itsafe.htmlsave.net Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request / Show response itsafe.htmlsave.net/	23 KB 17 KB	311ms 232ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itsafe.htmlsave.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 65314d67fbc525934881f3b776ae4caf1b22f6d26631def2a370a1bfe3bd0025 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status HIT cf-ray 7f8c5654a9c61c8b-FRA content-encoding br content-type text/html date Fri, 18 Aug 2023 18:49:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FH9hdoVQYxhvy5d3rquXji8aXps0Z%2F4POT%2BlBCS7A3ZbOwSIJcPxV2lw%2BLiFh6pPNvHJ%2F57jLgVLVRfsZiHz6Yta7usI5nMA0trhVLazzGQ8WkY5Yhy0tbvH7lg9RHKjWZpEZ%2BykwdXHqXEiwlCe4ooJ"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	errordocstyle.min.css cdn.statically.io/gh/savehtml/static/d6fc97f6/	3 KB 1 KB	61ms 15ms	Stylesheet text/css	2a04:4e42:400::347 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.statically.io/gh/savehtml/static/d6fc97f6/errordocstyle.min.css Requested by Host: itsafe.htmlsave.net URL: https://itsafe.htmlsave.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US), Reverse DNS Software statically / Resource Hash 976d119e7ab1569a1ce51c2262cb726e68b8ed30176d1203af1aaf0d73ecf4df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://itsafe.htmlsave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 18:49:31 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload age 1382339 x-cache HIT, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 993 x-served-by cache-sjc10020-SJC, cache-ams21071-AMS server statically etag W/"72fbb9388355850c2aa6b1e7ffc810bc6beb6a5fd60f06fbff2fe63a5d5f4d4f" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, immutable timing-allow-origin *
GET H2	200	poweredby.js Show response cdn.statically.io/gh/savehtml/static/70997bac/	25 KB 19 KB	62ms 16ms	Script application/javascript	2a04:4e42:400::347 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.statically.io/gh/savehtml/static/70997bac/poweredby.js Requested by Host: itsafe.htmlsave.net URL: https://itsafe.htmlsave.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US), Reverse DNS Software statically / Resource Hash 501b73eb7ee552e0e8667de76de0b8ab87da3a52f1cd511a8928243426860cd3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://itsafe.htmlsave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 18:49:31 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload age 2164973 x-cache HIT, HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 19539 x-served-by cache-sjc10047-SJC, cache-ams21071-AMS server statically etag W/"dc32528a4e571bea6c90112f1acb50564937d85656a42f719d39fca5d1c94205" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, immutable timing-allow-origin *
GET H2	200	agent.js Show response cdn.purpleads.io/	74 KB 22 KB	104ms 30ms	Script application/javascript	99.84.88.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.purpleads.io/agent.js?publisherId=6a0bce2f5b2bae1251d28a96a75bf7ce:b110c207974cb4795ee51a169f9dbd6735cd916418ef8c5997b2589abb2da4a4207767abc7bedcbbabe6cc7d6221fae576db33362c4ea2daf5ba3449e186bd24 Requested by Host: itsafe.htmlsave.net URL: https://itsafe.htmlsave.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.88.98 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-88-98.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash ba7fd83d0359f27975395f10fc08725fec3990cedf1a56a670e92437c2d0bff7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://itsafe.htmlsave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Thu, 17 Aug 2023 18:58:23 GMT content-encoding gzip via 1.1 ea6cdb5ba8bfb6f6aa18ec6651e5bc42.cloudfront.net (CloudFront) last-modified Fri, 07 Jul 2023 13:21:54 GMT server AmazonS3 x-amz-cf-pop MUC50-C1 age 85870 x-amz-server-side-encryption AES256 etag "b39cf26a3117a603c41cc8048c21cbb2" x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 22068 x-amz-cf-id sBWW1tMClDQOM-fWSvabL2GcoPd9c3TiLYsozuTD99_NIUzdmHQucA==
GET DATA	200 OK	truncated /	15 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9dfabd81b36cb564d08ad96da1e8166ef7a1e2666f6f773ec88a9806926dc3c5 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Type image/png
GET H2	200	/ itsafe.htmlsave.net/	15 B 0	29ms 29ms	Fetch application/json	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itsafe.htmlsave.net/ Requested by Host: itsafe.htmlsave.net URL: https://itsafe.htmlsave.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://itsafe.htmlsave.net/ ts-request-embed-key aa86fb32-065e-4708-91b6-d68b4c452b05:c32c0a9a92548fb2a4d5e7f8d220472dcb3cc0c4b54aa5bd412e3a454c3be27b accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Fri, 18 Aug 2023 18:49:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMcjRhzIaxvLoLjkC3lebYOOMNcenPqqoAi0pey9YYKZCyPqkB92VO8sky1SYTzw5tHBbOLkWYATnW%2FEB%2Bu7xd9AwM%2B6CTrAHJb0I6nVSCGmJ%2F1tVfQk1pHWTIAiHJxgruRNL0HtvU1v5%2Bv%2FTDKbBQg7"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=UTF-8 cache-control no-store cf-ray 7f8c5656ad4d1c8b-FRA alt-svc h3=":443"; ma=86400 content-length 15
GET H2	200	s.js Show response itsafe.htmlsave.net/cdn-cgi/zaraz/	5 KB 3 KB	32ms 31ms	Script text/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://itsafe.htmlsave.net/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyRXJyb3IlMjBGb3VuZCUyMiUyQyUyMnglMjIlM0EwLjgwNjMxNjc0NjQ5NDUyNzElMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRml0c2FmZS5odG1sc2F2ZS5uZXQlMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQS0xMjAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE Requested by Host: itsafe.htmlsave.net URL: https://itsafe.htmlsave.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2d738da03abc97ef4686e0e807690a686660cba0525e6b53f6429537e9594be Request headers accept-language nl-NL,nl;q=0.9 Referer https://itsafe.htmlsave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 18:49:31 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-max-age 600 vary Origin, Accept-Encoding access-control-allow-methods GET, HEAD, POST, OPTIONS access-control-allow-origin https://itsafe.htmlsave.net report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8N8hulT5klM2q4%2FvQcr5U%2BWSiWy3m32OSwxMUIFtwMWY0PfQT8opjyW2qn5AhG82uClkF9b%2B6cA1cb6rSluMiboDaiXs8xTnxOzi2BRS2hbCrWmR6OxwFF2AROsWourNenURcIGhpPakhdOzpQfMDW6b"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-credentials true cf-ray 7f8c5656ad5e1c8b-FRA access-control-allow-headers Content-Type, Set-Cookie, Cache-Control alt-svc h3=":443"; ma=86400
OPTIONS H2	200	init api.purpleads.io/x/ Frame	0 0	323ms 103ms	Preflight	44.212.112.231 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.purpleads.io/x/init?ts=1692384572019 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.212.112.231 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-212-112-231.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,x-purpleads-version,x-request-url Access-Control-Request-Method GET Origin https://itsafe.htmlsave.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization,content-type,x-purpleads-version,x-request-url access-control-allow-origin https://itsafe.htmlsave.net access-control-expose-headers pa-user-id access-control-max-age 86400 date Fri, 18 Aug 2023 18:49:32 GMT
GET H2	200	init Show response api.purpleads.io/x/	88 B 320 B	322ms 114ms	Fetch application/json	44.212.112.231 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.purpleads.io/x/init?ts=1692384572019 Requested by Host: cdn.purpleads.io URL: https://cdn.purpleads.io/agent.js?publisherId=6a0bce2f5b2bae1251d28a96a75bf7ce:b110c207974cb4795ee51a169f9dbd6735cd916418ef8c5997b2589abb2da4a4207767abc7bedcbbabe6cc7d6221fae576db33362c4ea2daf5ba3449e186bd24 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.212.112.231 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-212-112-231.compute-1.amazonaws.com Software / Resource Hash 4e9000637922548f7a2b58e2eca845f957cd1530f79aec2562bc05415b6b8f29 Request headers x-request-url aHR0cHM6Ly9pdHNhZmUuaHRtbHNhdmUubmV0Lw== accept-language nl-NL,nl;q=0.9 Authorization Bearer 6a0bce2f5b2bae1251d28a96a75bf7ce:b110c207974cb4795ee51a169f9dbd6735cd916418ef8c5997b2589abb2da4a4207767abc7bedcbbabe6cc7d6221fae576db33362c4ea2daf5ba3449e186bd24 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type application/json Accept application/json Referer https://itsafe.htmlsave.net/ x-purpleads-version 3.0.7 Response headers date Fri, 18 Aug 2023 18:49:32 GMT etag W/"58-UX/HPqs7eqasQE7FlGP5XG5nbas" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://itsafe.htmlsave.net access-control-expose-headers pa-user-id access-control-allow-credentials true content-length 88
GET DATA	200 OK	truncated /	19 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c34d76eb8c35c3608a247e4d3c95359f8e5772daefdd634b64f08bcad329411c Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Type image/png
GET H2	200	/ Show response api.purpleads.io/x/v2/b/	3 KB 2 KB	313ms 122ms	Fetch application/json	44.212.112.231 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.purpleads.io/x/v2/b/?idx=0&pid=d28c1d294ad94ca886c4a20ece6038d0&sizes=[[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=58a0b8d8-7a62-41e6-9d5e-96a62db5e610&ts=1692384572224 Requested by Host: cdn.purpleads.io URL: https://cdn.purpleads.io/agent.js?publisherId=6a0bce2f5b2bae1251d28a96a75bf7ce:b110c207974cb4795ee51a169f9dbd6735cd916418ef8c5997b2589abb2da4a4207767abc7bedcbbabe6cc7d6221fae576db33362c4ea2daf5ba3449e186bd24 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.212.112.231 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-212-112-231.compute-1.amazonaws.com Software / Resource Hash d7489efd8884c5bc79b93477ceb72197cb3ed564d48b4352ce4f13e7ca1c097b Request headers x-request-url aHR0cHM6Ly9pdHNhZmUuaHRtbHNhdmUubmV0Lw== accept-language nl-NL,nl;q=0.9 Authorization Bearer 6a0bce2f5b2bae1251d28a96a75bf7ce:b110c207974cb4795ee51a169f9dbd6735cd916418ef8c5997b2589abb2da4a4207767abc7bedcbbabe6cc7d6221fae576db33362c4ea2daf5ba3449e186bd24 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type application/json Accept application/json Referer https://itsafe.htmlsave.net/ x-purpleads-version 3.0.7 Response headers date Fri, 18 Aug 2023 18:49:32 GMT content-encoding br pa-user-id 02bffc15-3ff5-4f64-80ff-7b25f6c83e3b etag W/"cf7-t1v4LFs9LWJzcY+Hpn72GHjd3WQ" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://itsafe.htmlsave.net access-control-expose-headers pa-user-id access-control-allow-credentials true
OPTIONS H2	200	/ api.purpleads.io/x/v2/b/ Frame	0 0	135ms 121ms	Preflight	44.212.112.231 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.purpleads.io/x/v2/b/?idx=0&pid=d28c1d294ad94ca886c4a20ece6038d0&sizes=[[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=58a0b8d8-7a62-41e6-9d5e-96a62db5e610&ts=1692384572224 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.212.112.231 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-212-112-231.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,x-purpleads-version,x-request-url Access-Control-Request-Method GET Origin https://itsafe.htmlsave.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization,content-type,x-purpleads-version,x-request-url access-control-allow-origin https://itsafe.htmlsave.net access-control-expose-headers pa-user-id access-control-max-age 86400 date Fri, 18 Aug 2023 18:49:32 GMT
GET H2	200	prebid-2023-07-11.js Show response cdn.prplads.com/ Frame 874C	302 KB 94 KB	112ms 37ms	Script application/javascript	2606:4700:20::681a:233 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prplads.com/prebid-2023-07-11.js Requested by Host: cdn.purpleads.io URL: https://cdn.purpleads.io/agent.js?publisherId=6a0bce2f5b2bae1251d28a96a75bf7ce:b110c207974cb4795ee51a169f9dbd6735cd916418ef8c5997b2589abb2da4a4207767abc7bedcbbabe6cc7d6221fae576db33362c4ea2daf5ba3449e186bd24 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:233 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b8fb895962712e34e648aeba89eb9c8651ae83a67bba8c6a753a036311615be Request headers accept-language nl-NL,nl;q=0.9 Referer https://itsafe.htmlsave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 18:49:32 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 8X9JHBSTWC4AMJAW age 123654 cf-polished origSize=309911 x-amz-id-2 RRIpT/KyRgkp4okjjhe9Qb42nZmt0gBc8o11FsJAolntrBZdGJbg7H8VM093z5L6wf2wj4w6hmg= cf-bgj minify last-modified Tue, 11 Jul 2023 08:48:49 GMT server cloudflare etag W/"5ebcd954e9429fcb6ba235104d6a1bbc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEecHpaOdwRMsn8puHMexqA%2B6YOg%2B8IDZEQqilZsc4dP7RGuIjj1rh80LUmu5NC%2Fx9TJjR2y976t%2BsAyv88B4Q8BtSBClUAZr4OcVAoKOemF%2Fj2ksssqWOoJf7qxctWJZRYBriXKElzWL7nVpQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1209600 cf-ray 7f8c565c2ff739e6-FRA
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 874C	2 KB 1 KB	73ms 29ms	XHR application/json	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230818 Requested by Host: cdn.prplads.com URL: https://cdn.prplads.com/prebid-2023-07-11.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7c623284d9d62c3fae552e4c6824bc2548e7e7ca693553629b4c5b6155618c8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://itsafe.htmlsave.net/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type text/plain Response headers date Fri, 18 Aug 2023 18:49:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 10123 x-jsd-version 1.0.1785 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230103-FRA, cache-jnb7027-JNB x-jsd-version-type version server cloudflare etag W/"63b-dTSWbFcYmn4sfMuzzQwuxMTgBzo" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTyXezpXeeCgkxjk17hB007DqOseOMggiaW%2FRO0ja63GFububy6btX1d5DAu5fQ9Tv%2Fnxac7HL2H1Qhjutc90ExWPLsX6KNGFXumjV%2Bzc5MYsSrwa0TJAE%2BT8ZNgeN9bvBy4XhA7JzZf8DgdXrs%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 7f8c565d2d24bbeb-FRA
GET H/1.1	200 OK	localstore.js Show response script.4dex.io/ Frame 874C	4 KB 2 KB	87ms 26ms	Script application/javascript	2606:4700:20::681a:8a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/localstore.js Requested by Host: cdn.prplads.com URL: https://cdn.prplads.com/prebid-2023-07-11.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc Request headers accept-language nl-NL,nl;q=0.9 Referer https://itsafe.htmlsave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Fri, 18 Aug 2023 18:49:33 GMT Content-Encoding br CF-Cache-Status HIT Last-Modified Fri, 11 Aug 2023 11:58:31 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 629418 ETag W/"7a2ddf8932b862ed5d75aa7b27e3f8c1" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSfhZUSOL%2BaTi3UGQAujs8Vs3iW6PyaP%2FVlixLh4ym%2FUROX2INZ6kVr93Gp1dcI1eAypdGf1ahWdvhfsf5ey9URYfWQVe7Dgy%2FDQt6ktu6YU83BSaNABVJ6E6D7qbDNvOoB%2F%2Fk35DSzhtjzl"}],"group":"cf-nel","max_age":604800} Cache-Control public, max-age=1800 Connection keep-alive CF-RAY 7f8c565d4b9d90ec-FRA
POST H2	204	c Show response prebid.a-mo.net/a/ Frame 874C	0 172 B	61ms 14ms	XHR text/plain	145.40.97.66 PACKET
General Check archive.org Show headers Download Go to Full URL https://prebid.a-mo.net/a/c Requested by Host: cdn.prplads.com URL: https://cdn.prplads.com/prebid-2023-07-11.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://itsafe.htmlsave.net/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type text/plain Response headers x-nbr 1 date Fri, 18 Aug 2023 18:49:32 GMT server envoy vary origin, Accept-Encoding access-control-allow-origin https://itsafe.htmlsave.net cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 0
POST H2	204	2365503 Show response bs.yandex.ru/metadsp/ Frame 874C	0 353 B	214ms 88ms	XHR application/json	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://bs.yandex.ru/metadsp/2365503?imp-id=1&target-ref=itsafe.htmlsave.net&ssp-id=10500 Requested by Host: cdn.prplads.com URL: https://cdn.prplads.com/prebid-2023-07-11.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://itsafe.htmlsave.net/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 18 Aug 2023 18:49:33 GMT last-modified Fri, 18 Aug 2023 18:49:33 GMT x-yandex-req-id 1692384573103478-469047176336985110100340-production-app-host-vla-pcode-381 uniformat true p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-allow-origin https://itsafe.htmlsave.net content-type application/json; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true uniformat-product-type None expires Fri, 18 Aug 2023 18:49:33 GMT
POST H2	200	adreq Show response ads.servenobid.com/ Frame 874C	537 B 599 B	106ms 33ms	XHR application/json	52.208.74.155 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.servenobid.com/adreq?cb=9998 Requested by Host: cdn.prplads.com URL: https://cdn.prplads.com/prebid-2023-07-11.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.74.155 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-74-155.eu-west-1.compute.amazonaws.com Software / Resource Hash 71a8aa4c7b3a8a46b0d3a3c5852c3870056a878eca019f2733e3a170c2563ed3 Request headers Referer https://itsafe.htmlsave.net/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type text/plain Response headers date Fri, 18 Aug 2023 18:49:33 GMT content-encoding gzip amp-access-control-allow-source-origin * vary accept-encoding content-type application/json access-control-allow-origin https://itsafe.htmlsave.net access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true
POST H2	200	hb-mm-multi Show response hb.minutemedia-prebid.com/ Frame 874C	105 B 454 B	124ms 36ms	XHR application/json	52.215.201.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hb.minutemedia-prebid.com/hb-mm-multi Requested by Host: cdn.prplads.com URL: https://cdn.prplads.com/prebid-2023-07-11.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.215.201.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-201-128.eu-west-1.compute.amazonaws.com Software istio-envoy / Resource Hash 40a1becae8d4c993eedef67039b22e70abd2b9bb32b1a53ba9a36be260592280 Request headers Referer https://itsafe.htmlsave.net/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type text/plain Response headers date Fri, 18 Aug 2023 18:49:33 GMT server istio-envoy x-reason maxmind hosting provider access-control-allow-methods GET, OPTIONS access-control-allow-origin https://itsafe.htmlsave.net content-type application/json access-control-allow-credentials true x-envoy-upstream-service-time 4 access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With content-length 105
POST H/1.1	204 No Content	/ Show response b1h-euc1.zemanta.com/api/bidder/prebid/bid/ Frame 874C	0 149 B	65ms 13ms	XHR text/plain	213.227.153.224 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/ Requested by Host: cdn.prplads.com URL: https://cdn.prplads.com/prebid-2023-07-11.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.227.153.224 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://itsafe.htmlsave.net/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type text/plain Response headers Connection keep-alive Access-Control-Allow-Origin https://itsafe.htmlsave.net Access-Control-Allow-Credentials true
POST H2	200	v1 Show response hb-api.omnitagjs.com/hb-api/prebid/ Frame 874C	180 B 531 B	243ms 186ms	XHR application/json	185.255.84.151 IGUANE-
General Check archive.org Show headers Download Go to Full URL https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fitsafe.htmlsave.net%2F&PageUrl=https%3A%2F%2Fitsafe.htmlsave.net%2F&PageReferrer=https%3A%2F%2Fitsafe.htmlsave.net%2F Requested by Host: cdn.prplads.com URL: https://cdn.prplads.com/prebid-2023-07-11.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.255.84.151 , France, ASN200271 (IGUANE-, FR), Reverse DNS Software ayl-lb-fra02 / Resource Hash 74efa46bd7fc1f38314a38f92585141ed213d6a34c0272b0ac3a7ea751972886 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://itsafe.htmlsave.net/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 18 Aug 2023 18:49:32 GMT x-content-type-options nosniff server ayl-lb-fra02 access-control-max-age 3600 access-control-allow-methods OPTIONS, POST content-type application/json; charset=utf-8 access-control-allow-origin https://itsafe.htmlsave.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 162 vary Accept-Encoding access-control-allow-headers Accept-Encoding, Content-Type content-length 180 expires 0
POST H2	200	prebid Show response mp.4dex.io/ Frame 874C	60 B 534 B	110ms 44ms	XHR application/json	2606:4700::6812:372 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mp.4dex.io/prebid Requested by Host: cdn.prplads.com URL: https://cdn.prplads.com/prebid-2023-07-11.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39 Request headers Referer https://itsafe.htmlsave.net/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type text/plain Response headers x-version 3.0.0-gcp-ams date Fri, 18 Aug 2023 18:49:33 GMT x-err Shapings: no adunits with size and seat and mapping via 1.1 google cf-cache-status DYNAMIC content-encoding gzip x-warn Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263 pragma no-cache server cloudflare vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://itsafe.htmlsave.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 7f8c565d7af64d9d-FRA expires 0
POST H2	200	prebid-request Show response onetag-sys.com/ Frame 874C	15 B 367 B	74ms 23ms	XHR application/json	51.75.86.98 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: cdn.prplads.com URL: https://cdn.prplads.com/prebid-2023-07-11.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.75.86.98 , France, ASN16276 (OVH, FR), Reverse DNS ip98.ip-51-75-86.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://itsafe.htmlsave.net/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip content-type application/json access-control-allow-origin https://itsafe.htmlsave.net p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' cache-control no-transform, no-cache access-control-allow-credentials true access-control-allow-headers content-type, origin, referer, user-agent content-length 41
GET H2	200	script.js Show response cadmus.script.ac/dahhc4ozyvjm6/	3 B 432 B	89ms 26ms	Script application/javascript	2606:4700::6812:1691 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cadmus.script.ac/dahhc4ozyvjm6/script.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860 Request headers accept-language nl-NL,nl;q=0.9 Referer https://itsafe.htmlsave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 18:49:33 GMT last-modified Thu, 17 Aug 2023 17:39:09 GMT server cloudflare age 0 etag W/"122bf353368c994af4b4828f915140a379345522" vary Accept-Encoding content-type application/javascript cache-control public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400 cf-ray 7f8c565ddf0891f0-FRA content-length 3
GET H/1.1	200 OK	adagio.js Show response script.4dex.io/ Frame 874C	75 KB 24 KB	166ms 125ms	Fetch application/javascript	2606:4700:20::681a:8a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/adagio.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f Request headers accept-language nl-NL,nl;q=0.9 Referer https://itsafe.htmlsave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Fri, 18 Aug 2023 18:49:33 GMT Content-Encoding br CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive Last-Modified Fri, 11 Aug 2023 11:58:31 GMT Server cloudflare ETag W/"9d36e722f929b1726cf2a9cba00af489" Vary Origin, Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbb7TYutZc9LTnAXVJ1CoCg3aWjRCGbUbcU7TgzVpmCZWC%2F%2FV4%2FZUUxWfGSN8LihCAFycBR%2BAdm7I1bMeS8Q%2BIQ6B3MChIS6hkdADZoRTeidqIIZHiuO6InejoZ5YKTlJIY15KVrIc5Q1Ntt"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers Cache-Control public, max-age=1800 CF-RAY 7f8c565db94492b9-FRA
GET H2	200	/ Show response api.purpleads.io/x/v2/b/	2 KB 1 KB	315ms 315ms	Fetch application/json	44.212.112.231 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.purpleads.io/x/v2/b/?idx=1&pid=d28c1d294ad94ca886c4a20ece6038d0&sizes=[[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=58a0b8d8-7a62-41e6-9d5e-96a62db5e610&demand=unifiedPb&ts=1692384573219 Requested by Host: cdn.purpleads.io URL: https://cdn.purpleads.io/agent.js?publisherId=6a0bce2f5b2bae1251d28a96a75bf7ce:b110c207974cb4795ee51a169f9dbd6735cd916418ef8c5997b2589abb2da4a4207767abc7bedcbbabe6cc7d6221fae576db33362c4ea2daf5ba3449e186bd24 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.212.112.231 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-212-112-231.compute-1.amazonaws.com Software / Resource Hash 121c50e62bceb672db83881821b2d2503f43ef76d26d8e3965848752f34e9a95 Request headers accept-language nl-NL,nl;q=0.9 x-request-url aHR0cHM6Ly9pdHNhZmUuaHRtbHNhdmUubmV0Lw== pa-user-id 02bffc15-3ff5-4f64-80ff-7b25f6c83e3b Authorization Bearer 6a0bce2f5b2bae1251d28a96a75bf7ce:b110c207974cb4795ee51a169f9dbd6735cd916418ef8c5997b2589abb2da4a4207767abc7bedcbbabe6cc7d6221fae576db33362c4ea2daf5ba3449e186bd24 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type application/json Accept application/json Referer https://itsafe.htmlsave.net/ x-purpleads-version 3.0.7 Response headers date Fri, 18 Aug 2023 18:49:33 GMT content-encoding br etag W/"674-ekQor4VWZhfOkeDO/5xiZA+r2t4" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://itsafe.htmlsave.net access-control-expose-headers pa-user-id access-control-allow-credentials true
OPTIONS H2	200	/ api.purpleads.io/x/v2/b/ Frame	0 0	103ms 103ms	Preflight	44.212.112.231 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.purpleads.io/x/v2/b/?idx=1&pid=d28c1d294ad94ca886c4a20ece6038d0&sizes=[[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=58a0b8d8-7a62-41e6-9d5e-96a62db5e610&demand=unifiedPb&ts=1692384573219 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.212.112.231 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-212-112-231.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,pa-user-id,x-purpleads-version,x-request-url Access-Control-Request-Method GET Origin https://itsafe.htmlsave.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization,content-type,pa-user-id,x-purpleads-version,x-request-url access-control-allow-origin https://itsafe.htmlsave.net access-control-expose-headers pa-user-id access-control-max-age 86400 date Fri, 18 Aug 2023 18:49:33 GMT
OPTIONS H2	200	i api.purpleads.io/x/a/35feb8d3cdb8e3794071c19419498afa:d7f00e911c68633886a57fd2e40628d40586603decb97285dbea04d7f3fff7b7eec19a631b06262bf2b2aee2c10f8b817fd9620e427ed8b3a2e3ed28798bd86c59a44500818fe07... Frame	0 0	106ms 105ms	Preflight	44.212.112.231 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.purpleads.io/x/a/35feb8d3cdb8e3794071c19419498afa:d7f00e911c68633886a57fd2e40628d40586603decb97285dbea04d7f3fff7b7eec19a631b06262bf2b2aee2c10f8b817fd9620e427ed8b3a2e3ed28798bd86c59a44500818fe079db80b9de96206aff8f398ec6612b9bdb7431b50b4bdc34f01cf9a79328fc3a4ee9c43f3b4e9c71b930f6579476abc8ef257cd9717770501a202f03ba7000f480b5462822ffc65582/i?id=788b68b7-3df1-4eaa-a2fc-12404cafcd74&ts=1692384573696 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.212.112.231 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-212-112-231.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,pa-user-id,x-purpleads-version,x-request-url Access-Control-Request-Method GET Origin https://itsafe.htmlsave.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization,content-type,pa-user-id,x-purpleads-version,x-request-url access-control-allow-origin https://itsafe.htmlsave.net access-control-expose-headers pa-user-id access-control-max-age 86400 date Fri, 18 Aug 2023 18:49:33 GMT
GET H2	200	i Show response api.purpleads.io/x/a/35feb8d3cdb8e3794071c19419498afa:d7f00e911c68633886a57fd2e40628d40586603decb97285dbea04d7f3fff7b7eec19a631b06262bf2b2aee2c10f8b817fd9620e427ed8b3a2e3ed28798bd86c59a44500818fe07...	15 B 245 B	118ms 117ms	Fetch application/json	44.212.112.231 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.purpleads.io/x/a/35feb8d3cdb8e3794071c19419498afa:d7f00e911c68633886a57fd2e40628d40586603decb97285dbea04d7f3fff7b7eec19a631b06262bf2b2aee2c10f8b817fd9620e427ed8b3a2e3ed28798bd86c59a44500818fe079db80b9de96206aff8f398ec6612b9bdb7431b50b4bdc34f01cf9a79328fc3a4ee9c43f3b4e9c71b930f6579476abc8ef257cd9717770501a202f03ba7000f480b5462822ffc65582/i?id=788b68b7-3df1-4eaa-a2fc-12404cafcd74&ts=1692384573696 Requested by Host: cdn.purpleads.io URL: https://cdn.purpleads.io/agent.js?publisherId=6a0bce2f5b2bae1251d28a96a75bf7ce:b110c207974cb4795ee51a169f9dbd6735cd916418ef8c5997b2589abb2da4a4207767abc7bedcbbabe6cc7d6221fae576db33362c4ea2daf5ba3449e186bd24 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.212.112.231 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-212-112-231.compute-1.amazonaws.com Software / Resource Hash 8063e5a51719c58189c7d5209a5f37b34d14764198145a3f84bfd11c062f11d2 Request headers accept-language nl-NL,nl;q=0.9 x-request-url aHR0cHM6Ly9pdHNhZmUuaHRtbHNhdmUubmV0Lw== pa-user-id 02bffc15-3ff5-4f64-80ff-7b25f6c83e3b Authorization Bearer 6a0bce2f5b2bae1251d28a96a75bf7ce:b110c207974cb4795ee51a169f9dbd6735cd916418ef8c5997b2589abb2da4a4207767abc7bedcbbabe6cc7d6221fae576db33362c4ea2daf5ba3449e186bd24 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type application/json Accept application/json Referer https://itsafe.htmlsave.net/ x-purpleads-version 3.0.7 Response headers date Fri, 18 Aug 2023 18:49:33 GMT etag W/"f-lWSD52foMX4qLT82tweJE091S9Q" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://itsafe.htmlsave.net access-control-expose-headers pa-user-id access-control-allow-credentials true content-length 15
GET H2	200	eyJpdSI6IjNhOGY4NmI4Nzc2ZmM0Nzg0ZjY2MjAzODNmNTFhNWMzZGRkOTE4MmQ2MTNhMWViYzgxNGNjM2RlN2QyYjE2MjQiLCJ3Ijo1MDAsImgiOjM3NSwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp images.outbrainimg.com/transform/v3/ Frame 7873	16 KB 16 KB	85ms 23ms	Image image/webp	23.35.229.181 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNhOGY4NmI4Nzc2ZmM0Nzg0ZjY2MjAzODNmNTFhNWMzZGRkOTE4MmQ2MTNhMWViYzgxNGNjM2RlN2QyYjE2MjQiLCJ3Ijo1MDAsImgiOjM3NSwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp Requested by Host: itsafe.htmlsave.net URL: https://itsafe.htmlsave.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-229-181.deploy.static.akamaitechnologies.com Software / Resource Hash 54e4af49d4f0886afa2785c172ef52d4a292528586951e85f65e132be7a815b8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://itsafe.htmlsave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 18:49:33 GMT last-modified Thu, 27 Jul 2023 07:26:20 GMT access-control-allow-methods GET,POST content-type image/webp access-control-allow-origin * cache-control max-age=1572904 access-control-allow-credentials false x-traceid 73a9842956363380f1c65c398238e182 timing-allow-origin *, * content-length 15982
GET H2	204	i api.purpleads.io/x/a/35feb8d3cdb8e3794071c19419498afa:d7f00e911c68633886a57fd2e40628d40586603decb97285dbea04d7f3fff7b7eec19a631b06262bf2b2aee2c10f8b817fd9620e427ed8b3a2e3ed28798bd86c59a44500818fe07... Frame 7873	0 126 B	107ms 106ms	Image text/plain	44.212.112.231 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://api.purpleads.io/x/a/35feb8d3cdb8e3794071c19419498afa:d7f00e911c68633886a57fd2e40628d40586603decb97285dbea04d7f3fff7b7eec19a631b06262bf2b2aee2c10f8b817fd9620e427ed8b3a2e3ed28798bd86c59a44500818fe079db80b9de96206aff8f398ec6612b9bdb7431b50b4bdc34f01cf9a79328fc3a4ee9c43f3b4e9c71b930f6579476abc8ef257cd9717770501a202f03ba7000f480b5462822ffc65582/i?id=788b68b7-3df1-4eaa-a2fc-12404cafcd74 Requested by Host: itsafe.htmlsave.net URL: https://itsafe.htmlsave.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.212.112.231 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-212-112-231.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://itsafe.htmlsave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers access-control-allow-origin api.purpleads.io date Fri, 18 Aug 2023 18:49:33 GMT access-control-expose-headers pa-user-id access-control-allow-credentials true
GET H/1.1	200 OK	widgetGlobalEvent log.outbrainimg.com/loggerServices/ Frame 7873	4 B 325 B	371ms 87ms	Image application/json	64.202.112.63 SERVERCENTRAL
General Check archive.org Show headers Download Go to Show image Full URL https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=a294515a3ba2bffe9ce7d72e3bfecac1&pvId=a294515a3ba2bffe9ce7d72e3bfecac1&sid=8093021&pid=45718&idx=1&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent Requested by Host: itsafe.htmlsave.net URL: https://itsafe.htmlsave.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://itsafe.htmlsave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Pragma no-cache Date Fri, 18 Aug 2023 18:49:34 GMT Access-Control-Allow-Methods GET,POST Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate X-TraceId 56dfdbcd4825c482f4d1b2ad84c5f336 Content-Length 4 Expires 0
GET H/1.1	200 OK	log-viewability log.outbrainimg.com/loggerServices/ Frame 7873	4 B 325 B	371ms 87ms	Image application/json	64.202.112.63 SERVERCENTRAL
General Check archive.org Show headers Download Go to Show image Full URL https://log.outbrainimg.com/loggerServices/log-viewability?requestId=a294515a3ba2bffe9ce7d72e3bfecac1&position=0 Requested by Host: itsafe.htmlsave.net URL: https://itsafe.htmlsave.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://itsafe.htmlsave.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Pragma no-cache Date Fri, 18 Aug 2023 18:49:34 GMT Access-Control-Allow-Methods GET,POST Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate X-TraceId 0d95e3ecdcb22c68c8d3f1f0b0e7f0a1 Content-Length 4 Expires 0

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| zarazData object| zaraz object| dataLayer object| _0x1056 function| _0x3893 boolean| _purpleAdsDisplayInit object| globalSlots string| purpleadsInstanceId object| purpleadsAgent object| ADAGIO object| _ADAGIO

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.htmlsave.net/	1970-01-20 23:42:24	Name: google-analytics_v4_JVdd__engagementStart Value: 1692384571956
			.htmlsave.net/	1970-01-20 23:42:24	Name: google-analytics_v4_JVdd__counter Value: 1
			.htmlsave.net/	1970-01-20 14:06:26	Name: google-analytics_v4_JVdd__ga4sid Value: 1919332358
			.htmlsave.net/	1970-01-20 23:42:24	Name: google-analytics_v4_JVdd__session_counter Value: 1
			.htmlsave.net/	1970-01-20 23:42:24	Name: google-analytics_v4_JVdd__ga4 Value: 88563452-01e7-4b39-8444-2f68a56be5d5
			.htmlsave.net/	1970-01-20 23:42:24	Name: google-analytics_v4_JVdd__let Value: 1692384571956
			.script.ac/	1970-01-20 14:06:26	Name: __cf_bm Value: HLCo4aM4DUuysHQjnrlflyIGTqc0y2500htNJfYnVbQ-1692384573-0-Ad4Q4oXlPG1OtqEzc568GHcMV1DMWt6ldsspPATr4+3Wtv4w7IcVRWlHWsZh8BUDOUzNJodu+w4t4ZMYaN/LsaA=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://itsafe.htmlsave.net/ Message: Failed to load resource: the server responded with a status of 404 ()
deprecation	warning	URL: https://script.4dex.io/localstore.js Message: Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.servenobid.com
api.purpleads.io
b1h-euc1.zemanta.com
bs.yandex.ru
cadmus.script.ac
cdn.jsdelivr.net
cdn.prplads.com
cdn.purpleads.io
cdn.statically.io
hb-api.omnitagjs.com
hb.minutemedia-prebid.com
images.outbrainimg.com
itsafe.htmlsave.net
log.outbrainimg.com
mp.4dex.io
onetag-sys.com
prebid.a-mo.net
script.4dex.io
145.40.97.66
185.255.84.151
213.227.153.224
23.35.229.181
2606:4700:20::681a:233
2606:4700:20::681a:8a9
2606:4700::6810:5814
2606:4700::6812:1691
2606:4700::6812:372
2a02:6b8::90
2a04:4e42:400::347
2a06:98c1:3121::3
44.212.112.231
51.75.86.98
52.208.74.155
52.215.201.128
64.202.112.63
99.84.88.98
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
121c50e62bceb672db83881821b2d2503f43ef76d26d8e3965848752f34e9a95
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc
40a1becae8d4c993eedef67039b22e70abd2b9bb32b1a53ba9a36be260592280
4e9000637922548f7a2b58e2eca845f957cd1530f79aec2562bc05415b6b8f29
501b73eb7ee552e0e8667de76de0b8ab87da3a52f1cd511a8928243426860cd3
54e4af49d4f0886afa2785c172ef52d4a292528586951e85f65e132be7a815b8
65314d67fbc525934881f3b776ae4caf1b22f6d26631def2a370a1bfe3bd0025
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
71a8aa4c7b3a8a46b0d3a3c5852c3870056a878eca019f2733e3a170c2563ed3
74efa46bd7fc1f38314a38f92585141ed213d6a34c0272b0ac3a7ea751972886
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
8063e5a51719c58189c7d5209a5f37b34d14764198145a3f84bfd11c062f11d2
976d119e7ab1569a1ce51c2262cb726e68b8ed30176d1203af1aaf0d73ecf4df
9b8fb895962712e34e648aeba89eb9c8651ae83a67bba8c6a753a036311615be
9dfabd81b36cb564d08ad96da1e8166ef7a1e2666f6f773ec88a9806926dc3c5
ba7fd83d0359f27975395f10fc08725fec3990cedf1a56a670e92437c2d0bff7
c2d738da03abc97ef4686e0e807690a686660cba0525e6b53f6429537e9594be
c34d76eb8c35c3608a247e4d3c95359f8e5772daefdd634b64f08bcad329411c
d7489efd8884c5bc79b93477ceb72197cb3ed564d48b4352ce4f13e7ca1c097b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7c623284d9d62c3fae552e4c6824bc2548e7e7ca693553629b4c5b6155618c8