saveig.org Open in urlscan Pro
2606:4700:20::681a:8a6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ord.yahoo.co.jp/o/image/RV=1/RE=1573811624/RH=b3JkLnlhaG9vLmNvLmpw/RB=/RU=aHR0cHM6Ly9zYXZlaWcuY29tL3AvQnk2bjRac0...
Effective URL:
https://saveig.org/p/By6n4ZsAcO5/
Submission: On November 15 via manual (November 15th 2019, 12:59:36 am UTC) from JP

Summary HTTP 86 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 7 countries across 19 domains to perform 86 HTTP transactions. The main IP is 2606:4700:20::681a:8a6, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is saveig.org.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 6th 2019. Valid for: a year.

This is the only time saveig.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	183.79.250.123 183.79.250.123	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
1 1	2606:4700:30:... 2606:4700:30::681b:8fe5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6	2606:4700:20:... 2606:4700:20::681a:8a6	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2a03:2880:f21... 2a03:2880:f212:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2606:4700::68... 2606:4700::6811:553b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	194.187.98.192 194.187.98.192	35415 (WEBZILLA) (WEBZILLA)
2	88.85.82.189 88.85.82.189	35415 (WEBZILLA) (WEBZILLA)
9	104.20.253.85 104.20.253.85	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
10	2606:4700:30:... 2606:4700:30::6812:2a06	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	188.72.202.173 188.72.202.173	35415 (WEBZILLA) (WEBZILLA)
8	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
8	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:825::2006	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
11	51.79.72.196 51.79.72.196	16276 (OVH) (OVH)
2	185.33.223.202 185.33.223.202	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2	2600:9000:215... 2600:9000:2156:1c00:1f:87f6:37c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	34.198.86.158 34.198.86.158	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
86	20

1 183.79.250.123 (Japan) 1 redirects

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

ord.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:8fe5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

saveig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:8a6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

saveig.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f212:c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

scontent-lga3-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:553b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 194.187.98.192 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 194.187.98.192.webazilla.com

pushlaram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.85.82.189 (Netherlands)

ASN35415 (WEBZILLA, NL)

deloplen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.20.253.85 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3014.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:30::6812:2a06 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.72.202.173 (Netherlands)

ASN35415 (WEBZILLA, NL)

tharbadir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 51.79.72.196 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns567732.ip-51-79-72.net

s.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.202 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 318.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:1c00:1f:87f6:37c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

player-cdn.beachfrontmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.198.86.158 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-198-86-158.compute-1.amazonaws.com

useast.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	vdo.ai a.vdo.ai track.vdo.ai s.vdo.ai	3 MB
9	infolinks.com resources.infolinks.com router.infolinks.com rt3014.infolinks.com	265 KB
8	googleapis.com imasdk.googleapis.com	305 KB
8	google-analytics.com www.google-analytics.com	18 KB
6	saveig.org saveig.org	18 KB
5	pushlaram.com pushlaram.com	42 KB
4	cdninstagram.com scontent-lga3-1.cdninstagram.com	5 KB
3	adnxs.com ib.adnxs.com acdn.adnxs.com	2 KB
3	google.com adservice.google.com	513 B
3	2mdn.net s0.2mdn.net	31 KB
3	tharbadir.com tharbadir.com	103 KB
2	bfmio.com useast.bfmio.com	5 KB
2	beachfrontmedia.com player-cdn.beachfrontmedia.com	70 KB
2	deloplen.com deloplen.com	34 KB
2	cloudflare.com cdnjs.cloudflare.com	60 KB
1	googletagmanager.com www.googletagmanager.com	27 KB
1	gstatic.com fonts.gstatic.com	11 KB
1	saveig.com 1 redirects saveig.com	322 B
1	yahoo.co.jp 1 redirects ord.yahoo.co.jp	608 B
86	19

	Domain	Requested by
11	s.vdo.ai	a.vdo.ai
8	imasdk.googleapis.com	a.vdo.ai imasdk.googleapis.com player-cdn.beachfrontmedia.com
8	www.google-analytics.com	saveig.org
6	saveig.org	saveig.org cdnjs.cloudflare.com pushlaram.com
5	track.vdo.ai	saveig.org
5	a.vdo.ai	saveig.org a.vdo.ai
5	pushlaram.com	saveig.org pushlaram.com
4	resources.infolinks.com	saveig.org
4	scontent-lga3-1.cdninstagram.com	saveig.org
3	rt3014.infolinks.com	resources.infolinks.com
3	adservice.google.com	imasdk.googleapis.com
3	s0.2mdn.net	imasdk.googleapis.com
3	tharbadir.com	deloplen.com tharbadir.com
2	useast.bfmio.com	player-cdn.beachfrontmedia.com
2	player-cdn.beachfrontmedia.com	imasdk.googleapis.com
2	ib.adnxs.com	a.vdo.ai
2	router.infolinks.com	resources.infolinks.com saveig.org
2	deloplen.com	saveig.org deloplen.com
2	cdnjs.cloudflare.com	saveig.org
1	acdn.adnxs.com	a.vdo.ai
1	www.googletagmanager.com	a.vdo.ai
1	fonts.gstatic.com	saveig.org
1	saveig.com	1 redirects
1	ord.yahoo.co.jp	1 redirects
86	24

This site contains links to these domains. Also see Links.

Domain
scontent-lga3-1.cdninstagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-10-06` - `2020-10-05`	a year	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2019-10-09` - `2020-01-07`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
pushlaram.com Let's Encrypt Authority X3	`2019-09-04` - `2019-12-03`	3 months	crt.sh
deloplen.com Let's Encrypt Authority X3	`2019-09-13` - `2019-12-12`	3 months	crt.sh
ssl902972.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-08` - `2020-04-15`	6 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
tharbadir.com Let's Encrypt Authority X3	`2019-09-11` - `2019-12-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2019-10-15` - `2021-10-15`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.beachfrontmedia.com Amazon	`2019-08-06` - `2020-09-06`	a year	crt.sh
*.bfmio.com Amazon	`2019-07-12` - `2020-08-12`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2019-04-23` - `2020-02-19`	10 months	crt.sh

This page contains 9 frames:

Primary Page: https://saveig.org/p/By6n4ZsAcO5/
Frame ID: 4F50AC5BC22D7C8EDF6364946B38818C
Requests: 76 HTTP requests in this frame

Frame: https://deloplen.com/fac.php
Frame ID: B216F247FC409E7036C0FAAA5F8F50F9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.351.1_en.html
Frame ID: BF95AB8847B46152585D27F85DE14D2D
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage
Frame ID: C277877F9725BD819F4AC01773C123B6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 0FB004856B01A5A179D5FBA955ED4DD2
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.351.1_en.html
Frame ID: C10AF6123DAB6386AD34F52C5C8623A6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: B57E7109BE6B05CE0460780E8D3E4781
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 3EEF0733A48C2FA644A5D3D1EC2D2825
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.351.1_en.html
Frame ID: 3075F9C72E8BECC3637942B2395B6520
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ord.yahoo.co.jp/o/image/RV=1/RE=1573811624/RH=b3JkLnlhaG9vLmNvLmpw/RB=/RU=aHR0cHM6Ly9zYXZlaW... HTTP 302
https://saveig.com/p/By6n4ZsAcO5/ HTTP 301
https://saveig.org/p/By6n4ZsAcO5/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

86
Requests

97 %
HTTPS

57 %
IPv6

19
Domains

24
Subdomains

20
IPs

7
Countries

3865 kB
Transfer

6885 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://scontent-lga3-1.cdninstagram.com/vp/819497a4ce332c816361f6d78895581d/5DD02DFF/t50.2886-16/64987480_2255580441226212_2311785500194635776_n.mp4?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=100&dl=1
Title: Download

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ord.yahoo.co.jp/o/image/RV=1/RE=1573811624/RH=b3JkLnlhaG9vLmNvLmpw/RB=/RU=aHR0cHM6Ly9zYXZlaWcuY29tL3AvQnk2bjRac0FjTzUv/RS=%5EADBOrJkarWKjeK8tRBCFJn6F4xk6Tc-;_ylc=X3IDMgRmc3QDMARpZHgDMARvaWQDQU5kOUdjU1ZxRkJfTk9nN2EwTXZ1QmJibUtYMUhXcTFoRV9HV1ZpNjJHaWhYTDBsTE9hQ3VsOEJoX2s5RHllWE53BHADNDRLazQ0T3I0NE9KNDRPVjQ0T3A0NE96NDRLNUlPT0RuLk9EaS5PRGx1T0RxdU9Edk9LQWxRLS0EcG9zAzM3BHNlYwNzaHcEc2xrA3Jy HTTP 302
https://saveig.com/p/By6n4ZsAcO5/ HTTP 301
https://saveig.org/p/By6n4ZsAcO5/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

86 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
saveig.org/p/By6n4ZsAcO5/
Redirect Chain

http://ord.yahoo.co.jp/o/image/RV=1/RE=1573811624/RH=b3JkLnlhaG9vLmNvLmpw/RB=/RU=aHR0cHM6Ly9zYXZlaWcuY29tL3AvQnk2bjRac0FjTzUv/RS=%5EADBOrJkarWKjeK8tRBCFJn6F4xk6Tc-;_ylc=X3IDMgRmc3QDMARpZHgDMARvaWQD...
https://saveig.com/p/By6n4ZsAcO5/
https://saveig.org/p/By6n4ZsAcO5/

34 KB
7 KB

808ms
750ms

Document
text/html

2606:4700:20::681a:8a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668176092a3eb30177b6f86a363819b949938b682e8843f646eea37b48f48df5

Request headers

:method: GET
:authority: saveig.org
:scheme: https
:path: /p/By6n4ZsAcO5/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 15 Nov 2019 00:59:19 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=da2fd51662b6ba4116328fb5f604d53441573779558; expires=Sat, 14-Nov-20 00:59:18 GMT; path=/; domain=.saveig.org; HttpOnly; Secure
vary: Accept-Encoding
cache-control: max-age=86400
cf-cache-status: EXPIRED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 535d481ff835cbb4-VIE
content-encoding: br

Redirect headers

status: 301
date: Fri, 15 Nov 2019 00:59:18 GMT
content-type: text/html
set-cookie: __cfduid=dd549253d55b1887f324db15957e515c51573779558; expires=Sat, 14-Nov-20 00:59:18 GMT; path=/; domain=.saveig.com; HttpOnly
location: https://saveig.org/p/By6n4ZsAcO5/
cache-control: max-age=259200
cf-cache-status: EXPIRED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 535d481e69e45946-VIE

GET
H2 200 mobile.css
saveig.org/css/ 23 KB
4 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:8a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://saveig.org/css/mobile.css?v=347
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1110cf184bcef9b956f3fd3094b90f67122840c9fad4be5c3ab604130276a35f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Oct 2019 08:00:41 GMT
server: cloudflare
age: 1960810
etag: W/"5db008a9-5afa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
cf-ray: 535d4824ada9cbb4-VIE
expires: Fri, 22 Nov 2019 08:00:52 GMT

GET
H2 200 53165361_579080482607162_1415246029598490624_n.jpg
scontent-lga3-1.cdninstagram.com/vp/91ab631ae8dc75897c675565689254b4/5E5BB261/t51.2885-19/s150x150/ 5 KB
5 KB 244ms
81ms Image
image/jpeg 2a03:2880:f212:c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lga3-1.cdninstagram.com/vp/91ab631ae8dc75897c675565689254b4/5E5BB261/t51.2885-19/s150x150/53165361_579080482607162_1415246029598490624_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 69ebd7ed3d1c0a82715e905108547f4dc25ebdaa2296922461116f62b5946482

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 2422955978
date: Fri, 15 Nov 2019 00:59:19 GMT
x-fb-trip-id: 664085054
last-modified: Tue, 19 Mar 2019 03:06:07 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2620573090
x-fb-config-version-olb-prod: 644
timing-allow-origin: *
alt-svc: h3-23=":443"; ma=3600
content-length: 4912

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
29 KB 22ms
22ms Script
application/javascript 2606:4700::6811:553b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:553b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 13244528
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.015
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:15 GMT
server: cloudflare
etag: W/"5afd494f-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 535d4824af18cba0-VIE
expires: Wed, 04 Nov 2020 00:59:19 GMT

GET
H2 200 swiper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.2/js/ 122 KB
30 KB 20ms
19ms Script
application/javascript 2606:4700::6811:553b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.2/js/swiper.min.js

Requested by

Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:553b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 9094477
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.004
timing-allow-origin: *
last-modified: Thu, 01 Nov 2018 15:55:26 GMT
server: cloudflare
etag: W/"5bdb21ee-1e744"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 535d4824bf1ccba0-VIE
expires: Wed, 04 Nov 2020 00:59:19 GMT

GET
H2 200 mobile.js Show response
saveig.org/js/ 9 KB
3 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:8a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://saveig.org/js/mobile.js?v=347
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 426d1a4d062abb4898991045403ad8b4af8fcb8254e076e094eb3285ee23ba33

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Oct 2019 04:16:11 GMT
server: cloudflare
age: 1888325
etag: W/"5db1258b-231f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
cf-ray: 535d4824bdb2cbb4-VIE
expires: Sat, 23 Nov 2019 04:16:19 GMT

GET
H/1.1 200
OK ntfc.php Show response
pushlaram.com/ 13 KB
6 KB 96ms
27ms Script
application/javascript 194.187.98.192
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://pushlaram.com/ntfc.php?p=2889497
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 194.187.98.192 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 194.187.98.192.webazilla.com
Software: nginx /
Resource Hash: 60a1c1716923d363971bbac3fe202901750f0068307eb2ede8c6318b5fd9f75b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Nov 2019 00:59:19 GMT
Content-Encoding: gzip
Server: nginx
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Max-Age: 86400
Cache-Control: private, max-age=0, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK apu.php Show response
deloplen.com/ 96 KB
34 KB 71ms
30ms Script
application/javascript 88.85.82.189
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://deloplen.com/apu.php?zoneid=2861576

Requested by

Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

88.85.82.189 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

d6670260cf8ed8ecb9e3d7f5ef38845e42fd9abd08294e670fa2f7cc70c0423f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 Nov 2019 00:59:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 8a8730346cef226504035025e8e86077
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 94ms
69ms Script
application/javascript 104.20.253.85
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.253.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b860830a9c97834e6e39b215ef6b386202036c734917cd7080ae7a45296c8cb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
via: 1.1 google
cf-cache-status: HIT
age: 4034
status: 200
content-encoding: gzip
alt-svc: clear
last-modified: Thu, 14 Nov 2019 07:51:53 GMT
server: cloudflare
etag: W/"c96-59749c12e81c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 535d4824dd75bedd-FRA
expires: Fri, 15 Nov 2019 00:52:05 GMT

GET
H2 206 64987480_2255580441226212_2311785500194635776_n.mp4
scontent-lga3-1.cdninstagram.com/vp/819497a4ce332c816361f6d78895581d/5DD02DFF/t50.2886-16/ 192 KB
0 355ms
201ms Media
video/mp4 2a03:2880:f212:c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent-lga3-1.cdninstagram.com/vp/819497a4ce332c816361f6d78895581d/5DD02DFF/t50.2886-16/64987480_2255580441226212_2311785500194635776_n.mp4?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=100
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

x-haystack-needlechecksum: 3625379199
date: Fri, 15 Nov 2019 00:59:19 GMT
x-fb-config-version-elb-prod: 647
status: 206
x-fb-config-version-olb-prod: 647
alt-svc: h3-23=":443"; ma=3600
content-length: 2747828
x-fb-trip-id: 664085054
content-range: bytes 0-2747827/2747828
last-modified: Thu, 20 Jun 2019 03:10:34 GMT
content-type: video/mp4
access-control-allow-origin: *
x-fb-edge-debug: Nq8HhobEkNejoeDLVB31L-9hKB-32DG0rX_4GFHCZ_R4obT5HINoO4Sm-9zuWtiKyR5vQA0ieQdFWkHJFNxPyw
x-needle-checksum: 4095806451
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 search.png
saveig.org/img/ 2 KB
2 KB 17ms
16ms Image
image/png 2606:4700:20::681a:8a6
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saveig.org/img/search.png
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b58f9e33cb0610010c4af74e9eb1d407e132047fcd5af593867d92639f4cdc8a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/css/mobile.css?v=347
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
cf-cache-status: HIT
last-modified: Tue, 02 Jul 2019 07:17:07 GMT
server: cloudflare
age: 1972926
etag: "5d1b04f3-869"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 535d4824ddd9cbb4-VIE
content-length: 2153
expires: Fri, 22 Nov 2019 04:55:12 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 178 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 QldKNThLqRwH-OJ1UHjlKGlZ5qhExfHw.woff2
fonts.gstatic.com/s/inconsolata/v17/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inconsolata/v17/QldKNThLqRwH-OJ1UHjlKGlZ5qhExfHw.woff2

Requested by

Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb56c567dccf82a71e73b7b3a36369abfd817bf9752466601413bf6475982bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
Origin: https://saveig.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 29 Oct 2019 23:18:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 22:23:50 GMT
server: sffe
age: 1388441
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10964
x-xss-protection: 0
expires: Wed, 28 Oct 2020 23:18:38 GMT

GET
DATA 200
OK truncated
/ 352 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/saveig/ 3 KB
1 KB 67ms
18ms Script
application/javascript 2606:4700:30::6812:2a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/saveig/vdo.ai.js
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:2a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7285a0a3d14beb48364d2c68570bd36aea091da4cd48874410188cfd1de0f05

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Nov 2019 15:26:52 GMT
server: cloudflare
age: 4718
etag: W/"5dc5893c-bdd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 535d482599f68c8c-VIE

GET
H/1.1 200
OK 2 Show response
tharbadir.com/ 9 KB
5 KB 52ms
13ms Script
text/javascript 188.72.202.173
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://tharbadir.com/2?z=2929088
Requested by: Host: deloplen.com
URL: https://deloplen.com/apu.php?zoneid=2861576
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.202.173 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: fdd2708778654a6d0f025939051a9dd9b46bf8a7ccb8438995d0122704afeb28

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Nov 2019 00:59:19 GMT
Content-Encoding: gzip
X-Sc: kn8x5lDucsRnpdTGOhAYs8iDGQAHtzXclwyuRaY2rHhgj1ijU_QAX0x6mPvOMUAsZYtavzAbqLFbDY_fXiw8rcG89m0=
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fac.php
deloplen.com/ Frame B216 0
0 13ms
12ms Document
text/html 88.85.82.189
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://deloplen.com/fac.php

Requested by

Host: deloplen.com
URL: https://deloplen.com/apu.php?zoneid=2861576

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

88.85.82.189 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: deloplen.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://saveig.org/p/By6n4ZsAcO5/
Accept-Encoding: gzip, deflate, br
Cookie: OAID=498f085ae43a4ae1a56c2232778c1ff9; oaidts=1573779559
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://saveig.org/p/By6n4ZsAcO5/

Response headers

Server: nginx
Date: Fri, 15 Nov 2019 00:59:19 GMT
Content-Type: text/html; charset=utf8
Content-Length: 197
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id: 7de06956a9eba66e697f34b07857187f
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1668.041-2.069.ab.1666.024-2.070/ 883 KB
259 KB 25ms
25ms Script
application/javascript 104.20.253.85
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1668.041-2.069.ab.1666.024-2.070/ice.js
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.253.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f856297ddcde96815aa5f0ba6bbd32666d841adeccab53269a9a31fa1c504cea

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
via: 1.1 google
cf-cache-status: HIT
age: 6946
status: 200
content-encoding: gzip
alt-svc: clear
last-modified: Wed, 13 Nov 2019 10:59:57 GMT
server: cloudflare
etag: W/"dcae1-5973843ee4b4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 535d48259dcebedd-FRA
expires: Sat, 14 Dec 2019 23:03:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1542
date: Fri, 15 Nov 2019 00:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Fri, 15 Nov 2019 02:33:37 GMT

GET
H/1.1 200
OK ntfc.php Show response
pushlaram.com/ 119 KB
35 KB 33ms
33ms Script
application/javascript 194.187.98.192
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://pushlaram.com/ntfc.php?p=2889497&r=ui&swver=3.1.138
Requested by: Host: pushlaram.com
URL: https://pushlaram.com/ntfc.php?p=2889497
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 194.187.98.192 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 194.187.98.192.webazilla.com
Software: nginx /
Resource Hash: 0ba4c64d786cf091aaba3677f98931806d85460f1dff504cadb5157944227f4e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 Nov 2019 00:59:19 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Max-Age: 86400
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 view Show response
saveig.org/api/ 2 B
83 B 182ms
182ms XHR
text/plain 2606:4700:20::681a:8a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://saveig.org/api/view?type=post&name=By6n4ZsAcO5&lang=en
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: */*
Referer: https://saveig.org/p/By6n4ZsAcO5/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain; charset=utf-8
status: 200
cf-ray: 535d4825ae88cbb4-VIE
content-length: 2

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1732238203&t=pageview&_s=1&dl=https%3A%2F%2Fsaveig.org%2Fp%2FBy6n4ZsAcO5%2F&ul=en-us&de=UTF-8&dt=IledeFranceCheese_jp%20(%40iledefrancecheese_jp)%20%E3%80%90%E3%83%9F%E3%83%8B%E3%83%96%E3%83%AA%E3%83%BC%E3%81%A8%E3%82%A4%E3%82%AF%E3%83%A9%E3%81%AE%E3%83%97%E3%83%81%E3%83%97%E3%83%81%E3%82%AB%E3%83%8A%E3%83%83%E3%83%9A%E3%80%91%20.%20%E3%83%97%E3%83%81%E3%83%97%E3%83%81%E3%81%A8%E5%BC%BE%E3%81%91%20instagram%20post%20download%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=619309480&gjid=1972644716&cid=1129571204.1573779559&tid=UA-151166660-1&_gid=428344302.1573779559&_r=1&z=901427846

Requested by

Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Nov 2019 00:59:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vdo.min.css
a.vdo.ai/core/dependencies_hbv3/ 54 KB
15 KB 18ms
17ms Stylesheet
text/css 2606:4700:30::6812:2a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.css
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/saveig/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:2a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65264f22c95fcdc439fb5c84edc8fb1506e3f7febfa42b9d11cef8efadbe4082

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Nov 2019 13:25:16 GMT
server: cloudflare
age: 5346
etag: W/"5dcd55bc-d9a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 535d4825ba098c8c-VIE

GET
H2 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_hbv3/ 723 KB
190 KB 21ms
21ms Script
application/javascript 2606:4700:30::6812:2a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/saveig/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:2a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf41b04f81f3d41ba57b9ec47280d913167a3f271774e334391d6c432a0c0fab

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Nov 2019 13:25:16 GMT
server: cloudflare
age: 5346
etag: W/"5dcd55bc-b4aa0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 535d4825ba0a8c8c-VIE

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 272 KB
93 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:814::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/saveig/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4d588963907bf497aa95ee590a91e2a00970801b85b4347994230099d86e62d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94757
x-xss-protection: 0
expires: Fri, 15 Nov 2019 00:59:19 GMT

GET
H2 200 adframe.js Show response
a.vdo.ai/core/saveig/ 2 KB
844 B 16ms
16ms Script
application/javascript 2606:4700:30::6812:2a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/saveig/adframe.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/saveig/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:2a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bd8c8360856e49157ceab0826524fae28a3ae4177523b11d9552558f22e8022

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Nov 2019 12:25:26 GMT
server: cloudflare
age: 4718
etag: W/"5dcd47b6-7fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 535d4825ba0b8c8c-VIE

POST
H/1.1 200
OK custom Show response
pushlaram.com/ 39 B
485 B 14ms
13ms Fetch
application/json 194.187.98.192
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushlaram.com/custom

Requested by

Host: pushlaram.com
URL: https://pushlaram.com/ntfc.php?p=2889497&r=ui&swver=3.1.138

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

194.187.98.192 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

194.187.98.192.webazilla.com

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 1335442be47538f252a4de466545869e
Date: Fri, 15 Nov 2019 00:59:19 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://saveig.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2 200 sw.js Show response
saveig.org/ 3 KB
1 KB 17ms
17ms Fetch
application/javascript 2606:4700:20::681a:8a6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://saveig.org/sw.js
Requested by: Host: pushlaram.com
URL: https://pushlaram.com/ntfc.php?p=2889497&r=ui&swver=3.1.138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d032cfbc4b065dafed8f044947aea5df67ae7344f5e9fb4daf3429d1dedd2497

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Aug 2019 14:45:10 GMT
server: cloudflare
age: 610720
etag: W/"5d67e4f6-aac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
cf-ray: 535d4825fee6cbb4-VIE
expires: Fri, 22 Nov 2019 04:55:17 GMT

GET
H2 200 gsd Show response
router.infolinks.com/ 335 B
518 B 117ms
116ms Script
text/javascript 104.20.253.85
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3202330&wsid=3&pdom=saveig.org&purl=https%3A%2F%2Fsaveig.org%2Fp%2FBy6n4ZsAcO5%2F&jsv=1668.041-2.069.ab.1666.024-2.070&_cb=15737795593880
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1668.041-2.069.ab.1666.024-2.070/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.253.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49e396aac18fb09be42bf0d1b7dd360365b788be758467f34151d4f351e08c73

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Nov 2019 00:59:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
alt-svc: clear
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
status: 200
content-encoding: gzip
cache-control: max-age=0
cf-ray: 535d48263e1cbedd-FRA
content-type: text/javascript;charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK d26d0b60b88c08b0954bf265807ffcb1 Show response
tharbadir.com/27/ 270 KB
97 KB 26ms
25ms Script
application/javascript 188.72.202.173
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://tharbadir.com/27/d26d0b60b88c08b0954bf265807ffcb1

Requested by

Host: tharbadir.com
URL: https://tharbadir.com/2?z=2929088

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.173 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

3692180712312575d0221f853dc230c17706679fb886e210c083793348bc1d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 Nov 2019 00:59:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 12 Nov 2019 08:22:23 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: max-age:290304000, public
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Tue, 12 Dec 2079 08:22:23 GMT

GET
BLOB 200
OK b012fa7d-6ccf-456d-b530-3d265312e96b
https://saveig.org/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://saveig.org/b012fa7d-6ccf-456d-b530-3d265312e96b
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Sec-Fetch-Mode: same-origin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 73 KB
27 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-14

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51841f33bc919252d55ca4e86757e51397ba0bb7bfee5bf2ac0a12f08d877022

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
content-encoding: br
last-modified: Fri, 15 Nov 2019 00:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27631
x-xss-protection: 0
expires: Fri, 15 Nov 2019 00:59:19 GMT

GET
H2 200 allowed_url.php Show response
a.vdo.ai/core/ 29 B
354 B 246ms
220ms XHR
text/html 2606:4700:30::6812:2a06
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/allowed_url.php?url=saveig.org%2Fp%2FBy6n4ZsAcO5%2F
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:2a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: e7b6b1c4243834f3e23a06a6a96d0b6a922d3d3e73e942550d453c6d9d6d902d

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
x-powered-by: PHP/5.4.16
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cf-ray: 535d4826cc01cb98-VIE

GET
H2 200 pixel.gif
track.vdo.ai/ 43 B
144 B 230ms
216ms Image
image/gif 2606:4700:30::6812:2a06
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=saveig.org&tagName=saveig&event=initVdo&uid=f98cc676-f3b3-44f9-8212-ac40f264a1e5&1573779559699
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:2a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 535d48288b0c8c8c-VIE
content-length: 43

POST
H/1.1 200
OK custom Show response
pushlaram.com/ 39 B
485 B 14ms
13ms Fetch
application/json 194.187.98.192
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushlaram.com/custom

Requested by

Host: pushlaram.com
URL: https://pushlaram.com/ntfc.php?p=2889497&r=ui&swver=3.1.138

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

194.187.98.192 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

194.187.98.192.webazilla.com

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 34ae7f02f58a2453434adb805632b0bb
Date: Fri, 15 Nov 2019 00:59:19 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://saveig.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2 200 bridge3.351.1_en.html
imasdk.googleapis.com/js/core/ Frame BF95 0
0 6ms
5ms Document
text/html 2a00:1450:4001:814::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.351.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.351.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://saveig.org/p/By6n4ZsAcO5/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://saveig.org/p/By6n4ZsAcO5/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 196397
date: Thu, 14 Nov 2019 03:37:36 GMT
expires: Fri, 13 Nov 2020 03:37:36 GMT
last-modified: Thu, 14 Nov 2019 02:52:24 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 76903
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
10 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:825::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Fri, 15 Nov 2019 00:59:19 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=saveig.org

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Nov 2019 00:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
BLOB 200
OK 911f5867-3d4f-4315-a5f4-6c2f153678bc
https://saveig.org/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://saveig.org/911f5867-3d4f-4315-a5f4-6c2f153678bc
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20217c24a0b5295c47ac3119df645478f11ce93abe31e19e45f0ba55772cac8a

Request headers

Sec-Fetch-Mode: same-origin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 5417
Content-Type: application/javascript

GET
H/1.1 200
OK 2.m3u8 Show response
s.vdo.ai/vhs/ 7 KB
7 KB 292ms
91ms XHR
application/vnd.apple.mpegurl 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/2.m3u8
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: nginx/1.16.1 /
Resource Hash: b0cf6f080aa2061f191ad029779c7a44093bd4c71bd722832ecbd5dc2d3e7f33

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 Nov 2019 00:59:20 GMT
Last-Modified: Thu, 24 Oct 2019 11:56:55 GMT
Server: nginx/1.16.1
ETag: "5db19187-1aba"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6842

GET
H2 200 pixel.gif
track.vdo.ai/ 43 B
99 B 214ms
214ms Image
image/gif 2606:4700:30::6812:2a06
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=saveig.org&tagName=saveig&event=forceplay&uid=f98cc676-f3b3-44f9-8212-ac40f264a1e5&1573779559790
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:2a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:19 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 535d4828bb188c8c-VIE
content-length: 43

GET
H/1.1 204
No Content 9 Show response
tharbadir.com/ 0
721 B 14ms
14ms XHR
application/javascript 188.72.202.173
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://tharbadir.com/9?z=2929088&eid=&rb=Q7VFN_nbAeV2IhlRAS18B2r6QatOtArDi_FkSkhA5se3U9WzBCO0B49AZixy5KBRBs2wZFgyNv9rbtM_H6evDLnRDeQEKusWloajJN59z14SPPm8aPiWOqNIfRG5NXsN9s9s9wGo4LSPXbgDng4wPIDctgSrfpCJCOL8ohB1fF_xReXcLu-iRYTCBs_67MLV2itR5AZPTUaMsQRAyuEVhTuaFiUsE7wwCtYYRiNEtBhyn47ANJD-UwQRjDo=&ir=3x2&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fsaveig.org%2Fp%2FBy6n4ZsAcO5%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=2&ist=0
Requested by: Host: tharbadir.com
URL: https://tharbadir.com/27/d26d0b60b88c08b0954bf265807ffcb1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.202.173 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Nov 2019 00:59:19 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin: https://saveig.org
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 manage
router.infolinks.com/usync/ Frame C277 0
0 115ms
115ms Document
text/plain 104.20.253.85
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.253.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: router.infolinks.com
:scheme: https
:path: /usync/manage
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://saveig.org/p/By6n4ZsAcO5/
accept-encoding: gzip, deflate, br
cookie: __cfduid=dc4a4326ba63049cda4067ffb6b2d77771573779559; cuid=425aca82-b850-486e-80e0-5d0c42992028
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://saveig.org/p/By6n4ZsAcO5/

Response headers

status: 200
date: Fri, 15 Nov 2019 00:59:19 GMT
content-length: 0
via: 1.1 google
alt-svc: clear
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 535d48291f82bedd-FRA

POST
H2 200 doq.htm Show response
rt3014.infolinks.com/action/ 1 KB
1 KB 169ms
139ms XHR
text/html 104.20.253.85
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3014.infolinks.com/action/doq.htm?pcode=utf-8&r=15737795598621
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1668.041-2.069.ab.1666.024-2.070/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.253.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: daac131ca05ba316a5d0a28ad2c1511a7f33771d2a285a76b234e0c76fef9d2a

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 15 Nov 2019 00:59:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NON DSP NID OUR COR"
status: 200
content-type: text/html;charset=UTF-8
x-application-context: application:prod
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-language: en-US
access-control-allow-origin: https://saveig.org
cache-control: no-cache,no-store
access-control-allow-credentials: true
cf-ray: 535d4829593fbef1-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 14ms
14ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1732238203&t=pageview&_s=1&dl=https%3A%2F%2Fsaveig.org%2Fp%2FBy6n4ZsAcO5%2F&ul=en-us&de=UTF-8&dt=IledeFranceCheese_jp%20(%40iledefrancecheese_jp)%20%E3%80%90%E3%83%9F%E3%83%8B%E3%83%96%E3%83%AA%E3%83%BC%E3%81%A8%E3%82%A4%E3%82%AF%E3%83%A9%E3%81%AE%E3%83%97%E3%83%81%E3%83%97%E3%83%81%E3%82%AB%E3%83%8A%E3%83%83%E3%83%9A%E3%80%91%20.%20%E3%83%97%E3%83%81%E3%83%97%E3%83%81%E3%81%A8%E5%BC%BE%E3%81%91%20instagram%20post%20download%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUAB~&jid=1531595483&gjid=2074689758&cid=1129571204.1573779559&tid=UA-113932176-14&_gid=428344302.1573779559&_r=1&gtm=2ouav3&z=204203581

Requested by

Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Nov 2019 00:59:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 7ms
6ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1732238203&t=event&_s=2&dl=https%3A%2F%2Fsaveig.org%2Fp%2FBy6n4ZsAcO5%2F&ul=en-us&de=UTF-8&dt=IledeFranceCheese_jp%20(%40iledefrancecheese_jp)%20%E3%80%90%E3%83%9F%E3%83%8B%E3%83%96%E3%83%AA%E3%83%BC%E3%81%A8%E3%82%A4%E3%82%AF%E3%83%A9%E3%81%AE%E3%83%97%E3%83%81%E3%83%97%E3%83%81%E3%82%AB%E3%83%8A%E3%83%83%E3%83%9A%E3%80%91%20.%20%E3%83%97%E3%83%81%E3%83%97%E3%83%81%E3%81%A8%E5%BC%BE%E3%81%91%20instagram%20post%20download%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=initVdo&_u=KEDAAUAB~&jid=&gjid=&cid=1129571204.1573779559&tid=UA-113932176-14&_gid=428344302.1573779559&gtm=2ouav3&z=53013773

Requested by

Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Oct 2019 23:12:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1302406
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
6ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1732238203&t=event&_s=3&dl=https%3A%2F%2Fsaveig.org%2Fp%2FBy6n4ZsAcO5%2F&ul=en-us&de=UTF-8&dt=IledeFranceCheese_jp%20(%40iledefrancecheese_jp)%20%E3%80%90%E3%83%9F%E3%83%8B%E3%83%96%E3%83%AA%E3%83%BC%E3%81%A8%E3%82%A4%E3%82%AF%E3%83%A9%E3%81%AE%E3%83%97%E3%83%81%E3%83%97%E3%83%81%E3%82%AB%E3%83%8A%E3%83%83%E3%83%9A%E3%80%91%20.%20%E3%83%97%E3%83%81%E3%83%97%E3%83%81%E3%81%A8%E5%BC%BE%E3%81%91%20instagram%20post%20download%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=forceplay&_u=KEDAAUAB~&jid=&gjid=&cid=1129571204.1573779559&tid=UA-113932176-14&_gid=428344302.1573779559&gtm=2ouav3&z=2071663358

Requested by

Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Oct 2019 23:12:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1302406
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
track.vdo.ai/ 43 B
122 B 214ms
214ms Image
image/gif 2606:4700:30::6812:2a06
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=saveig.org&tagName=saveig&event=pageview&uid=f98cc676-f3b3-44f9-8212-ac40f264a1e5&1573779559882
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:2a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:20 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 535d48294b478c8c-VIE
content-length: 43

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
5ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1732238203&t=event&_s=4&dl=https%3A%2F%2Fsaveig.org%2Fp%2FBy6n4ZsAcO5%2F&ul=en-us&de=UTF-8&dt=IledeFranceCheese_jp%20(%40iledefrancecheese_jp)%20%E3%80%90%E3%83%9F%E3%83%8B%E3%83%96%E3%83%AA%E3%83%BC%E3%81%A8%E3%82%A4%E3%82%AF%E3%83%A9%E3%81%AE%E3%83%97%E3%83%81%E3%83%97%E3%83%81%E3%82%AB%E3%83%8A%E3%83%83%E3%83%9A%E3%80%91%20.%20%E3%83%97%E3%83%81%E3%83%97%E3%83%81%E3%81%A8%E5%BC%BE%E3%81%91%20instagram%20post%20download%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=pageview&_u=KEDAAUAB~&jid=&gjid=&cid=1129571204.1573779559&tid=UA-113932176-14&_gid=428344302.1573779559&gtm=2ouav3&z=528815089

Requested by

Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Oct 2019 23:12:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1302406
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 206 64987480_2255580441226212_2311785500194635776_n.mp4
scontent-lga3-1.cdninstagram.com/vp/819497a4ce332c816361f6d78895581d/5DD02DFF/t50.2886-16/ 149 KB
0 88ms
87ms Media
video/mp4 2a03:2880:f212:c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent-lga3-1.cdninstagram.com/vp/819497a4ce332c816361f6d78895581d/5DD02DFF/t50.2886-16/64987480_2255580441226212_2311785500194635776_n.mp4?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=100
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=196608-

Response headers

x-haystack-needlechecksum: 3625379199
date: Fri, 15 Nov 2019 00:59:19 GMT
x-fb-trip-id: 664085054
last-modified: Thu, 20 Jun 2019 03:10:34 GMT
access-control-allow-origin: *
status: 206
content-type: video/mp4
content-range: bytes 196608-2747827/2747828
x-needle-checksum: 4095806451
x-fb-config-version-olb-prod: 647
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-23=":443"; ma=3600
content-length: 2551220

GET
H2 206 64987480_2255580441226212_2311785500194635776_n.mp4
scontent-lga3-1.cdninstagram.com/vp/819497a4ce332c816361f6d78895581d/5DD02DFF/t50.2886-16/ 64 KB
0 81ms
81ms Media
video/mp4 2a03:2880:f212:c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent-lga3-1.cdninstagram.com/vp/819497a4ce332c816361f6d78895581d/5DD02DFF/t50.2886-16/64987480_2255580441226212_2311785500194635776_n.mp4?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=100
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=327680-

Response headers

x-haystack-needlechecksum: 3625379199
date: Fri, 15 Nov 2019 00:59:20 GMT
x-fb-trip-id: 664085054
last-modified: Thu, 20 Jun 2019 03:10:34 GMT
access-control-allow-origin: *
status: 206
content-type: video/mp4
content-range: bytes 327680-2747827/2747828
x-needle-checksum: 4095806451
x-fb-config-version-olb-prod: 647
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-23=":443"; ma=3600
content-length: 2420148

GET
H2 200 dcl.htm Show response
rt3014.infolinks.com/action/ 0
99 B 195ms
194ms Script
text/html 104.20.253.85
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3014.infolinks.com/action/dcl.htm?rid=b4cf72e3-d56b-41cc-bfbd-abf0da672b86&jsv=1668.041-2.069.ab.1666.024-2.070&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A1%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1668.041-2.069.ab.1666.024-2.070/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.253.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Nov 2019 00:59:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=UTF-8
status: 200
cache-control: no-cache,no-store
accept-ranges: bytes
cf-ray: 535d482a481abedd-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getads.htm Show response
rt3014.infolinks.com/action/ 251 B
248 B 262ms
262ms Script
text/html 104.20.253.85
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3014.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IN_ARTICLE0%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22a%22%2C%22miw%22%3A4%2C%22maw%22%3A604%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22sdata%22%3A%22downloading%22%2C%22scs%22%3A%22NawdlbXsV0%22%7D%2C%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A2%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22video%22%2C%22scs%22%3A%22GHZolT1mQ-%22%7D%2C%7B%22lid%22%3A%22IL_IF_LEFT%22%2C%22bdc%22%3A3%2C%22prod_t%22%3A%22f%22%2C%22as%22%3A%22120*600~160*600%22%2C%22nm%22%3A2%2C%22sdata%22%3A%22months%22%2C%22scs%22%3A%227BzevTfcJK%22%7D%5D&rid=b4cf72e3-d56b-41cc-bfbd-abf0da672b86&jsv=1668.041-2.069.ab.1666.024-2.070&sr=1600X1200&rts=1573779560045&cfv=-1&cb=singleGetAdsResponse&os=Mac%20OS&ov=10.14.5&br=Chrome&bv=74.0.3729.169&dv=p&ce=t&purl=https%3A%2F%2Fsaveig.org%2Fp%2FBy6n4ZsAcO5%2F&tzo=%2B0100&c=c&strg=true&rsd=wnqC8NdBvQnXqqSf1kY4ZM7H-vBVwWqAJi4L3lrvR0xrKvKki7MWzI62Qn0fp3IONxhH_9geEFR3GPScEArcbj1q_htCner3-L7wn34YS378J4EywnrNZkfSUrmshQWOUYqcKhjuruvn2OYTsvYkpSIkA3EL7J14&rsk=64&rcs=POntPzV9s3WLF5G7VGIt6g
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1668.041-2.069.ab.1666.024-2.070/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.253.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c89b44a5de1838748f0b3caff6ba3df1a185a028bbe85c10487301ee861fd382

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Nov 2019 00:59:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: en-US
status: 200
cache-control: no-cache,no-store
cf-ray: 535d482a481dbedd-FRA
content-type: text/html;charset=UTF-8
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 loader.gif
resources.infolinks.com/static/skins/ 962 B
1 KB 23ms
23ms Image
image/gif 104.20.253.85
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.infolinks.com/static/skins/loader.gif
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.253.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:20 GMT
via: 1.1 google
cf-cache-status: HIT
age: 6334
cf-polished: origSize=1631, status=webp_bigger
status: 200
alt-svc: clear
content-length: 962
last-modified: Mon, 14 Nov 2016 12:31:03 GMT
server: cloudflare
etag: "65f-54142035d0066"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
expires: Sat, 14 Dec 2019 23:13:46 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 535d482a481ebedd-FRA
cf-bgj: imgq:85

GET
H2 200 loader-bg.png
resources.infolinks.com/static/skins/ 902 B
1 KB 21ms
20ms Image
image/webp 104.20.253.85
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.infolinks.com/static/skins/loader-bg.png
Requested by: Host: saveig.org
URL: https://saveig.org/p/By6n4ZsAcO5/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.20.253.85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:20 GMT
via: 1.1 google
cf-cache-status: HIT
age: 13038
cf-polished: origFmt=png, origSize=1488
status: 200
content-disposition: inline; filename="loader-bg.webp"
alt-svc: clear
content-length: 902
last-modified: Mon, 14 Nov 2016 12:31:03 GMT
server: cloudflare
etag: "5d0-541420359b4a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 14 Dec 2019 21:22:02 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 535d482a481fbedd-FRA
cf-bgj: imgq:85

GET
BLOB 200
OK 6e9bf9c0-a8ca-4146-bf0a-e5a9b478e2d1
https://saveig.org/ 52 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://saveig.org/6e9bf9c0-a8ca-4146-bf0a-e5a9b478e2d1
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3314cd52ef1a2b3c8a22f497ff73803362e1c203da1809fdb765184faff200c9

Request headers

Sec-Fetch-Mode: same-origin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 52812
Content-Type: application/javascript

GET
H/1.1 206
Partial Content 2.ts Show response
s.vdo.ai/vhs/ 290 KB
291 KB 92ms
91ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: nginx/1.16.1 /
Resource Hash: b3434814ba3040a1cda212758c40cbd2f1a8f3fe38c3ff06fffeb09429848bac

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-297415

Response headers

Date: Fri, 15 Nov 2019 00:59:20 GMT
Last-Modified: Thu, 24 Oct 2019 11:57:43 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5db191b7-1ea3d04"
Content-Type: video/mp2t
Content-Range: bytes 0-297415/32128260
Connection: keep-alive
Content-Length: 297416

POST
H/1.1 200
OK custom Show response
pushlaram.com/ 39 B
485 B 13ms
13ms Fetch
application/json 194.187.98.192
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushlaram.com/custom

Requested by

Host: pushlaram.com
URL: https://pushlaram.com/ntfc.php?p=2889497&r=ui&swver=3.1.138

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

194.187.98.192 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

194.187.98.192.webazilla.com

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: d18dcd59fef99b8aa2df7f108da42b40
Date: Fri, 15 Nov 2019 00:59:20 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://saveig.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 43ms
20ms XHR
application/json 185.33.223.202
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.202 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

318.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3ffb8f1e093abb9920eea405869eb7d0373041d9087b77c1639e1335d7c71c17

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 15 Nov 2019 00:59:22 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.69:80
AN-X-Request-Uuid: d16b4439-bccf-4246-885d-6fde93624437
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://saveig.org
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel.gif
track.vdo.ai/ 43 B
122 B 217ms
217ms Image
image/gif 2606:4700:30::6812:2a06
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=saveig.org&tagName=saveig&event=ad_request0&uid=f98cc676-f3b3-44f9-8212-ac40f264a1e5&1573779560885
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:2a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:21 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 535d482fad228c8c-VIE
content-length: 43

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
6ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1732238203&t=event&_s=5&dl=https%3A%2F%2Fsaveig.org%2Fp%2FBy6n4ZsAcO5%2F&ul=en-us&de=UTF-8&dt=IledeFranceCheese_jp%20(%40iledefrancecheese_jp)%20%E3%80%90%E3%83%9F%E3%83%8B%E3%83%96%E3%83%AA%E3%83%BC%E3%81%A8%E3%82%A4%E3%82%AF%E3%83%A9%E3%81%AE%E3%83%97%E3%83%81%E3%83%97%E3%83%81%E3%82%AB%E3%83%8A%E3%83%83%E3%83%9A%E3%80%91%20.%20%E3%83%97%E3%83%81%E3%83%97%E3%83%81%E3%81%A8%E5%BC%BE%E3%81%91%20instagram%20post%20download%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=ad_request0&_u=KEDAAUAB~&jid=&gjid=&cid=1129571204.1573779559&tid=UA-113932176-14&_gid=428344302.1573779559&gtm=2ouav3&z=1632154050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Oct 2019 23:12:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1302407
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 2.ts Show response
s.vdo.ai/vhs/ 257 KB
258 KB 91ms
91ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: nginx/1.16.1 /
Resource Hash: cdaf26f173508007e382032be075697379e81a3c4be768f0aab27644f1626641

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=297416-560991

Response headers

Date: Fri, 15 Nov 2019 00:59:21 GMT
Last-Modified: Thu, 24 Oct 2019 11:57:43 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5db191b7-1ea3d04"
Content-Type: video/mp2t
Content-Range: bytes 297416-560991/32128260
Connection: keep-alive
Content-Length: 263576

GET
H/1.1 206
Partial Content 2.ts Show response
s.vdo.ai/vhs/ 284 KB
284 KB 92ms
91ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: nginx/1.16.1 /
Resource Hash: f049345d464c54c3ab29b5a5294ad6c8d66ca6ce73b5e5b1396094f2bff72af6

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=560992-851827

Response headers

Date: Fri, 15 Nov 2019 00:59:21 GMT
Last-Modified: Thu, 24 Oct 2019 11:57:43 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5db191b7-1ea3d04"
Content-Type: video/mp2t
Content-Range: bytes 560992-851827/32128260
Connection: keep-alive
Content-Length: 290836

GET
H/1.1 206
Partial Content 2.ts Show response
s.vdo.ai/vhs/ 238 KB
238 KB 91ms
91ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: nginx/1.16.1 /
Resource Hash: 9b198f8cc59838fb1f336c133d8c49e73b260f8e9eb9f0a01ea47a0dfe2880e0

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=851828-1095475

Response headers

Date: Fri, 15 Nov 2019 00:59:21 GMT
Last-Modified: Thu, 24 Oct 2019 11:57:43 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5db191b7-1ea3d04"
Content-Type: video/mp2t
Content-Range: bytes 851828-1095475/32128260
Connection: keep-alive
Content-Length: 243648

GET
H2 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0FB0 37 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5b0e62b935a2dc31da7452bbbdf6b3ab3a2ecfc01dc081c674560c2c178cf170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Nov 2019 19:30:46 GMT
server: sffe
age: 471
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13666
x-xss-protection: 0
expires: Fri, 15 Nov 2019 01:06:30 GMT

GET
H2 200 neptune-player.js Show response
player-cdn.beachfrontmedia.com/players/neptune/3/19/0/ Frame 0FB0 99 KB
35 KB 50ms
9ms Script
application/x-javascript 2600:9000:2156:1c00:1f:87f6:37c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://player-cdn.beachfrontmedia.com/players/neptune/3/19/0/neptune-player.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:1c00:1f:87f6:37c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 608f86b63fa42187aaadafaffebbf1eb365fe781e282e43c9df7dcef39614c75

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 17 Oct 2019 20:26:25 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2435497
x-cache: Hit from cloudfront
status: 200
pragma: public
access-control-allow-origin: *
last-modified: Thu, 17 Oct 2019 20:20:31 GMT
server: nginx
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/x-javascript
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control: max-age=7776000, no-transform, public, s-maxage=7776000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: Y7YNiAUn1k693yYDVq_4Z46uO3lUrNxRp1qJPRarL6Yiu_z9MMAFsw==
expires: Wed, 15 Jan 2020 20:26:25 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0FB0 272 KB
93 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:814::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player-cdn.beachfrontmedia.com
URL: https://player-cdn.beachfrontmedia.com/players/neptune/3/19/0/neptune-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4d588963907bf497aa95ee590a91e2a00970801b85b4347994230099d86e62d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94757
x-xss-protection: 0
expires: Fri, 15 Nov 2019 00:59:21 GMT

GET
H/1.1 200
OK getmu Show response
useast.bfmio.com/ Frame 0FB0 2 KB
2 KB 372ms
90ms XHR
application/xml 34.198.86.158
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://useast.bfmio.com/getmu?stream=in&playback=2&v=1&apv=nep-3-19-0&width=419&height=236&i_type=pre&aid=9ed3d527-7767-432a-a961-5241e6cf87ba&pageurl=https%3A%2F%2Fsaveig.org%2Fp%2FBy6n4ZsAcO5%2F&osvers=Mac%20OS%20X&network=u&cm=true&te=true&flash=false&vjs=true&xml=true&cb=60297163

Requested by

Host: player-cdn.beachfrontmedia.com
URL: https://player-cdn.beachfrontmedia.com/players/neptune/3/19/0/neptune-player.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.198.86.158 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-198-86-158.compute-1.amazonaws.com

Software

Resource Hash

2d616b9f8023c7379cc73add61c0409e78f217efb94fa884522a7483eef7182c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: application/xml
Access-Control-Allow-Origin: https://saveig.org
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
transfer-encoding: chunked
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bridge3.351.1_en.html
imasdk.googleapis.com/js/core/ Frame C10A 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.351.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.351.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://saveig.org/p/By6n4ZsAcO5/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://saveig.org/p/By6n4ZsAcO5/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 196397
date: Thu, 14 Nov 2019 03:37:36 GMT
expires: Fri, 13 Nov 2020 03:37:36 GMT
last-modified: Thu, 14 Nov 2019 02:52:24 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 76905
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 0FB0 26 KB
10 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:825::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Fri, 15 Nov 2019 00:59:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0FB0 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=saveig.org

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Nov 2019 00:59:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H/1.1 206
Partial Content 2.ts Show response
s.vdo.ai/vhs/ 259 KB
260 KB 91ms
91ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: nginx/1.16.1 /
Resource Hash: 82a46b8ca11f712a1043c902280ef5287c8815c713656ac7e8b15d0fa010c2e2

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=1095476-1361119

Response headers

Date: Fri, 15 Nov 2019 00:59:21 GMT
Last-Modified: Thu, 24 Oct 2019 11:57:43 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5db191b7-1ea3d04"
Content-Type: video/mp2t
Content-Range: bytes 1095476-1361119/32128260
Connection: keep-alive
Content-Length: 265644

GET
H/1.1 206
Partial Content 2.ts Show response
s.vdo.ai/vhs/ 262 KB
262 KB 91ms
91ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: nginx/1.16.1 /
Resource Hash: 8f55d5d03f6d82eb2fc226e68b5d5e0d2fe29f8dc54876015351e298c05f17b1

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=1361120-1629583

Response headers

Date: Fri, 15 Nov 2019 00:59:21 GMT
Last-Modified: Thu, 24 Oct 2019 11:57:43 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5db191b7-1ea3d04"
Content-Type: video/mp2t
Content-Range: bytes 1361120-1629583/32128260
Connection: keep-alive
Content-Length: 268464

GET
H/1.1 206
Partial Content 2.ts Show response
s.vdo.ai/vhs/ 257 KB
257 KB 92ms
91ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: nginx/1.16.1 /
Resource Hash: 6e91c0afc684adb9dee46e515da18c41f6d2e52f0c3aab2465a90e53c5be1fe0

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=1629584-1892595

Response headers

Date: Fri, 15 Nov 2019 00:59:22 GMT
Last-Modified: Thu, 24 Oct 2019 11:57:43 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5db191b7-1ea3d04"
Content-Type: video/mp2t
Content-Range: bytes 1629584-1892595/32128260
Connection: keep-alive
Content-Length: 263012

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame B57E 0
0 7ms
6ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://saveig.org/p/By6n4ZsAcO5/
Accept-Encoding: gzip, deflate, br
Cookie: icu=ChgIrpJgEAoYASABKAEw6vC37gU4AUABSAEQ6vC37gUYAA..; uuid2=4984506279917108560
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://saveig.org/p/By6n4ZsAcO5/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Sat, 14 Nov 2020 00:59:23 GMT
Date: Fri, 15 Nov 2019 00:59:23 GMT
Connection: keep-alive

GET
H/1.1 206
Partial Content 2.ts Show response
s.vdo.ai/vhs/ 256 KB
256 KB 182ms
182ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: nginx/1.16.1 /
Resource Hash: 33df42d79151922472c257ff9768b6c250168196a7ab60b403ea644c27d1de7e

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=1892596-2154667

Response headers

Date: Fri, 15 Nov 2019 00:59:24 GMT
Last-Modified: Thu, 24 Oct 2019 11:57:43 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5db191b7-1ea3d04"
Content-Type: video/mp2t
Content-Range: bytes 1892596-2154667/32128260
Connection: keep-alive
Content-Length: 262072

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 19ms
18ms XHR
application/json 185.33.223.202
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.202 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

318.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2843c9c1a5b934c3851ea0bcd7280f0027d4454d1478d69cb5edf0ffb94648f6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 15 Nov 2019 00:59:29 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.107:80
AN-X-Request-Uuid: d07db485-2ccb-4e24-abee-fc5aeaec6bd0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://saveig.org
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel.gif
track.vdo.ai/ 43 B
215 B 62ms
61ms Image
image/gif 2606:4700:30::6812:2a06
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=saveig.org&tagName=saveig&event=ad_request5&uid=f98cc676-f3b3-44f9-8212-ac40f264a1e5&1573779567216
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:2a06 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:27 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 535d485748f88c8c-VIE
content-length: 43

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 14ms
13ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1732238203&t=event&_s=6&dl=https%3A%2F%2Fsaveig.org%2Fp%2FBy6n4ZsAcO5%2F&ul=en-us&de=UTF-8&dt=IledeFranceCheese_jp%20(%40iledefrancecheese_jp)%20%E3%80%90%E3%83%9F%E3%83%8B%E3%83%96%E3%83%AA%E3%83%BC%E3%81%A8%E3%82%A4%E3%82%AF%E3%83%A9%E3%81%AE%E3%83%97%E3%83%81%E3%83%97%E3%83%81%E3%82%AB%E3%83%8A%E3%83%83%E3%83%9A%E3%80%91%20.%20%E3%83%97%E3%83%81%E3%83%97%E3%83%81%E3%81%A8%E5%BC%BE%E3%81%91%20instagram%20post%20download%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=ad_request5&_u=KEDAAUAB~&jid=730706305&gjid=1838174&cid=1129571204.1573779559&tid=UA-113932176-14&_gid=428344302.1573779559&_r=1&gtm=2ouav3&z=285716859

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Nov 2019 00:59:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 2.ts Show response
s.vdo.ai/vhs/ 284 KB
284 KB 182ms
182ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: nginx/1.16.1 /
Resource Hash: 419ed4364ec005939fe77570f164bbc6290ab5276faab05a3afc67c21a984251

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=2154668-2445503

Response headers

Date: Fri, 15 Nov 2019 00:59:27 GMT
Last-Modified: Thu, 24 Oct 2019 11:57:43 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5db191b7-1ea3d04"
Content-Type: video/mp2t
Content-Range: bytes 2154668-2445503/32128260
Connection: keep-alive
Content-Length: 290836

GET
H2 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3EEF 37 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5b0e62b935a2dc31da7452bbbdf6b3ab3a2ecfc01dc081c674560c2c178cf170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Nov 2019 19:30:46 GMT
server: sffe
age: 477
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13666
x-xss-protection: 0
expires: Fri, 15 Nov 2019 01:06:30 GMT

GET
H2 200 neptune-player.js Show response
player-cdn.beachfrontmedia.com/players/neptune/3/19/0/ Frame 3EEF 99 KB
35 KB 6ms
6ms Script
application/x-javascript 2600:9000:2156:1c00:1f:87f6:37c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://player-cdn.beachfrontmedia.com/players/neptune/3/19/0/neptune-player.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:1c00:1f:87f6:37c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 608f86b63fa42187aaadafaffebbf1eb365fe781e282e43c9df7dcef39614c75

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 17 Oct 2019 20:26:25 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2435455
x-cache: Hit from cloudfront
status: 200
pragma: public
access-control-allow-origin: *
last-modified: Thu, 17 Oct 2019 20:20:31 GMT
server: nginx
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/x-javascript
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control: max-age=7776000, no-transform, public, s-maxage=7776000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
x-amz-cf-id: Bbvm5sRAXzvZb3kx-mhLhiblEkVt5eq_dcBCuYFiD6Yf8EEiPrDP7A==
expires: Wed, 15 Jan 2020 20:26:25 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3EEF 272 KB
93 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:814::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player-cdn.beachfrontmedia.com
URL: https://player-cdn.beachfrontmedia.com/players/neptune/3/19/0/neptune-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4d588963907bf497aa95ee590a91e2a00970801b85b4347994230099d86e62d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94757
x-xss-protection: 0
expires: Fri, 15 Nov 2019 00:59:27 GMT

GET
H/1.1 200
OK getmu Show response
useast.bfmio.com/ Frame 3EEF 2 KB
2 KB 89ms
89ms XHR
application/xml 34.198.86.158
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://useast.bfmio.com/getmu?stream=in&playback=2&v=1&apv=nep-3-19-0&width=419&height=236&i_type=pre&aid=36e8fe38-12cd-4850-f8f1-c6f555b6fb40&pageurl=https%3A%2F%2Fsaveig.org%2Fp%2FBy6n4ZsAcO5%2F&osvers=Mac%20OS%20X&network=u&cm=true&te=true&flash=false&vjs=true&xml=true&cb=91381344

Requested by

Host: player-cdn.beachfrontmedia.com
URL: https://player-cdn.beachfrontmedia.com/players/neptune/3/19/0/neptune-player.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.198.86.158 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-198-86-158.compute-1.amazonaws.com

Software

Resource Hash

101fc351299d44928aba8075fcb8390b0937ffe2b34aaceabb185d561754c8ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: application/xml
Access-Control-Allow-Origin: https://saveig.org
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
transfer-encoding: chunked
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bridge3.351.1_en.html
imasdk.googleapis.com/js/core/ Frame 3075 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.351.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.351.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://saveig.org/p/By6n4ZsAcO5/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://saveig.org/p/By6n4ZsAcO5/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 196397
date: Thu, 14 Nov 2019 03:37:36 GMT
expires: Fri, 13 Nov 2020 03:37:36 GMT
last-modified: Thu, 14 Nov 2019 02:52:24 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 76911
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 3EEF 26 KB
10 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:825::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 00:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Fri, 15 Nov 2019 00:59:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3EEF 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=saveig.org

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Nov 2019 00:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H/1.1 206
Partial Content 2.ts Show response
s.vdo.ai/vhs/ 262 KB
262 KB 182ms
181ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vdo.ai/vhs/2.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: nginx/1.16.1 /
Resource Hash: 0bc1259923a15aade07b433db7f1eb2ae77093c93c9f11cf251c238c1708d168

Request headers

Sec-Fetch-Mode: cors
Referer: https://saveig.org/p/By6n4ZsAcO5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=2445504-2713403

Response headers

Date: Fri, 15 Nov 2019 00:59:30 GMT
Last-Modified: Thu, 24 Oct 2019 11:57:43 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5db191b7-1ea3d04"
Content-Type: video/mp2t
Content-Range: bytes 2445504-2713403/32128260
Connection: keep-alive
Content-Length: 267900

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.infolinks.com/	1970-01-19 13:55:15	Name: __cfduid Value: dc4a4326ba63049cda4067ffb6b2d77771573779559
deloplen.com/	1970-01-19 13:55:15	Name: oaidts Value: 1573779559
deloplen.com/	1970-01-19 13:55:15	Name: OAID Value: 498f085ae43a4ae1a56c2232778c1ff9
.saveig.org/	1970-01-19 05:09:39	Name: _gat_gtag_UA_113932176_14 Value: 1
.saveig.org/	1970-01-19 05:11:05	Name: _gid Value: GA1.2.428344302.1573779559
.saveig.org/	1970-01-19 13:55:15	Name: __cfduid Value: da2fd51662b6ba4116328fb5f604d53441573779558
.saveig.org/	1970-01-19 05:09:39	Name: _gat Value: 1
.infolinks.com/	1970-01-19 22:40:51	Name: cuid Value: 425aca82-b850-486e-80e0-5d0c42992028
.saveig.org/	1970-01-19 22:40:51	Name: _ga Value: GA1.2.1129571204.1573779559
saveig.org/p/By6n4ZsAcO5	1969-12-31 23:59:59	Name: logglytrackingsession Value: 9190db8a-0396-40f2-b477-89311004a4de

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://pushlaram.com/ntfc.php?p=2889497&r=ui&swver=3.1.138(Line 1) Message: undefined
console-api	log	URL: https://pushlaram.com/ntfc.php?p=2889497&r=ui&swver=3.1.138(Line 1) Message: service worker path (u): /sw.js event domain: https://pushlaram.com
console-api	warning	URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js(Line 26) Message: Ad error: AdError 901: An unexpected error occurred within the VPAID creative. Refer to the inner error for more info. Caused by: Error: Error: VASTError 303: No Ad in VAST tree
console-api	warning	URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js(Line 26) Message: Ad error: AdError 901: An unexpected error occurred within the VPAID creative. Refer to the inner error for more info. Caused by: Error: Error: VASTError 303: No Ad in VAST tree

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vdo.ai
acdn.adnxs.com
adservice.google.com
cdnjs.cloudflare.com
deloplen.com
fonts.gstatic.com
ib.adnxs.com
imasdk.googleapis.com
ord.yahoo.co.jp
player-cdn.beachfrontmedia.com
pushlaram.com
resources.infolinks.com
router.infolinks.com
rt3014.infolinks.com
s.vdo.ai
s0.2mdn.net
saveig.com
saveig.org
scontent-lga3-1.cdninstagram.com
tharbadir.com
track.vdo.ai
useast.bfmio.com
www.google-analytics.com
www.googletagmanager.com
104.20.253.85
183.79.250.123
185.33.223.202
188.72.202.173
194.187.98.192
2.18.232.130
2600:9000:2156:1c00:1f:87f6:37c0:93a1
2606:4700:20::681a:8a6
2606:4700:30::6812:2a06
2606:4700:30::681b:8fe5
2606:4700::6811:553b
2a00:1450:4001:806::2002
2a00:1450:4001:808::2008
2a00:1450:4001:814::200a
2a00:1450:4001:815::200e
2a00:1450:4001:821::2003
2a00:1450:4001:825::2006
2a03:2880:f212:c4:face:b00c:0:43fe
34.198.86.158
51.79.72.196
88.85.82.189
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0ba4c64d786cf091aaba3677f98931806d85460f1dff504cadb5157944227f4e
0bc1259923a15aade07b433db7f1eb2ae77093c93c9f11cf251c238c1708d168
101fc351299d44928aba8075fcb8390b0937ffe2b34aaceabb185d561754c8ef
1110cf184bcef9b956f3fd3094b90f67122840c9fad4be5c3ab604130276a35f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1bd8c8360856e49157ceab0826524fae28a3ae4177523b11d9552558f22e8022
20217c24a0b5295c47ac3119df645478f11ce93abe31e19e45f0ba55772cac8a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2843c9c1a5b934c3851ea0bcd7280f0027d4454d1478d69cb5edf0ffb94648f6
2d616b9f8023c7379cc73add61c0409e78f217efb94fa884522a7483eef7182c
3314cd52ef1a2b3c8a22f497ff73803362e1c203da1809fdb765184faff200c9
33df42d79151922472c257ff9768b6c250168196a7ab60b403ea644c27d1de7e
3692180712312575d0221f853dc230c17706679fb886e210c083793348bc1d76
3b860830a9c97834e6e39b215ef6b386202036c734917cd7080ae7a45296c8cb
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
3ffb8f1e093abb9920eea405869eb7d0373041d9087b77c1639e1335d7c71c17
419ed4364ec005939fe77570f164bbc6290ab5276faab05a3afc67c21a984251
426d1a4d062abb4898991045403ad8b4af8fcb8254e076e094eb3285ee23ba33
49e396aac18fb09be42bf0d1b7dd360365b788be758467f34151d4f351e08c73
4d588963907bf497aa95ee590a91e2a00970801b85b4347994230099d86e62d9
51841f33bc919252d55ca4e86757e51397ba0bb7bfee5bf2ac0a12f08d877022
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b0e62b935a2dc31da7452bbbdf6b3ab3a2ecfc01dc081c674560c2c178cf170
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66
608f86b63fa42187aaadafaffebbf1eb365fe781e282e43c9df7dcef39614c75
60a1c1716923d363971bbac3fe202901750f0068307eb2ede8c6318b5fd9f75b
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
65264f22c95fcdc439fb5c84edc8fb1506e3f7febfa42b9d11cef8efadbe4082
668176092a3eb30177b6f86a363819b949938b682e8843f646eea37b48f48df5
69ebd7ed3d1c0a82715e905108547f4dc25ebdaa2296922461116f62b5946482
6e91c0afc684adb9dee46e515da18c41f6d2e52f0c3aab2465a90e53c5be1fe0
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
82a46b8ca11f712a1043c902280ef5287c8815c713656ac7e8b15d0fa010c2e2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f55d5d03f6d82eb2fc226e68b5d5e0d2fe29f8dc54876015351e298c05f17b1
9b198f8cc59838fb1f336c133d8c49e73b260f8e9eb9f0a01ea47a0dfe2880e0
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
b0cf6f080aa2061f191ad029779c7a44093bd4c71bd722832ecbd5dc2d3e7f33
b3434814ba3040a1cda212758c40cbd2f1a8f3fe38c3ff06fffeb09429848bac
b58f9e33cb0610010c4af74e9eb1d407e132047fcd5af593867d92639f4cdc8a
c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff
c89b44a5de1838748f0b3caff6ba3df1a185a028bbe85c10487301ee861fd382
cb56c567dccf82a71e73b7b3a36369abfd817bf9752466601413bf6475982bb2
cdaf26f173508007e382032be075697379e81a3c4be768f0aab27644f1626641
cf41b04f81f3d41ba57b9ec47280d913167a3f271774e334391d6c432a0c0fab
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d032cfbc4b065dafed8f044947aea5df67ae7344f5e9fb4daf3429d1dedd2497
d6670260cf8ed8ecb9e3d7f5ef38845e42fd9abd08294e670fa2f7cc70c0423f
daac131ca05ba316a5d0a28ad2c1511a7f33771d2a285a76b234e0c76fef9d2a
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b
e7b6b1c4243834f3e23a06a6a96d0b6a922d3d3e73e942550d453c6d9d6d902d
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f049345d464c54c3ab29b5a5294ad6c8d66ca6ce73b5e5b1396094f2bff72af6
f7285a0a3d14beb48364d2c68570bd36aea091da4cd48874410188cfd1de0f05
f856297ddcde96815aa5f0ba6bbd32666d841adeccab53269a9a31fa1c504cea
fdd2708778654a6d0f025939051a9dd9b46bf8a7ccb8438995d0122704afeb28
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

saveig.org Open in urlscan Pro 2606:4700:20::681a:8a6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

97 %HTTPS

57 %IPv6

19 Domains

24 Subdomains

20 IPs

7 Countries

3865 kBTransfer

6885 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

saveig.org Open in urlscan Pro
2606:4700:20::681a:8a6 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

97 %
HTTPS

57 %
IPv6

19
Domains

24
Subdomains

20
IPs

7
Countries

3865 kB
Transfer

6885 kB
Size

10
Cookies

86 HTTP transactions
8 data transactions