/id/ Redirect Chain https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1646602658861 https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1646602658861	362 B 1 KB	79ms 79ms	XHR application/json	52.25.168.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1646602658861 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 52.25.168.181 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-25-168-181.us-west-2.compute.amazonaws.com Software / Resource Hash 1d547b4f54c6975e0b98e356797419fe6297778a125aad8d6b6470ac991f1bac Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers DCS dcs-prod-usw2-2-v026-0306e08de.edge-usw2.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID 2NqSEwf1RYU= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin http://mail.save-ukraine.live Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 307 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-usw2-1-v026-018537d0e.edge-usw2.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains Access-Control-Allow-Origin http://mail.save-ukraine.live X-TID NdOADk0URgA= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1646602658861 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	AppMeasurement.min.js Show response assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/	33 KB 12 KB	79ms 20ms	Script application/x-javascript	2600:1400:d:586::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/launch-d47d2de11878.min.js.download Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:38 GMT content-encoding gzip last-modified Mon, 18 Oct 2021 21:37:16 GMT server AkamaiNetStorage etag "820eb42f3120ddf65e303b24a8285815:1634593036.305122" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin http://mail.save-ukraine.live cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 12200 expires Sun, 06 Mar 2022 22:37:38 GMT
GET H2	200	AppMeasurement_Module_ActivityMap.min.js Show response assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/	3 KB 2 KB	80ms 22ms	Script application/x-javascript	2600:1400:d:586::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_ActivityMap.min.js Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/launch-d47d2de11878.min.js.download Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:39 GMT content-encoding gzip last-modified Mon, 18 Oct 2021 21:37:16 GMT server AkamaiNetStorage etag "abbe69e5c8f385f00652c3d0c2bba347:1634593036.557115" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin http://mail.save-ukraine.live cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 1594 expires Sun, 06 Mar 2022 22:37:39 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	207 KB 71 KB	86ms 35ms	Script application/javascript	2607:f8b0:4006:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5LXXS3R Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2008 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a8fcf2276a4fa3d961461caef530f6b3664ee16f8f86ece5f72ac75535d78221 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:38 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 72039 x-xss-protection 0 last-modified Sun, 06 Mar 2022 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 06 Mar 2022 21:37:38 GMT
GET H/1.1	404 Not Found	sign-in.svg mail.save-ukraine.live/files/clientlib-site/images/icons/	315 B 315 B	381ms 105ms	Image text/html	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL http://mail.save-ukraine.live/files/clientlib-site/images/icons/sign-in.svg Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/clientlib-all.b6a5d27d93fa9e091e9728d887632fff.css Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/files/clientlib-all.b6a5d27d93fa9e091e9728d887632fff.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Server Apache Connection close Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	oswald-medium-latin.woff2 mail.save-ukraine.live/files/clientlib-site/fonts/	0 0	186ms 100ms	Font text/html	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/clientlib-site/fonts/oswald-medium-latin.woff2 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/clientlib-all.b6a5d27d93fa9e091e9728d887632fff.css Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash Request headers Referer http://mail.save-ukraine.live/files/clientlib-all.b6a5d27d93fa9e091e9728d887632fff.css Origin http://mail.save-ukraine.live Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Server Apache Connection close Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v22/	23 KB 24 KB	71ms 20ms	Font font/woff2	2607:f8b0:4006:816::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://mail.save-ukraine.live Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 02 Mar 2022 19:30:02 GMT x-content-type-options nosniff age 353256 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23580 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:14:03 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 02 Mar 2023 19:30:02 GMT
GET H/1.1	404 Not Found	lato-normal-bold-latin.woff2 mail.save-ukraine.live/files/clientlib-site/fonts/	0 0	136ms 100ms	Font text/html	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/clientlib-site/fonts/lato-normal-bold-latin.woff2 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/clientlib-all.b6a5d27d93fa9e091e9728d887632fff.css Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash Request headers Referer http://mail.save-ukraine.live/files/clientlib-all.b6a5d27d93fa9e091e9728d887632fff.css Origin http://mail.save-ukraine.live Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Server Apache Connection close Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H2	200	S6uyw4BMUTPHjxAwXjeu.woff2 fonts.gstatic.com/s/lato/v22/	5 KB 5 KB	22ms 20ms	Font font/woff2	2607:f8b0:4006:816::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjxAwXjeu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://mail.save-ukraine.live Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 00:43:32 GMT x-content-type-options nosniff age 248047 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5472 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:14:05 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 04 Mar 2023 00:43:32 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/ Redirect Chain http://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/en_US/fbevents.js	99 KB 27 KB	59ms 19ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol H2 Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26291 x-xss-protection 0 pragma public x-fb-debug JDBF/SdZQOIXfy4hjI9ui1tuOUDWS2IR4uGoEHlrYjH6eowDLdEae2oGwHQV383/p8sY5+yPmtEvVEF7ms+iWQ== x-fb-trip-id 1512268381 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Sun, 06 Mar 2022 21:37:39 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT Redirect headers Location https://connect.facebook.net/en_US/fbevents.js Non-Authoritative-Reason HSTS Cross-Origin-Resource-Policy Cross-Origin
GET H2	200	di.js Show response cdn.decibelinsight.net/i/13874/253647/	177 KB 69 KB	99ms 40ms	Script text/javascript	99.84.42.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.decibelinsight.net/i/13874/253647/di.js Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.42.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-42-66.ewr52.r.cloudfront.net Software nginx / Resource Hash 99105a532b4f1f386691fa4803a0c966c6f66dd568b64f72021ade22d232f222 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:39 GMT content-encoding gzip server nginx x-amz-cf-pop EWR52-C4 etag W/000071179-17F49871D47 strict-transport-security max-age=31536000 access-control-allow-methods GET, POST, OPTIONS content-type text/javascript; charset=utf-8 via 1.1 70641f5df56ba9a18ec1e10fa85bf5ee.cloudfront.net (CloudFront) cache-control private, max-age=5400 access-control-allow-credentials true x-cache Hit from cloudfront timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override x-amz-cf-id lkB7g10jofcbDCDILifppx1HidQlqzOR1b890jkV2sxDqmN5cj5XEg==
GET H3	200	175734969458030 Show response connect.facebook.net/signals/config/	309 KB 88 KB	45ms 22ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/175734969458030?v=2.9.55&r=stable Requested by Host: connect.facebook.net URL: http://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a471e72ac9d422c4ca9c19d301da32376fa1e88df6b978f656ed1f027bf60599 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 89649 x-xss-protection 0 pragma public x-fb-debug dFl7PCFLt1e7GDpVF8DW5eoR9FABSbnevfrPE6LWQMkmEK5Y4SCAF5jOC7O2esZJad6ht9wYWF1GT6Yd82S90w== x-frame-options DENY date Sun, 06 Mar 2022 21:37:39 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 410 B	60ms 18ms	Image image/gif	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=175734969458030&ev=PageView&dl=http%3A%2F%2Fmail.save-ukraine.live%2F&rl=&if=false&ts=1646602659273&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22476958242912126%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%222690107274549883%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22512804019569006%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22554416668662072%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221151582051705481%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1646602659270.1083102518&it=1646602659164&coo=false&exp=p1&rqm=GET Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:39 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Sun, 06 Mar 2022 21:37:39 GMT
GET H/1.1	200 OK	dest5.html Show response stc.demdex.net/ Frame 1CC4	7 KB 3 KB	335ms 83ms	Document text/html	35.160.171.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stc.demdex.net/dest5.html?d_nsid=0 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/launch-d47d2de11878.min.js.download Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.160.171.157 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-160-171-157.us-west-2.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding gzip Content-Type text/html;charset=UTF-8 date Sun, 6 Mar 2022 21:37:39 GMT DCS dcs-prod-usw2-2-v026-029a1836c.edge-usw2.demdex.com UNKNOWN Expires Thu, 01 Jan 1970 00:00:00 UTC last-modified Fri, 4 Mar 2022 17:57:32 GMT P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains vary accept-encoding X-TID 7Kl4z0DeTx0= transfer-encoding chunked Connection keep-alive
GET H2	200	id Show response smetrics.savethechildren.org/	48 B 518 B	270ms 89ms	XHR application/x-javascript	54.212.155.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://smetrics.savethechildren.org/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=6B0E659F56A9E70D7F000101%40AdobeOrg&mid=36694265362621004751370651446777336234&ts=1646602659290 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/launch-d47d2de11878.min.js.download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.212.155.93 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-212-155-93.us-west-2.compute.amazonaws.com Software jag / Resource Hash c0e93dabb45149bab04651d764ffdb44af0e89ea2aea495c686d469a2168b413 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://mail.save-ukraine.live/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 06 Mar 2022 21:37:39 GMT x-content-type-options nosniff server jag xserver anedge-74fcddc49f-mprg8 vary Origin x-c main-1585.I7afc85.M0-540 p3p CP="This is not a P3P policy" access-control-allow-origin http://mail.save-ukraine.live cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type application/x-javascript;charset=utf-8 content-length 48 x-xss-protection 1; mode=block
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=YiUpowAAAEAU5gPx dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=36317768831545690351409426647893275418 https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiUpowAAAEAU5gPx	42 B 943 B	85ms 85ms	Image image/gif	52.25.168.181 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiUpowAAAEAU5gPx Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 52.25.168.181 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-25-168-181.us-west-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers DCS dcs-prod-usw2-2-v026-07dcbb69c.edge-usw2.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID wU9JYPi6Rpg= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiUpowAAAEAU5gPx Date Sun, 06 Mar 2022 21:37:39 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
POST H/1.1	200	delivery Show response savethechildrenfeder.tt.omtrdc.net/rest/v1/	363 B 767 B	55ms 31ms	XHR application/json	174.129.150.141 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://savethechildrenfeder.tt.omtrdc.net/rest/v1/delivery?client=savethechildrenfeder&sessionId=03ffa27c13c046e7b7b00e29a98688a5&version=2.7.0 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/launch-d47d2de11878.min.js.download Protocol HTTP/1.1 Server 174.129.150.141 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-174-129-150-141.compute-1.amazonaws.com Software / Resource Hash d42613f171a5d8c327d6ff34640053572d4fcc9ab4f71538275b8c2923fde886 Request headers Referer http://mail.save-ukraine.live/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Content-Encoding gzip Vary origin,access-control-request-method,access-control-request-headers,accept-encoding Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin http://mail.save-ukraine.live Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin * Transfer-Encoding chunked X-Request-ID 7164e1cddb38229184ef667c84a475f5
GET H/1.1	200 OK	saved_resource.html Show response mail.save-ukraine.live/files/ Frame C9E3	312 B 543 B	137ms 99ms	Document text/html	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/saved_resource.html Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash f954220afbeb8b4d4f943e145d6a2e48fd0b27f643cbd05b1df8b47425e06474 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Last-Modified Sat, 05 Mar 2022 20:04:52 GMT Accept-Ranges bytes Content-Length 312 Content-Type text/html
GET H/1.1	200 OK	bc-v3.min.html Show response mail.save-ukraine.live/files/ Frame 558B	2 KB 3 KB	194ms 99ms	Document text/html	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://mail.save-ukraine.live/files/bc-v3.min.html Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software Apache / Resource Hash 515bd65030a3180a8ae52b741f51771b8ee5b357e2997ed55c2a0bbb8175f71f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Server Apache Upgrade h2,h2c Connection Upgrade, close Last-Modified Sat, 05 Mar 2022 20:04:52 GMT Accept-Ranges bytes Content-Length 2465 Content-Type text/html
GET H/1.1	200 OK	savethechildren.js Show response d1n00d49gkbray.cloudfront.net/js/	73 KB 25 KB	67ms 49ms	Script application/javascript	2600:9000:2140:c00:9:7c30:be80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d1n00d49gkbray.cloudfront.net/js/savethechildren.js Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 2600:9000:2140:c00:9:7c30:be80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e8f5ff36a19c6bc4d860a76a102ed258146875cbac93ca77db446ac2e49921b5 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 04:26:38 GMT Content-Encoding gzip Age 61862 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Tue, 02 Feb 2021 22:28:11 GMT Server AmazonS3 ETag W/"e91de117439869356397fbef0c0378b6" Vary Accept-Encoding x-amz-version-id 5vZDlZA6TdRkScvdIdu529Oi3p9aXyYC Via 1.1 215207bc7fb93e55e70ed5107d9c8948.cloudfront.net (CloudFront) X-Amz-Cf-Pop EWR52-C1 Content-Type application/javascript X-Amz-Cf-Id 75MDIzugv9wpZBWRfSfdAc0I718M3oqZK6hT9PPc0TWJ1KJkS-vVyA==
GET H/1.1	200 OK	obtp.js Show response amplify.outbrain.com/cp/	8 KB 3 KB	38ms 18ms	Script application/x-javascript	23.52.162.190 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL http://amplify.outbrain.com/cp/obtp.js Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-52-162-190.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 7e8ef05a55eafab5277e6449520107db94dfb01b497a52f283e7ffa6ee49363d Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Content-Encoding gzip Last-Modified Wed, 09 Feb 2022 12:30:38 GMT Server AkamaiNetStorage ETag "23b34d08f648c3f51b232443afced826:1644409863.170279" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control max-age=1200 Connection keep-alive Accept-Ranges bytes Content-Length 3150 Expires Sun, 06 Mar 2022 21:57:39 GMT
GET H/1.1	200 OK	cachedClickId Show response tr.outbrain.com/	35 B 239 B	44ms 22ms	Script application/javascript	64.202.112.95 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Full URL http://tr.outbrain.com/cachedClickId?marketerId=00569da938e06cb48f6f60ece5ae3d324c Requested by Host: amplify.outbrain.com URL: http://amplify.outbrain.com/cp/obtp.js Protocol HTTP/1.1 Server 64.202.112.95 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT content-encoding gzip X-TraceId 319c3d7a28c16021af457fa5e114b89b Content-Length 56 Content-Type application/javascript
GET H/1.1	200 OK	unifiedPixel tr.outbrain.com/	43 B 256 B	40ms 19ms	Image image/gif	64.202.112.95 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL http://tr.outbrain.com/unifiedPixel?marketerId=00569da938e06cb48f6f60ece5ae3d324c&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=http%3A%2F%2Fmail.save-ukraine.live%2F&optOut=false&bust=09018719464963032 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 64.202.112.95 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Cache-Control no-cache X-TraceId 8dbf0e1674e7f81e9a9f63a303553223 content-encoding gzip Content-Length 60 Content-Type image/gif;
GET H/1.1	200 OK	SmarterHandler.ashx Show response tr2.smarterhq.io/app1/	296 B 497 B	51ms 25ms	Script text/javascript	34.196.247.200 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=914200092&i=fyl6dahrce-1092&cb=_smtr.postprocess&cu=true&bv=2.7.17&utc=0&pt=5&href=http%3A%2F%2Fmail.save-ukraine.live%2F&hostn=mail.save-ukraine.live&pathn=%2F Requested by Host: d1n00d49gkbray.cloudfront.net URL: http://d1n00d49gkbray.cloudfront.net/js/savethechildren.js Protocol HTTP/1.1 Server 34.196.247.200 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-196-247-200.compute-1.amazonaws.com Software Kestrel / Resource Hash ece66ef0e496d478ac2ca7be3e06021222130bb7d7fd0af8ce2562c46abe8b10 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sun, 06 Mar 2022 21:37:39 GMT Cache-Control no-store,no-cache Server Kestrel Connection keep-alive Content-Length 296 Content-Type text/javascript
GET H/1.1	200 OK	SmarterHandler.ashx Show response tr2.smarterhq.io/app1/	297 B 498 B	25ms 25ms	Script text/javascript	34.196.247.200 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=1014971611&i=fyl6dahrce-1092&cb=_smtr.postprocess&bv=2.7.17&utc=0&pt=5&href=http%3A%2F%2Fmail.save-ukraine.live%2F&hostn=mail.save-ukraine.live&pathn=%2F&modalc=637821994594571009^017f612a-a681-4441-96e5-d5678f9e282b^017f612a-a681-416f-8d86-bf0e70bafeab^0^149.56.153.185 Requested by Host: d1n00d49gkbray.cloudfront.net URL: http://d1n00d49gkbray.cloudfront.net/js/savethechildren.js Protocol HTTP/1.1 Server 34.196.247.200 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-196-247-200.compute-1.amazonaws.com Software Kestrel / Resource Hash d1fc58f51b96ae062d36963a61daeb0672e70bef0f4f4fd24955810222242ed9 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sun, 06 Mar 2022 21:37:39 GMT Cache-Control no-store,no-cache Server Kestrel Connection keep-alive Content-Length 297 Content-Type text/javascript
GET H/1.1	200 OK	SmarterHandler.ashx Show response tr2.smarterhq.io/app1/	296 B 497 B	50ms 27ms	Script text/javascript	34.196.247.200 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=1073634015&i=fyl6dahrce-1092&cb=_smtr.postprocess&bv=2.7.17&utc=0&pt=5&href=http%3A%2F%2Fmail.save-ukraine.live%2F&hostn=mail.save-ukraine.live&pathn=%2F&modalc=637821994594571009^017f612a-a681-4441-96e5-d5678f9e282b^017f612a-a681-416f-8d86-bf0e70bafeab^0^149.56.153.185 Requested by Host: d1n00d49gkbray.cloudfront.net URL: http://d1n00d49gkbray.cloudfront.net/js/savethechildren.js Protocol HTTP/1.1 Server 34.196.247.200 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-196-247-200.compute-1.amazonaws.com Software Kestrel / Resource Hash 2ebf5a678291077af16c08049ebeed473843d654cf6a4b6c43b702d9ea746b19 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sun, 06 Mar 2022 21:37:39 GMT Cache-Control no-store,no-cache Server Kestrel Connection keep-alive Content-Length 296 Content-Type text/javascript
GET H/1.1	200 OK	/ Show response onsiteshq.smarterhq.io/api/v3/onsite/	111 B 326 B	62ms 37ms	Script text/plain	34.230.188.212 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://onsiteshq.smarterhq.io/api/v3/onsite/?instanceId=fyl6dahrce-1092&loiId=017f612a-a681-4441-96e5-d5678f9e282b&sessionId=017f612a-a681-416f-8d86-bf0e70bafeab&url=http%3A%2F%2Fmail.save-ukraine.live%2F&callback=_smtr.postprocess&r=737924734&isNewVisitor=true&accountId=228&isEmailProvided=false&espSubIdProvided=false&ref=http%3A%2F%2Fmail.save-ukraine.live%2F Requested by Host: d1n00d49gkbray.cloudfront.net URL: http://d1n00d49gkbray.cloudfront.net/js/savethechildren.js Protocol HTTP/1.1 Server 34.230.188.212 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-230-188-212.compute-1.amazonaws.com Software Kestrel / Resource Hash 15d6dff53a85e601ddd4a1e658129efdeedaf6d1f5c27ff624a480bdbf491210 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Server Kestrel Connection keep-alive Transfer-Encoding chunked X-Request-Id 0HMEBRHPA3QNN:00000493 Content-Type text/plain; charset=utf-8
GET H/1.1	200 OK	/ Show response onsiteshq.smarterhq.io/api/v3/onsite/	111 B 326 B	69ms 43ms	Script text/plain	34.230.188.212 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://onsiteshq.smarterhq.io/api/v3/onsite/?instanceId=fyl6dahrce-1092&loiId=017f612a-a681-4441-96e5-d5678f9e282b&sessionId=017f612a-a681-416f-8d86-bf0e70bafeab&url=http%3A%2F%2Fmail.save-ukraine.live%2F&callback=_smtr.postprocess&r=1582641144&isNewVisitor=true&accountId=228&isEmailProvided=false&espSubIdProvided=false&ref=http%3A%2F%2Fmail.save-ukraine.live%2F Requested by Host: d1n00d49gkbray.cloudfront.net URL: http://d1n00d49gkbray.cloudfront.net/js/savethechildren.js Protocol HTTP/1.1 Server 34.230.188.212 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-230-188-212.compute-1.amazonaws.com Software Kestrel / Resource Hash 15d6dff53a85e601ddd4a1e658129efdeedaf6d1f5c27ff624a480bdbf491210 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Server Kestrel Connection keep-alive Transfer-Encoding chunked X-Request-Id 0HMEBRHPA3Q5K:00000BB2 Content-Type text/plain; charset=utf-8
GET H/1.1	200 OK	airpr.js Show response px.airpr.com/	7 KB 3 KB	36ms 17ms	Script application/javascript	99.84.42.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://px.airpr.com/airpr.js Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 99.84.42.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-42-111.ewr52.r.cloudfront.net Software nginx / Resource Hash 529b9c583e6cf8da02c9cadf8c38b5714198f0fde2dcde01da2d5ee681228738 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 20:32:00 GMT Content-Encoding gzip Connection keep-alive Last-Modified Wed, 01 Aug 2018 01:39:57 GMT Server nginx Age 3939 ETag "5b610f6d-853" X-Cache Hit from cloudfront Content-Type application/javascript; charset=utf-8 Via 1.1 70641f5df56ba9a18ec1e10fa85bf5ee.cloudfront.net (CloudFront) Cache-Control max-age=43200 X-Amz-Cf-Pop EWR52-C4 Content-Length 2131 X-Amz-Cf-Id s5-8toRX-CL5-fklzB4xKAEbcKlCFB3HjI_9OHEPaJsRnrE2TMEKsw== Expires Mon, 07 Mar 2022 08:32:00 GMT
GET H/1.1	200 OK	sv.js Show response track.securedvisit.com/js/	61 KB 25 KB	51ms 28ms	Script application/javascript	52.206.33.63 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://track.securedvisit.com/js/sv.js Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 52.206.33.63 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-206-33-63.compute-1.amazonaws.com Software nginx/1.20.2 / Resource Hash 5084a8f80e81fd9395ff42e1b86263270ade562783aaa68aa62f9e8536949436 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sun, 06 Mar 2022 21:37:39 GMT Content-Encoding gzip Last-Modified Sun, 06 Mar 2022 21:37:39 GMT Server nginx/1.20.2 ETag W/"82ef7ad344ea5850db0268753b17cc9e" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control proxy-revalidate, no-cache, private, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive Expires Sun, 06 Mar 2022 21:37:39 GMT
GET H2	200	/ track.securedvisit.com/	43 B 178 B	109ms 57ms	Image image/gif	52.206.33.63 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track.securedvisit.com/?sv_dt=2022-03-06T21%3A37%3A39.557Z&sv_cid=3981_04247&sv_title=Donate%20to%20Help%20Children%20in%20Ukraine%20%7C%20Save%20the%20Children&sv_referrer=&sv_url=http%3A%2F%2Fmail.save-ukraine.live%2F&sv_keywords=save%20the%20children%2Cchildren%2Chumanitarian%20aid&sv_tzOffset=0000&sv_inframe=false&sv_ver=1.8.9&sv_session=fe0f638a9dc3215a81b30c034cc6a28b&sv_first=true&sv_px_domain_data=%7B%22sid_found%22%3Afalse%2C%22ver%22%3A%221.0.0%22%2C%22sid_val%22%3A%22fQc8T7956exOErSDZUi4GPgAu%22%7D Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.206.33.63 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-206-33-63.compute-1.amazonaws.com Software nginx/1.20.2 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sun, 06 Mar 2022 21:37:39 GMT cache-control private, no-cache, proxy-revalidate server nginx/1.20.2 content-length 43 content-type image/gif
GET H2	200	asyncPixelSync Show response pixel.sitescout.com/dmp/ Frame 54BD Redirect Chain https://pixel.sitescout.com/dmp/asyncPixelSync https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1	1 KB 2 KB	27ms 26ms	Document text/html	216.152.140.211 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 216.152.140.211 Herndon, United States, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash fd95916404cd2e6e2930ad946602a65968694bdcfb8ec7d7e82ab0c1d2ac9f08 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ Response headers cache-control max-age=0,no-cache,no-store pragma no-cache expires Tue, 11 Oct 1977 12:34:56 GMT p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" content-type text/html;charset=UTF-8 content-length 1162 date Sun, 06 Mar 2022 21:37:38 GMT server AC1.1 Redirect headers location https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1 content-length 0 date Sun, 06 Mar 2022 21:37:38 GMT server AC1.1
GET H2	204	5919bb7250f42d43 pixel.sitescout.com/iap/ Redirect Chain https://pixel.sitescout.com/iap/5919bb7250f42d43 https://pixel.sitescout.com/iap/5919bb7250f42d43?cookieQ=1	0 341 B	26ms 26ms	Image text/plain	216.152.140.211 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.sitescout.com/iap/5919bb7250f42d43?cookieQ=1 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol H2 Server 216.152.140.211 Herndon, United States, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sun, 06 Mar 2022 21:37:38 GMT cache-control max-age=0,no-cache,no-store server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" expires Tue, 11 Oct 1977 12:34:56 GMT Redirect headers location https://pixel.sitescout.com/iap/5919bb7250f42d43?cookieQ=1 date Sun, 06 Mar 2022 21:37:38 GMT server AC1.1 content-length 0
GET H/1.1	200 OK	/ Show response onsiteshq.smarterhq.io/api/v3/onsite/	111 B 326 B	38ms 38ms	Script text/plain	34.230.188.212 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://onsiteshq.smarterhq.io/api/v3/onsite/?instanceId=fyl6dahrce-1092&loiId=017f612a-a681-4441-96e5-d5678f9e282b&sessionId=017f612a-a681-416f-8d86-bf0e70bafeab&url=http%3A%2F%2Fmail.save-ukraine.live%2F&callback=_smtr.postprocess&r=858376953&isNewVisitor=true&accountId=228&isEmailProvided=false&espSubIdProvided=false&ref=http%3A%2F%2Fmail.save-ukraine.live%2F Requested by Host: d1n00d49gkbray.cloudfront.net URL: http://d1n00d49gkbray.cloudfront.net/js/savethechildren.js Protocol HTTP/1.1 Server 34.230.188.212 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-230-188-212.compute-1.amazonaws.com Software Kestrel / Resource Hash 15d6dff53a85e601ddd4a1e658129efdeedaf6d1f5c27ff624a480bdbf491210 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Server Kestrel Connection keep-alive Transfer-Encoding chunked X-Request-Id 0HMERL0HVBHKR:0000009E Content-Type text/plain; charset=utf-8
GET H/1.1	200 200	api_cons_cart.html Show response support.savethechildren.org/site/SPageNavigator/	113 B 1 KB	301ms 68ms	Script application/javascript	74.123.154.123 BLACKBAUD-ASN
General Check archive.org Show headers Download Go to Full URL https://support.savethechildren.org/site/SPageNavigator/api_cons_cart.html?pgwrap=n&callback=jQuery224022359180215209995_1646602658966&_=1646602658967 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/clientlib-vendor.5b5e83dfed6bd60101f7bd5731b97552.js.download Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US), Reverse DNS cluster3.convio.net Software Apache / Resource Hash 14d5ae71df9cbd3616a11262e67f5094654a1a7aca76981e918685e6163715f3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://support.savethechildren.org/site/XFrameViolation X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sun, 06 Mar 2022 21:37:39 GMT X-Content-Type-Options nosniff Server Apache Content-Type application/javascript;charset=ISO-8859-1 Cache-Control no-store Content-Security-Policy frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://support.savethechildren.org/site/XFrameViolation Connection Keep-Alive X-Robots-Tag all Keep-Alive timeout=15, max=444 Content-Length 113
GET H/1.1	200 200	PixelServer support.savethechildren.org/site/	43 B 243 B	294ms 62ms	Image image/gif	74.123.154.123 BLACKBAUD-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://support.savethechildren.org/site/PixelServer?t=undefined Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US), Reverse DNS cluster3.convio.net Software Apache / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Cache-Control no-store Server Apache Connection Keep-Alive Keep-Alive timeout=15, max=175 Content-Length 43 Content-Type image/gif
GET H2	200	iframe_api Show response www.youtube.com/	980 B 2 KB	93ms 44ms	Script text/javascript	2607:f8b0:4006:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/launch-d47d2de11878.min.js.download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 59b075c7c91ff7b85bbdae7d07308e3a41169aa0d1c876357e45b2bde536cf37 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:39 GMT content-encoding br x-content-type-options nosniff p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 server ESF x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 report-to {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]} content-type text/javascript; charset=utf-8 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94" expires Sun, 06 Mar 2022 21:37:39 GMT
GET H/1.1	200 OK	id Show response metrics.savethechildren.org/	87 B 669 B	182ms 89ms	Script application/x-javascript	54.212.155.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://metrics.savethechildren.org/id?callback=_airpr_ns.om_cookie Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/airpr.js.download Protocol HTTP/1.1 Server 54.212.155.93 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-212-155-93.us-west-2.compute.amazonaws.com Software jag / Resource Hash 0a63399d21c860a4c795786ef064c9e821ebfabfe5cd2650d5340a9421434e35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:39 GMT x-content-type-options nosniff server jag xserver anedge-74fcddc49f-mjsgd vary Origin x-c main-1585.I7afc85.M0-540 p3p CP="This is not a P3P policy" access-control-allow-origin * cache-control no-cache, no-store, max-age=0, no-transform, private content-type application/x-javascript;charset=utf-8 content-length 87 x-xss-protection 1; mode=block
GET H/1.1	200 OK	serverComponent.php Show response nexus.ensighten.com/choozle/10170/	273 B 510 B	82ms 35ms	Script text/javascript	3.132.152.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://nexus.ensighten.com/choozle/10170/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/10170/code/&publishedOn=Mon%20Feb%2028%2021:19:18%20GMT%202022&ClientID=923&PageID=http%3A%2F%2Fmail.save-ukraine.live%2F Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/Bootstrap.js.download Protocol HTTP/1.1 Server 3.132.152.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-132-152-20.us-east-2.compute.amazonaws.com Software nginx / Resource Hash 4e54f417ddac4f95358465ea12af14e39ee84302bdf98798bf4afb3161754f10 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Cache-Control no-cache, no-store Server nginx Connection keep-alive Content-Type text/javascript Content-Length 273 Expires Sun, 06 Mar 2022 21:37:36 GMT
GET H2	200	api.min.js Show response a.opmnstr.com/app/js/	205 KB 57 KB	125ms 39ms	Script application/javascript	195.181.168.47 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://a.opmnstr.com/app/js/api.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LXXS3R Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.181.168.47 , United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-742.bunnyinfra.net Software BunnyCDN-NY1-742 / Resource Hash 507ce7426c190c3d954909e634c514914c57d3f311fc022b560260614b596196 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:39 GMT content-encoding br cdn-edgestorageid 742 perma-cache HIT cdn-storageserver DE-197 cdn-cachedat 02/25/2022 19:06:14 cdn-pullzone 293267 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-requestpullcode 200 server BunnyCDN-NY1-742 access-control-allow-origin * last-modified Fri, 25 Feb 2022 19:06:14 GMT cdn-proxyver 1.02 cdn-fileserver 300 etag W/"621928a6-33287" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd cdn-requestid b4c380abc0dd351b48c975d2ae3bdca1 cdn-requestcountrycode CA cdn-status 200 cdn-requestpullsuccess True
GET H/1.1	200 OK	ibs:dpid=82530&dpuuid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent= dpm.demdex.net/ Frame 54BD	42 B 943 B	82ms 82ms	Image image/gif	52.25.168.181 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=82530&dpuuid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent= Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.25.168.181 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-25-168-181.us-west-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://pixel.sitescout.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers DCS dcs-prod-usw2-1-v026-074ba9bd5.edge-usw2.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID t9nM+JfpTOE= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	check pixel.tapad.com/idsync/ex/receive/ Frame 54BD Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341 https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341	95 B 426 B	38ms 38ms	Image image/png	107.178.246.49 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol H2 Server 107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 49.246.178.107.bc.googleusercontent.com Software / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://pixel.sitescout.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:39 GMT via 1.1 google content-type image/png alt-svc clear content-length 95 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Redirect headers location https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341 date Sun, 06 Mar 2022 21:37:39 GMT via 1.1 google alt-svc clear content-length 0 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H2	200	pixel.gif load77.exelator.com/ Frame 54BD Redirect Chain https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent= https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent=&xl8blockcheck=1 https://load77.exelator.com/pixel.gif	43 B 438 B	190ms 61ms	Image image/gif	2a02:6ea0:c400::12 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://load77.exelator.com/pixel.gif Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol H2 Server 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers Accept-Language en-CA,en;q=0.9 Referer https://pixel.sitescout.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-77-pop newyorkUSNY date Sun, 06 Mar 2022 21:37:40 GMT x-age-lb 19 x-77-nzt-ray 7LUtqJScpFE x-77-cache HIT content-length 43 x-cache HIT x-age 610728 x-77-nzt Alm7sQ8vKIz/qFEJAJySO+jLG7X/EwAAAA x-lb-ip 156.146.59.232 x-cache-lb HIT x-accel-expires @1647028732 last-modified Wed, 25 Oct 2017 17:03:56 GMT server CDN77-Turbo etag "59f0c3fc-2b" x-lb-pop newyorkUSNY content-type image/gif access-control-allow-origin * accept-ranges bytes expires Fri, 15 Jan 2021 19:58:16 GMT Redirect headers date Sun, 06 Mar 2022 21:37:39 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://load77.exelator.com/pixel.gif cache-control no-cache access-control-allow-credentials true content-type image/gif content-length 0
GET H2	200	um sync.teads.tv/ Frame 54BD	23 B 288 B	94ms 30ms	Image image/gif	23.200.197.46 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=73&uid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent= Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-200-197-46.deploy.static.akamaitechnologies.com Software akka-http/10.2.7 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers Accept-Language en-CA,en;q=0.9 Referer https://pixel.sitescout.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sun, 06 Mar 2022 21:37:39 GMT cache-control max-age=0, no-cache, no-store expires Sun, 06 Mar 2022 21:37:39 GMT server akka-http/10.2.7 content-length 23 content-type image/gif
GET H2	200	qmap sync.crwdcntrl.net/ Frame 54BD Redirect Chain https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent= https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent=&ct=y	49 B 265 B	41ms 32ms	Image image/gif	52.206.174.18 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent=&ct=y Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol H2 Server 52.206.174.18 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-206-174-18.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language en-CA,en;q=0.9 Referer https://pixel.sitescout.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sun, 06 Mar 2022 21:37:39 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.38.101 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Sun, 06 Mar 2022 21:37:39 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent=&ct=y cache-control no-cache x-server 10.40.43.121 content-length 0 expires 0
GET H/1.1	200 OK	s38539935830277 metrics.savethechildren.org/b/ss/stcf.prod.us/1/JS-2.22.3-LBWB/	43 B 599 B	92ms 90ms	Image image/gif	54.212.155.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://metrics.savethechildren.org/b/ss/stcf.prod.us/1/JS-2.22.3-LBWB/s38539935830277?AQB=1&ndh=1&pf=1&t=6%2F2%2F2022%2021%3A37%3A39%200%200&sdid=209886F63937E1A9-4BBE5B54658AFC35&mid=36694265362621004751370651446777336234&aamlh=9&ce=Windows-1257&cl=SESSION&pageName=Donate%20to%20Help%20Children%20in%20Ukraine&g=http%3A%2F%2Fmail.save-ukraine.live%2F&cc=USD&ch=where-we-work&server=mail.save-ukraine.live&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=6B0E659F56A9E70D7F000101%40AdobeOrg&AQE=1 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 54.212.155.93 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-212-155-93.us-west-2.compute.amazonaws.com Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:39 GMT x-content-type-options nosniff x-c main-1585.I7afc85.M0-540 p3p CP="This is not a P3P policy" content-length 43 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 07 Mar 2022 21:37:39 GMT server jag xserver anedge-74fcddc49f-t2qn4 etag 3536052285821747200-4619550110546290468 vary * content-type image/gif;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, no-transform, private expires Sat, 05 Mar 2022 21:37:39 GMT
GET H3	200	www-widgetapi.js Show response www.youtube.com/s/player/0abde7de/www-widgetapi.vflset/	152 KB 49 KB	51ms 20ms	Script text/javascript	2607:f8b0:4006:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/0abde7de/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6654cdce4772c6e6d896c5ff548af91be2430caa8b1a8f6d60345fc15738bdb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 05 Mar 2022 17:04:03 GMT content-encoding br x-content-type-options nosniff age 102816 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 50321 x-xss-protection 0 last-modified Thu, 03 Mar 2022 04:20:53 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 05 Mar 2023 17:04:03 GMT
POST H3	200	/ Show response www.facebook.com/tr/ Frame 6D77	0 18 B	43ms 20ms	Document text/plain	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 Origin http://mail.save-ukraine.live Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ Response headers content-type text/plain access-control-allow-origin http://mail.save-ukraine.live access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin content-length 0 server proxygen-bolt alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=0 date Sun, 06 Mar 2022 21:37:39 GMT
GET H/1.1	200 OK	466b2d4ceb824c81ab82a48da410acc4.js Show response nexus.ensighten.com/choozle/10170/code/	2 KB 688 B	37ms 36ms	Script application/javascript	3.132.152.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://nexus.ensighten.com/choozle/10170/code/466b2d4ceb824c81ab82a48da410acc4.js?conditionId0=421905 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/Bootstrap.js.download Protocol HTTP/1.1 Server 3.132.152.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-132-152-20.us-east-2.compute.amazonaws.com Software nginx / Resource Hash ef53ca1ed9fc4233f8d49c44a602df622b9c933eb0d0fc954ed96d5436fec751 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:39 GMT Content-Encoding gzip Last-Modified Mon, 28 Feb 2022 21:19:24 GMT Server nginx ETag W/"621d3c5c-62a" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 cache-control max-age=315360000 Transfer-Encoding chunked Connection keep-alive
GET H2	204	anpx dpx.airpr.com/ Redirect Chain http://dpx.airpr.com/px?hostname=mail.save-ukraine.live&profile=405343&om_account_type=OM&om_c=311294D19D5A9BD6-60000DFC53BD8EB1&om_fallback_c=undefined&an=true https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=16275297246 https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdpx.airpr.com%2Fanpx%3Fadnxs_uid%3D%24UID%26airpr_id%3D16275297246 https://dpx.airpr.com/anpx?adnxs_uid=5956904793354044640&airpr_id=16275297246	0 64 B	74ms 24ms	Image text/plain	107.23.36.61 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dpx.airpr.com/anpx?adnxs_uid=5956904793354044640&airpr_id=16275297246 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol H2 Server 107.23.36.61 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-23-36-61.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:40 GMT cache-control private server nginx Redirect headers Pragma no-cache Date Sun, 06 Mar 2022 21:37:40 GMT X-Proxy-Origin 149.56.153.185; 149.56.153.185; 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com AN-X-Request-Uuid e6c6d199-778d-4f0a-81b6-18ae96431de7 Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://dpx.airpr.com/anpx?adnxs_uid=5956904793354044640&airpr_id=16275297246 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	s35437521535642 metrics.savethechildren.org/b/ss/stcf.prod.us/1/JS-2.22.3-LBWB/	43 B 599 B	94ms 91ms	Image image/gif	54.212.155.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://metrics.savethechildren.org/b/ss/stcf.prod.us/1/JS-2.22.3-LBWB/s35437521535642?AQB=1&ndh=1&pf=1&t=6%2F2%2F2022%2021%3A37%3A39%200%200&mid=36694265362621004751370651446777336234&aamlh=9&ce=Windows-1257&cl=SESSION&pageName=Donate%20to%20Help%20Children%20in%20Ukraine&g=http%3A%2F%2Fmail.save-ukraine.live%2F&cc=USD&ch=where-we-work&server=mail.save-ukraine.live&pe=lnk_o&pev2=impression&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=6B0E659F56A9E70D7F000101%40AdobeOrg&AQE=1 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 54.212.155.93 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-212-155-93.us-west-2.compute.amazonaws.com Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:40 GMT x-content-type-options nosniff x-c main-1585.I7afc85.M0-540 p3p CP="This is not a P3P policy" content-length 43 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 07 Mar 2022 21:37:40 GMT server jag xserver anedge-74fcddc49f-2hmmp etag 3536052287699386368-4619765768370427192 vary * content-type image/gif;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, no-transform, private expires Sat, 05 Mar 2022 21:37:40 GMT
GET H2	404	71376 Show response api.omappapi.com/v2/embed/	191 B 558 B	75ms 30ms	XHR application/json	99.84.125.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.omappapi.com/v2/embed/71376?d=mail.save-ukraine.live Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.125.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-125-101.ewr52.r.cloudfront.net Software Pagely Gateway/1.5.1 / Resource Hash 1e563cea8de09374b233e99beb0fed7006e74c9fa333847d6c5bda8a9a799d38 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-user-agent standard-- via 1.1 413e6428a627e53beb32746ed7229af2.cloudfront.net (CloudFront) x-cache-config 0 0 server Pagely Gateway/1.5.1 x-amz-cf-pop EWR52-C3 date Sun, 06 Mar 2022 21:37:40 GMT vary Accept-Encoding, User-Agent x-cache Error from cloudfront content-type application/json access-control-allow-origin * access-control-allow-headers X-CSRF-Token content-length 191 x-amz-cf-id ifII9O4ORmCMvJhNnVrt8y9RAcng4AfybAHDsxHNhCqR-WRiPZc1sg==
GET H2	200	bc-v3.min.html Show response consentcdn.cookiebot.com/sdk/ Frame 7E02	2 KB 1 KB	63ms 24ms	Document text/html	2600:1400:d:48f::f09 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consentcdn.cookiebot.com/sdk/bc-v3.min.html Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/uc.js.download Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:48f::f09 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ Response headers accept-ranges bytes content-type text/html etag "b10de1f5f615a79259ac9e34f470ce1d:1615283706.572935" last-modified Tue, 09 Mar 2021 09:55:06 GMT server AkamaiNetStorage vary Accept-Encoding content-encoding gzip cache-control max-age=20835669 expires Thu, 03 Nov 2022 01:18:49 GMT date Sun, 06 Mar 2022 21:37:40 GMT content-length 895 server-timing cdn-cache; desc=HIT edge; dur=1
GET H2	404	cc.js mail.save-ukraine.live/5375074e-402c-46c7-bb0c-98aa16042230/	0 0	299ms 101ms	Script text/html	139.162.186.93 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://mail.save-ukraine.live/5375074e-402c-46c7-bb0c-98aa16042230/cc.js?renew=false&referer=mail.save-ukraine.live&dnt=false&forceshow=false Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/uc.js.download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 139.162.186.93 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS de4.fcomet.com Software / Resource Hash Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H/1.1	200 OK	id Show response metrics.savethechildren.org/	87 B 669 B	91ms 91ms	Script application/x-javascript	54.212.155.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://metrics.savethechildren.org/id?callback=_airpr_ns.om_cookie Requested by Host: px.airpr.com URL: http://px.airpr.com/airpr.js Protocol HTTP/1.1 Server 54.212.155.93 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-212-155-93.us-west-2.compute.amazonaws.com Software jag / Resource Hash b676ff8e3d4d3b73913ff7292e12bf283233eac5cf0cd213974c201d85a3b494 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:41 GMT x-content-type-options nosniff server jag xserver anedge-74fcddc49f-wvqsp vary Origin x-c main-1585.I7afc85.M0-540 p3p CP="This is not a P3P policy" access-control-allow-origin * cache-control no-cache, no-store, max-age=0, no-transform, private content-type application/x-javascript;charset=utf-8 content-length 87 x-xss-protection 1; mode=block
GET H2	200	uwt.js Show response static.ads-twitter.com/	14 KB 6 KB	81ms 25ms	Script application/javascript	146.75.36.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LXXS3R Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.36.157 Reston, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:41 GMT content-encoding gzip last-modified Sat, 05 Feb 2022 00:34:56 GMT etag "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip" vary Accept-Encoding,Host x-tw-cdn FT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" cache-control no-cache x-cache HIT accept-ranges bytes content-type application/javascript; charset=utf-8 content-length 5410 x-served-by cache-iad-kcgs7200103-IAD
GET H/1.1	200 OK	activityi;dc_pre=CP2W0_W4svYCFZgG0AQdOvQCSQ;src=10359930;type=leadg0;cat=leadg0;ord=7687148731782;gtm=2wg320;auiddc=973636797.1646602661;~oref=http%3A%2F%2Fmail.save-ukraine.live%2F Show response 10359930.fls.doubleclick.net/ Frame CC05 Redirect Chain http://10359930.fls.doubleclick.net/activityi;src=10359930;type=leadg0;cat=leadg0;ord=7687148731782;gtm=2wg320;auiddc=973636797.1646602661;~oref=http%3A%2F%2Fmail.save-ukraine.live%2F? http://10359930.fls.doubleclick.net/activityi;dc_pre=CP2W0_W4svYCFZgG0AQdOvQCSQ;src=10359930;type=leadg0;cat=leadg0;ord=7687148731782;gtm=2wg320;auiddc=973636797.1646602661;~oref=http%3A%2F%2Fmail....	486 B 970 B	46ms 46ms	Document text/html	142.250.80.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://10359930.fls.doubleclick.net/activityi;dc_pre=CP2W0_W4svYCFZgG0AQdOvQCSQ;src=10359930;type=leadg0;cat=leadg0;ord=7687148731782;gtm=2wg320;auiddc=973636797.1646602661;~oref=http%3A%2F%2Fmail.save-ukraine.live%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LXXS3R Protocol HTTP/1.1 Server 142.250.80.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f6.1e100.net Software cafe / Resource Hash 749393a6759480ef67be5ee35e64d4de5cd145d759c20038fdc728f94a8cef59 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer about:blank Response headers P3P policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin * Cross-Origin-Resource-Policy cross-origin Date Sun, 06 Mar 2022 21:37:41 GMT Expires Fri, 01 Jan 1990 00:00:00 GMT Cache-Control no-cache, must-revalidate Strict-Transport-Security max-age=21600 Content-Type text/html; charset=UTF-8 Pragma no-cache X-Content-Type-Options nosniff Content-Encoding gzip Server cafe Content-Length 386 X-XSS-Protection 0 Redirect headers P3P policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin * Cross-Origin-Resource-Policy cross-origin Date Sun, 06 Mar 2022 21:37:41 GMT Pragma no-cache Expires Fri, 01 Jan 1990 00:00:00 GMT Cache-Control no-cache, must-revalidate Follow-Only-When-Prerender-Shown 1 Strict-Transport-Security max-age=21600 Location http://10359930.fls.doubleclick.net/activityi;dc_pre=CP2W0_W4svYCFZgG0AQdOvQCSQ;src=10359930;type=leadg0;cat=leadg0;ord=7687148731782;gtm=2wg320;auiddc=973636797.1646602661;~oref=http%3A%2F%2Fmail.save-ukraine.live%2F? Content-Type text/html; charset=UTF-8 X-Content-Type-Options nosniff Server cafe Content-Length 0 X-XSS-Protection 0
GET H/1.1	200 OK	savethechildren.js Show response d1n00d49gkbray.cloudfront.net/js/	73 KB 25 KB	19ms 18ms	Script application/javascript	2600:9000:2140:c00:9:7c30:be80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d1n00d49gkbray.cloudfront.net/js/savethechildren.js Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 2600:9000:2140:c00:9:7c30:be80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e8f5ff36a19c6bc4d860a76a102ed258146875cbac93ca77db446ac2e49921b5 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 04:26:38 GMT Content-Encoding gzip Age 61864 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Tue, 02 Feb 2021 22:28:11 GMT Server AmazonS3 ETag W/"e91de117439869356397fbef0c0378b6" Vary Accept-Encoding x-amz-version-id 5vZDlZA6TdRkScvdIdu529Oi3p9aXyYC Via 1.1 215207bc7fb93e55e70ed5107d9c8948.cloudfront.net (CloudFront) X-Amz-Cf-Pop EWR52-C1 Content-Type application/javascript X-Amz-Cf-Id NZZxRjrmMkxLddxmgR5Vtan9t0U9rr6ZqUhiXwZIntOXBJlgZBcoWw==
GET H/1.1	200 OK	SmarterHandler.ashx Show response tr2.smarterhq.io/app1/	296 B 497 B	26ms 25ms	Script text/javascript	34.196.247.200 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://tr2.smarterhq.io/app1/SmarterHandler.ashx?r=1098432496&i=fyl6dahrce-1092&modalc=637821994594571009^017f612a-a681-4441-96e5-d5678f9e282b^017f612a-a681-416f-8d86-bf0e70bafeab^0^149.56.153.185&cb=_smtr.postprocess&brand=Save%20the%20Children&t=Donate%20to%20Help%20Children%20in%20Ukraine%20%7C%20Save%20the%20Children&cid=homepage&cn=Save%20the%20Children%20Homepage&bv=2.7.17&utc=0&pt=3&href=http%3A%2F%2Fmail.save-ukraine.live%2F&hostn=mail.save-ukraine.live&pathn=%2F Requested by Host: d1n00d49gkbray.cloudfront.net URL: http://d1n00d49gkbray.cloudfront.net/js/savethechildren.js Protocol HTTP/1.1 Server 34.196.247.200 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-196-247-200.compute-1.amazonaws.com Software Kestrel / Resource Hash 8d576a7f71073a00af16aea9ce8494590f974975a59669f510fd3f4a661f802e Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sun, 06 Mar 2022 21:37:41 GMT Cache-Control no-store,no-cache Server Kestrel Connection keep-alive Content-Length 296 Content-Type text/javascript
GET H/1.1	200 OK	ld.js Show response static.criteo.net/js/ld/	40 KB 13 KB	47ms 24ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL http://static.criteo.net/js/ld/ld.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LXXS3R Protocol HTTP/1.1 Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:41 GMT content-encoding gzip last-modified Tue, 14 Dec 2021 12:51:58 GMT server nginx etag W/"61b8936e-9faf" transfer-encoding chunked content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * expires Mon, 07 Mar 2022 21:37:41 GMT
GET H/1.1	200 OK	Bootstrap.js Show response nexus.ensighten.com/choozle/10170/	29 KB 9 KB	34ms 34ms	Script application/javascript	3.132.152.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://nexus.ensighten.com/choozle/10170/Bootstrap.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LXXS3R Protocol HTTP/1.1 Server 3.132.152.20 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-132-152-20.us-east-2.compute.amazonaws.com Software nginx / Resource Hash ae38175bf519816017968af83cf5a9eb4d325d9fd274a3c6f9e00b9d6c2516e7 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:41 GMT Content-Encoding gzip Last-Modified Mon, 28 Feb 2022 21:19:23 GMT Server nginx ETag W/"621d3c5b-7289" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 cache-control max-age=300 Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	airpr.js Show response px.airpr.com/	7 KB 3 KB	18ms 17ms	Script application/javascript	99.84.42.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://px.airpr.com/airpr.js Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 99.84.42.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-42-111.ewr52.r.cloudfront.net Software nginx / Resource Hash 529b9c583e6cf8da02c9cadf8c38b5714198f0fde2dcde01da2d5ee681228738 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 20:32:00 GMT Content-Encoding gzip Connection keep-alive Last-Modified Wed, 01 Aug 2018 01:39:57 GMT Server nginx Age 3941 ETag "5b610f6d-853" X-Cache Hit from cloudfront Content-Type application/javascript; charset=utf-8 Via 1.1 70641f5df56ba9a18ec1e10fa85bf5ee.cloudfront.net (CloudFront) Cache-Control max-age=43200 X-Amz-Cf-Pop EWR52-C4 Content-Length 2131 X-Amz-Cf-Id nk59lF0OWJzEIUUcDTjv2CdOQBx__cmxiop49GhiqwPPzn8KQskjnw== Expires Mon, 07 Mar 2022 08:32:00 GMT
GET H/1.1	200 OK	sv.js Show response track.securedvisit.com/js/	61 KB 25 KB	28ms 28ms	Script application/javascript	52.206.33.63 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://track.securedvisit.com/js/sv.js Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol HTTP/1.1 Server 52.206.33.63 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-206-33-63.compute-1.amazonaws.com Software nginx/1.20.2 / Resource Hash a5256d4282dfcd01b0c75b148eeb3295eb6c5ee2bcfd039eb091b37fe3fbcb40 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sun, 06 Mar 2022 21:37:41 GMT Content-Encoding gzip Last-Modified Sun, 06 Mar 2022 21:37:41 GMT Server nginx/1.20.2 ETag W/"96bca9fc8ee9ea6d3703006d123b44b8" Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control proxy-revalidate, no-cache, private, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive Expires Sun, 06 Mar 2022 21:37:41 GMT
GET H2	200	asyncPixelSync Show response pixel.sitescout.com/dmp/ Frame 409B	1 KB 2 KB	29ms 28ms	Document text/html	216.152.140.211 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://pixel.sitescout.com/dmp/asyncPixelSync Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 216.152.140.211 Herndon, United States, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash dd7ac7ce67f2bab739b6231984dfdd699296ba3070df89596bf4893e42ac6a6a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ Response headers cache-control max-age=0,no-cache,no-store pragma no-cache expires Tue, 11 Oct 1977 12:34:56 GMT p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" content-type text/html;charset=UTF-8 content-length 1157 date Sun, 06 Mar 2022 21:37:40 GMT server AC1.1
GET H/1.1	200 OK	unifiedPixel tr.outbrain.com/	43 B 256 B	19ms 19ms	Image image/gif	64.202.112.95 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL http://tr.outbrain.com/unifiedPixel?marketerId=00569da938e06cb48f6f60ece5ae3d324c&obApiVersion=1.1&obtpVersion=1.6.0&name=PAGE_VIEW&dl=http%3A%2F%2Fmail.save-ukraine.live%2F&optOut=false&bust=08557756635058427 Protocol HTTP/1.1 Server 64.202.112.95 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:41 GMT Cache-Control no-cache X-TraceId 82cb2c8b5204207600d2b06a85dfddf7 content-encoding gzip Content-Length 60 Content-Type image/gif;
GET H2	200	/ track.securedvisit.com/	43 B 177 B	30ms 29ms	Image image/gif	52.206.33.63 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://track.securedvisit.com/?sv_dt=2022-03-06T21%3A37%3A41.152Z&sv_cid=3981_04247&sv_title=Donate%20to%20Help%20Children%20in%20Ukraine%20%7C%20Save%20the%20Children&sv_referrer=&sv_url=http%3A%2F%2Fmail.save-ukraine.live%2F&sv_keywords=save%20the%20children%2Cchildren%2Chumanitarian%20aid&sv_tzOffset=0000&sv_inframe=false&sv_ver=1.8.9&sv_session=fe0f638a9dc3215a81b30c034cc6a28b&sv_first=true&sv_px_domain_data=%7B%22sid_found%22%3Afalse%2C%22ver%22%3A%221.0.0%22%2C%22sid_val%22%3A%22fQc8T7956exOErSDZUi4GPgAu%22%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.206.33.63 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-206-33-63.compute-1.amazonaws.com Software nginx/1.20.2 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sun, 06 Mar 2022 21:37:41 GMT cache-control private, no-cache, proxy-revalidate server nginx/1.20.2 content-length 43 content-type image/gif
GET H2	204	5919bb7250f42d43 pixel.sitescout.com/iap/	0 341 B	29ms 28ms	Image text/plain	216.152.140.211 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.sitescout.com/iap/5919bb7250f42d43 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 216.152.140.211 Herndon, United States, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sun, 06 Mar 2022 21:37:40 GMT cache-control max-age=0,no-cache,no-store server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" expires Tue, 11 Oct 1977 12:34:56 GMT
GET H/1.1	200 OK	c.json Show response collection.decibelinsight.net/i/13874/253647/	16 KB 9 KB	83ms 26ms	XHR application/json	54.235.216.14 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://collection.decibelinsight.net/i/13874/253647/c.json Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/di.js.download Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.235.216.14 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-235-216-14.compute-1.amazonaws.com Software nginx / Resource Hash 43fea593e146590f91bdaa831c26a797a94c36271b15cea94a63533b5b23a809 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:41 GMT Content-Encoding gzip Vary Origin Server nginx ETag W/000065990-17F612AAD6D Strict-Transport-Security max-age=31536000 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/json Access-Control-Allow-Origin http://mail.save-ukraine.live Cache-Control private, max-age=1800 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Timing-Allow-Origin * Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
GET H/1.1	200 OK	c.json Show response collection.decibelinsight.net/i/13874/253647/	16 KB 9 KB	79ms 23ms	XHR application/json	54.235.216.14 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://collection.decibelinsight.net/i/13874/253647/c.json Requested by Host: cdn.decibelinsight.net URL: https://cdn.decibelinsight.net/i/13874/253647/di.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.235.216.14 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-235-216-14.compute-1.amazonaws.com Software nginx / Resource Hash 42971db387b51d030db90e42ab7d28a669250cd7eeae0c89ca7ece0dc522f31b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:41 GMT Content-Encoding gzip Vary Origin Server nginx ETag W/000075153-17F612AAD6D Strict-Transport-Security max-age=31536000 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/json Access-Control-Allow-Origin http://mail.save-ukraine.live Cache-Control private, max-age=1800 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Timing-Allow-Origin * Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
GET H/1.1	200 OK	c.json Show response collection.decibelinsight.net/i/13874/253647/	16 KB 9 KB	82ms 24ms	XHR application/json	54.235.216.14 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://collection.decibelinsight.net/i/13874/253647/c.json Requested by Host: cdn.decibelinsight.net URL: https://cdn.decibelinsight.net/i/13874/253647/di.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.235.216.14 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-235-216-14.compute-1.amazonaws.com Software nginx / Resource Hash 83a3d0e6c79c7154f711fc0e2ec360776d73320abb8225685b18ca253f15ee4e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:41 GMT Content-Encoding gzip Vary Origin Server nginx ETag W/000065991-17F612AAD70 Strict-Transport-Security max-age=31536000 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/json Access-Control-Allow-Origin http://mail.save-ukraine.live Cache-Control private, max-age=1800 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Timing-Allow-Origin * Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
GET H/1.1	200 OK	c.json Show response collection.decibelinsight.net/i/13874/253647/	16 KB 9 KB	90ms 24ms	XHR application/json	54.235.216.14 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://collection.decibelinsight.net/i/13874/253647/c.json Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/di.js.download Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.235.216.14 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-235-216-14.compute-1.amazonaws.com Software nginx / Resource Hash f3957db8c54549b117abc798edc91714cfbb1b712fc8b78ba58ff0efb2dcb80e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:41 GMT Content-Encoding gzip Vary Origin Server nginx ETag W/000065992-17F612AAD7B Strict-Transport-Security max-age=31536000 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/json Access-Control-Allow-Origin http://mail.save-ukraine.live Cache-Control private, max-age=1800 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Timing-Allow-Origin * Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
GET H2	200	384136.gif idsync.rlcdn.com/ Frame 409B	42 B 340 B	69ms 41ms	Image image/gif	35.190.60.146 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/384136.gif?partner_uid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 146.60.190.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-CA,en;q=0.9 Referer https://pixel.sitescout.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Sun, 06 Mar 2022 21:37:41 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42
GET H/1.1	200 OK	17724 tags.bluekai.com/site/ Frame 409B	62 B 627 B	116ms 77ms	Image image/gif	173.223.56.123 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/17724?id=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 173.223.56.123 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-223-56-123.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language en-CA,en;q=0.9 Referer https://pixel.sitescout.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:41 GMT Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 Content-Type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame 409B Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=7308&uid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341 https://sync.search.spotxchange.com/partner?adv_id=7308&uid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&__user_check__=1&sync_id=a69fe80d-9d95-11ec-ad3b-1b186c970403	43 B 549 B	31ms 30ms	Image image/gif	192.35.249.120 SPOTX-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7308&uid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&__user_check__=1&sync_id=a69fe80d-9d95-11ec-ad3b-1b186c970403 Protocol HTTP/1.1 Server 192.35.249.120 Ashburn, United States, ASN11742 (SPOTX-IAD, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language en-CA,en;q=0.9 Referer https://pixel.sitescout.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 06 Mar 2022 21:37:41 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 219 Connection keep-alive Content-Length 43 Redirect headers Date Sun, 06 Mar 2022 21:37:41 GMT Server nginx Location /partner?adv_id=7308&uid=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&__user_check__=1&sync_id=a69fe80d-9d95-11ec-ad3b-1b186c970403 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 221 Connection keep-alive Content-Length 0
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 409B	42 B 542 B	73ms 24ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-CA,en;q=0.9 Referer https://pixel.sitescout.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 13:05:43 GMT cache-control no-store, no-cache, private x-lat va2pug002:0:381 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H3	200	sd us-u.openx.net/w/1.0/ Frame 409B Redirect Chain https://us-u.openx.net/w/1.0/sd?id=537072977&val=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent= https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent=	43 B 61 B	42ms 28ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent= Protocol H3 Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/17.2.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language en-CA,en;q=0.9 Referer https://pixel.sitescout.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sun, 06 Mar 2022 21:37:41 GMT via 1.1 google server OXGW/17.2.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?cc=1&id=537072977&val=1868869b-eca7-46a4-8cb9-0d079a9c5ba7-622529a3-4341&gdpr=0&gdpr_consent= date Sun, 06 Mar 2022 21:37:41 GMT via 1.1 google server OXGW/17.2.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H2	204	anpx dpx.airpr.com/ Redirect Chain http://dpx.airpr.com/px?hostname=mail.save-ukraine.live&profile=405343&om_account_type=OM&om_c=311294D2E2C6B967-400015CC7DFF8CB4&om_fallback_c=undefined&an=true https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=16275297505 https://dpx.airpr.com/anpx?adnxs_uid=5956904793354044640&airpr_id=16275297505	0 63 B	25ms 24ms	Image text/plain	107.23.36.61 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dpx.airpr.com/anpx?adnxs_uid=5956904793354044640&airpr_id=16275297505 Protocol H2 Server 107.23.36.61 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-23-36-61.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 06 Mar 2022 21:37:41 GMT cache-control private server nginx Redirect headers Pragma no-cache Date Sun, 06 Mar 2022 21:37:41 GMT X-Proxy-Origin 149.56.153.185; 149.56.153.185; 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com AN-X-Request-Uuid c00827c6-125e-48f8-bfbb-6f04f14e0b48 Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://dpx.airpr.com/anpx?adnxs_uid=5956904793354044640&airpr_id=16275297505 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	adsct Show response analytics.twitter.com/i/	31 B 458 B	140ms 50ms	Script application/javascript	104.244.42.3 TWITTER
General Check archive.org Show headers Download Go to Full URL https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvjd8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=0e96414c-3f9d-47b5-9ad1-fd5adabd0a37&tw_document_href=http%3A%2F%2Fmail.save-ukraine.live%2F&tpx_cb=twttr.conversion.loadPixels Requested by Host: static.ads-twitter.com URL: https://static.ads-twitter.com/uwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.3 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_b / Resource Hash df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-response-time 6 date Sun, 06 Mar 2022 21:37:41 GMT content-encoding gzip server tsa_b strict-transport-security max-age=631138519 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" cache-control no-cache, no-store, max-age=0 x-connection-hash 54801d638497d9f6a88782e3b18d40985bff2d05552929d8d32d62c591795a40 content-type application/javascript;charset=utf-8 content-length 57
GET H2	200	adsct t.co/i/ Redirect Chain http://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvjd8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=0e9... https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvjd8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=0e...	43 B 337 B	121ms 43ms	Image image/gif	104.244.42.69 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvjd8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=0e96414c-3f9d-47b5-9ad1-fd5adabd0a37&tw_document_href=http%3A%2F%2Fmail.save-ukraine.live%2F Protocol H2 Server 104.244.42.69 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_b / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-response-time 5 date Sun, 06 Mar 2022 21:37:41 GMT server tsa_b strict-transport-security max-age=0 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0 x-connection-hash f4fe4ca7c627f694fd9e379dcc1dc1dc5239fcf71b0d9175de04b6d21b40643c content-length 43 Redirect headers location https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvjd8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=0e96414c-3f9d-47b5-9ad1-fd5adabd0a37&tw_document_href=http%3A%2F%2Fmail.save-ukraine.live%2F x-response-time 1 date Sun, 06 Mar 2022 21:37:41 GMT cache-control no-cache, no-store, max-age=0 server tsa_b x-connection-hash 7ccf54170bf5fe142f35004981afea7e2cd471419e6d66337b08a8bc8775e9c5 content-length 0
GET H2	200	dc_pre=CP2W0_W4svYCFZgG0AQdOvQCSQ;src=10359930;type=leadg0;cat=leadg0;ord=7687148731782;gtm=2wg320;auiddc=973636797.1646602661;~oref=http%3A%2F%2Fmail.save-ukraine.live%2F Show response adservice.google.com/ddm/fls/i/ Frame 64D6	485 B 854 B	127ms 80ms	Document text/html	2607:f8b0:4006:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/ddm/fls/i/dc_pre=CP2W0_W4svYCFZgG0AQdOvQCSQ;src=10359930;type=leadg0;cat=leadg0;ord=7687148731782;gtm=2wg320;auiddc=973636797.1646602661;~oref=http%3A%2F%2Fmail.save-ukraine.live%2F Requested by Host: 10359930.fls.doubleclick.net URL: http://10359930.fls.doubleclick.net/activityi;dc_pre=CP2W0_W4svYCFZgG0AQdOvQCSQ;src=10359930;type=leadg0;cat=leadg0;ord=7687148731782;gtm=2wg320;auiddc=973636797.1646602661;~oref=http%3A%2F%2Fmail.save-ukraine.live%2F? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a29af274952715da5657bdeb164f7352453f03ad3ed32912b012bbbd69dab9d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer http://10359930.fls.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin date Sun, 06 Mar 2022 21:37:41 GMT expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 pragma no-cache x-content-type-options nosniff content-encoding gzip server cafe content-length 385 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	dc_pre=CP2W0_W4svYCFZgG0AQdOvQCSQ;src=10359930;type=leadg0;cat=leadg0;ord=7687148731782;gtm=2wg320;auiddc=973636797.1646602661;~oref=http%3A%2F%2Fmail.save-ukraine.live%2F Show response adservice.google.ca/ddm/fls/i/ Frame FD67	194 B 870 B	130ms 83ms	Document text/html	2607:f8b0:4006:822::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ca/ddm/fls/i/dc_pre=CP2W0_W4svYCFZgG0AQdOvQCSQ;src=10359930;type=leadg0;cat=leadg0;ord=7687148731782;gtm=2wg320;auiddc=973636797.1646602661;~oref=http%3A%2F%2Fmail.save-ukraine.live%2F Requested by Host: adservice.google.com URL: https://adservice.google.com/ddm/fls/i/dc_pre=CP2W0_W4svYCFZgG0AQdOvQCSQ;src=10359930;type=leadg0;cat=leadg0;ord=7687148731782;gtm=2wg320;auiddc=973636797.1646602661;~oref=http%3A%2F%2Fmail.save-ukraine.live%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://adservice.google.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin date Sun, 06 Mar 2022 21:37:41 GMT expires Sun, 06 Mar 2022 21:37:41 GMT cache-control private, max-age=0 content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip server cafe content-length 177 x-xss-protection 0 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H2	200	/ Show response track.securedvisit.com/citecapture/	0 134 B	26ms 25ms	Script application/javascript	52.206.33.63 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://track.securedvisit.com/citecapture/?cc_event=login&cc_context=Email%20Capture&sv_cid=3981_04247&sv_onetag_id=3207&sv_session=fe0f638a9dc3215a81b30c034cc6a28b&sv_ver=1.8.9&sv_dt=2022-03-06T21%3A37%3A41.587Z&sv_referrer=&sv_url=http%3A%2F%2Fmail.save-ukraine.live%2F&sv_title=Donate%20to%20Help%20Children%20in%20Ukraine%20%7C%20Save%20the%20Children&sv_keywords=save%20the%20children%2Cchildren%2Chumanitarian%20aid&cc_data=%7B%22gK_ikD1q_vy2k1N_1WK%22%3A%22yWKie1WiK%22%2C%22gK_gg_ikD1q_J%22%3A%22yWKie1WiK%22%2C%22gK_gg_ikD1q_o%22%3A%22yWKie1WiK%22%7D Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/sv.js.download Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.206.33.63 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-206-33-63.compute-1.amazonaws.com Software nginx/1.20.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sun, 06 Mar 2022 21:37:41 GMT cache-control private, no-cache, proxy-revalidate server nginx/1.20.2 content-length 0 content-type application/javascript; charset=utf-8
GET H2	200	syncframe Show response gum.criteo.com/ Frame 050E	13 KB 5 KB	77ms 25ms	Document text/html	2620:100:a001::c
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?topUrl=mail.save-ukraine.live&origin=onetag Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/ld.js.download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c -, , ASN (), Reverse DNS Software / Resource Hash 38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ Response headers cache-control private, max-age=3600 content-type text/html; charset=utf-8 content-encoding gzip vary Accept-Encoding cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp server-processing-duration-in-ticks 3005 date Sun, 06 Mar 2022 21:37:48 GMT content-length 5145 strict-transport-security max-age=31536000; preload;
GET H2	200	event Show response sslwidget.criteo.com/	20 B 329 B	84ms 32ms	Script application/x-javascript	74.119.119.150
General Check archive.org Show headers Download Go to Full URL https://sslwidget.criteo.com/event?a=33523&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ui_ecommerce%3D0&p1=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p2=e%3Ddis&adce=1&tld=save-ukraine.live&dtycbr=18323 Requested by Host: mail.save-ukraine.live URL: http://mail.save-ukraine.live/files/ld.js.download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.150 -, , ASN (), Reverse DNS Software Kestrel / Resource Hash 1becc3540a3ea6804b73defa8cf1308bb04b2bce536b18cb9ac3b4eae6bbc21c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language en-CA,en;q=0.9 Referer http://mail.save-ukraine.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sun, 06 Mar 2022 21:37:49 GMT content-type application/x-javascript server Kestrel strict-transport-security max-age=31536000; preload; p3p NON DSP COR CURa PSA PSD OUR BUS NAV STA cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 6486529 timing-allow-origin * expires 0
GET H2	200	sid Show response mug.criteo.com/ Frame 050E Redirect Chain https://gum.criteo.com/sid/json?origin=onetag&domain=save-ukraine.live&sn=ChromeSyncframe&so=0&topUrl=mail.save-ukraine.live&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=7YY943x4eHMvSUN0RUlTY2h2M2RuV3dFTE45bExKTE5BbU9qMzZGeXRNbXMwWVB3TlRBSmh4T0pWemhubXQzWUNmcnBXZkd3bjJrZ2I1N3pUWjBiQXBLN1JyY3djQ0ZiMlFxVzBwZU53VkVycVgxWjFGT0t5WTBIZE1RTG...	447 B 639 B	77ms 27ms	Fetch application/json	74.119.119.139
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=7YY943x4eHMvSUN0RUlTY2h2M2RuV3dFTE45bExKTE5BbU9qMzZGeXRNbXMwWVB3TlRBSmh4T0pWemhubXQzWUNmcnBXZkd3bjJrZ2I1N3pUWjBiQXBLN1JyY3djQ0ZiMlFxVzBwZU53VkVycVgxWjFGT0t5WTBIZE1RTGhjTlhxbjUyenRCSWg4YWZFZytDWHRMSDMvYU1EZUg2cG5JaHFEV1BpT0RwdVBCdVRHVzhVT010K0RMbjhDL29ZWjdHN0tFdmVGNjEvQXNtNkNoTTBkRE9CTGhjYzdMTFhpQUx0RGR5NkhaZk5jMHhRM2hLQUdHY3BQamVrMDF6VXpRMVV1T2EwNTlyK012dkFJeEo1dkE5K3VhRkZXZz09fA&cppv=2 Protocol H2 Server 74.119.119.139 -, , ASN (), Reverse DNS Software / Resource Hash b6f148c1210de4a432ffd555a4d27a095b5ecd5907fb97d92aa8b994c31f2e28 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language en-CA,en;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sun, 06 Mar 2022 21:37:49 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 5917 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Sun, 06 Mar 2022 21:37:49 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=7YY943x4eHMvSUN0RUlTY2h2M2RuV3dFTE45bExKTE5BbU9qMzZGeXRNbXMwWVB3TlRBSmh4T0pWemhubXQzWUNmcnBXZkd3bjJrZ2I1N3pUWjBiQXBLN1JyY3djQ0ZiMlFxVzBwZU53VkVycVgxWjFGT0t5WTBIZE1RTGhjTlhxbjUyenRCSWg4YWZFZytDWHRMSDMvYU1EZUg2cG5JaHFEV1BpT0RwdVBCdVRHVzhVT010K0RMbjhDL29ZWjdHN0tFdmVGNjEvQXNtNkNoTTBkRE9CTGhjYzdMTFhpQUx0RGR5NkhaZk5jMHhRM2hLQUdHY3BQamVrMDF6VXpRMVV1T2EwNTlyK012dkFJeEo1dkE5K3VhRkZXZz09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 2162 content-length 541 expires 0