savelife.in.ua Open in urlscan Pro
2606:4700:20::681a:2f  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.mgid.com/ghits/12521125/i/57618430/0/pp/2/1?h=_g1qa4uUKWEfMAJeTyVW8mL3r-KAilRp1g3LA9gcE127sLjSS9uPgLWGlqiUx0Mx&rid=7087b25b-b40e-11ec-bec0-e43d1a2a53a0&ts=google.com&tt=Organic&att=2&cpm=1&gbpp=1&abd=1&iv=11&ct=1&gdpr=1&st=180&k=1285858fcX4OZ_Jc3tffX_4cCwcfX_4cLD0ffODM2*DU0OQ%3D%3Df!fL_fS*fa%3BffMjk0*DM0NA%3D%3DffKb6LbBffTfTfaHR0cHM6Ly93d3cudW5pYW4ubmV0L3J1c3NpYW53b3JsZC9yb3NzaXlza2llLXByb3BhZ2FuZGlzdHktdnlwdXN0aWxpLXN0YXR5d%241vcHJhdmR5dmF5dXNoY2h1eXUtdWJpeXN0dmEtdnNlaC11a3JhaW5jZXYtbm92bw%3D%3DfaHR0cHM6Ly93d3cuZ29vZ2xlLmNvb%248%3DfKysvf*fODM2*DI1MjF8NzY4*DIxODM%3DfMHww*DB8Mg%3D%3DfMHwwf!fcfMzQ0*DI5NHw3Njd8MjEwfaQfQaf!f!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC44NCBTYWZhcmkvNTM3LjM2IE9QUi84N%244wLjQzNDEuNDc%3DfUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGffV2luMzI%3DfMTgwfMXwxMDA%3DfMTY4MHwxMDEwfdW5rbm93bnw0Z3wwf!f!fTff*f*(UN77S!&crst=1649073487&wrst=1649073487 Page URL
2. https://savelife.in.ua/en/donate/ Page URL
3. https://savelife.in.ua/en/donate/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
-1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	1 www.mgid.com/ghits/12521125/i/57618430/0/pp/2/	1 KB 2 KB	562ms 510ms	Document text/html	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.mgid.com/ghits/12521125/i/57618430/0/pp/2/1?h=_g1qa4uUKWEfMAJeTyVW8mL3r-KAilRp1g3LA9gcE127sLjSS9uPgLWGlqiUx0Mx&rid=7087b25b-b40e-11ec-bec0-e43d1a2a53a0&ts=google.com&tt=Organic&att=2&cpm=1&gbpp=1&abd=1&iv=11&ct=1&gdpr=1&st=180&k=1285858fcX4OZ_Jc3tffX_4cCwcfX_4cLD0ffODM2*DU0OQ%3D%3Df!fL_fS*fa%3BffMjk0*DM0NA%3D%3DffKb6LbBffTfTfaHR0cHM6Ly93d3cudW5pYW4ubmV0L3J1c3NpYW53b3JsZC9yb3NzaXlza2llLXByb3BhZ2FuZGlzdHktdnlwdXN0aWxpLXN0YXR5d%241vcHJhdmR5dmF5dXNoY2h1eXUtdWJpeXN0dmEtdnNlaC11a3JhaW5jZXYtbm92bw%3D%3DfaHR0cHM6Ly93d3cuZ29vZ2xlLmNvb%248%3DfKysvf*fODM2*DI1MjF8NzY4*DIxODM%3DfMHww*DB8Mg%3D%3DfMHwwf!fcfMzQ0*DI5NHw3Njd8MjEwfaQfQaf!f!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC44NCBTYWZhcmkvNTM3LjM2IE9QUi84N%244wLjQzNDEuNDc%3DfUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGffV2luMzI%3DfMTgwfMXwxMDA%3DfMTY4MHwxMDEwfdW5rbm93bnw0Z3wwf!f!fTff*f*(UN77S!&crst=1649073487&wrst=1649073487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache cf-cache-status MISS cf-ray 6f69df9d7fbb9be0-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 04 Apr 2022 11:58:40 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 01 Jan 1970 00:00:01 GMT last-modified Mon, 04 Apr 2022 11:58:40 GMT pragma no-cache server cloudflare vary Accept-Encoding x-mg-click-uuid 91db55e3-1c92-314c-6007-e1d3ca06f4ce x-robots-tag noindex
GET H2	503	/ Show response savelife.in.ua/en/donate/	10 KB 11 KB	89ms 36ms	Document text/html	2606:4700:20::681a:2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savelife.in.ua/en/donate/ Requested by Host: www.mgid.com URL: https://www.mgid.com/ghits/12521125/i/57618430/0/pp/2/1?h=_g1qa4uUKWEfMAJeTyVW8mL3r-KAilRp1g3LA9gcE127sLjSS9uPgLWGlqiUx0Mx&rid=7087b25b-b40e-11ec-bec0-e43d1a2a53a0&ts=google.com&tt=Organic&att=2&cpm=1&gbpp=1&abd=1&iv=11&ct=1&gdpr=1&st=180&k=1285858fcX4OZ_Jc3tffX_4cCwcfX_4cLD0ffODM2*DU0OQ%3D%3Df!fL_fS*fa%3BffMjk0*DM0NA%3D%3DffKb6LbBffTfTfaHR0cHM6Ly93d3cudW5pYW4ubmV0L3J1c3NpYW53b3JsZC9yb3NzaXlza2llLXByb3BhZ2FuZGlzdHktdnlwdXN0aWxpLXN0YXR5d%241vcHJhdmR5dmF5dXNoY2h1eXUtdWJpeXN0dmEtdnNlaC11a3JhaW5jZXYtbm92bw%3D%3DfaHR0cHM6Ly93d3cuZ29vZ2xlLmNvb%248%3DfKysvf*fODM2*DI1MjF8NzY4*DIxODM%3DfMHww*DB8Mg%3D%3DfMHwwf!fcfMzQ0*DI5NHw3Njd8MjEwfaQfQaf!f!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC44NCBTYWZhcmkvNTM3LjM2IE9QUi84N%244wLjQzNDEuNDc%3DfUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGffV2luMzI%3DfMTgwfMXwxMDA%3DfMTY4MHwxMDEwfdW5rbm93bnw0Z3wwf!f!fTff*f*(UN77S!&crst=1649073487&wrst=1649073487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 032e92d9306c3117d09154733e387bc86492d7fd786991aa4ae29525c8e01fff Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.mgid.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 6f69dfa119319177-FRA content-type text/html; charset=UTF-8 date Mon, 04 Apr 2022 11:58:40 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5X6S2rm7jFcJWJCOG0pOQJ9fct1rPvbubhZX45DUWfgCuS7dX0yzKzbW9WnpahdZ6NTm%2B7qh0SbGlIswQqlGcTXOge%2BUqrxZjp%2BB0ldEytPO3SkX3XLekW7muuHGIh9zginPIr2dR0lXDpOz"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	v1 Show response savelife.in.ua/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/	42 KB 15 KB	35ms 34ms	Script text/javascript	2606:4700:20::681a:2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savelife.in.ua/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6f69dfa119319177 Requested by Host: savelife.in.ua URL: https://savelife.in.ua/en/donate/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1356749aa82753de15286c9208ac034453521fb2352798f8fc1c916790cf1d52 Request headers Accept-Language de-DE,de;q=0.9 Referer https://savelife.in.ua/en/donate/?__cf_chl_rt_tk=8QGUnc4FOouyT7kW39ieLDXuLFY7yy3Bl0hCoN14h9o-1649073520-0-gaNycGzNCFE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 11:58:40 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aw0Ng5HkbgZxzc0aX3T0y7yaTJfYRTpTkpZ2xw2njrH5kO%2FIag%2B2B7PesbdwDylSgWkDXOelYZUgko0D7fepqNEOWiLoPphXHZn1tWjPDla89x8tQqkAhW8csv%2FpJq7TxcvMKRIV%2BKQO%2BGVr"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=0, must-revalidate cf-ray 6f69dfa17a0e9177-FRA
GET H2	200	transparent.gif savelife.in.ua/cdn-cgi/images/trace/jschal/js/	42 B 101 B	32ms 31ms	Image image/gif	2606:4700:20::681a:2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://savelife.in.ua/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6f69dfa119319177 Requested by Host: savelife.in.ua URL: https://savelife.in.ua/en/donate/?__cf_chl_rt_tk=8QGUnc4FOouyT7kW39ieLDXuLFY7yy3Bl0hCoN14h9o-1649073520-0-gaNycGzNCFE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://savelife.in.ua/en/donate/?__cf_chl_rt_tk=8QGUnc4FOouyT7kW39ieLDXuLFY7yy3Bl0hCoN14h9o-1649073520-0-gaNycGzNCFE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 11:58:40 GMT x-content-type-options nosniff last-modified Thu, 24 Mar 2022 11:29:15 GMT server cloudflare etag "623c560b-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 6f69dfa17a119177-FRA vary Accept-Encoding content-length 42 expires Mon, 04 Apr 2022 13:58:40 GMT
GET H2	200	transparent.gif savelife.in.ua/cdn-cgi/images/trace/jschal/nojs/	42 B 220 B	28ms 28ms	Image image/gif	2606:4700:20::681a:2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://savelife.in.ua/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6f69dfa119319177 Requested by Host: savelife.in.ua URL: https://savelife.in.ua/en/donate/?__cf_chl_rt_tk=8QGUnc4FOouyT7kW39ieLDXuLFY7yy3Bl0hCoN14h9o-1649073520-0-gaNycGzNCFE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://savelife.in.ua/en/donate/?__cf_chl_rt_tk=8QGUnc4FOouyT7kW39ieLDXuLFY7yy3Bl0hCoN14h9o-1649073520-0-gaNycGzNCFE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 11:58:40 GMT x-content-type-options nosniff last-modified Thu, 24 Mar 2022 11:29:15 GMT server cloudflare etag "623c560b-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 6f69dfa17a129177-FRA vary Accept-Encoding content-length 42 expires Mon, 04 Apr 2022 13:58:40 GMT
POST H2	200	9bf3dbefd1fe571 Show response savelife.in.ua/cdn-cgi/challenge-platform/h/b/flow/ov1/0.14008039757918844:1649070576:a6f0dfec5f5e2c742a5c1a85bcaa4bcc42f2ccd60ef0c19b60ec89cd60fe8b37/6f69dfa119319177/	121 KB 121 KB	83ms 83ms	XHR text/plain	2606:4700:20::681a:2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savelife.in.ua/cdn-cgi/challenge-platform/h/b/flow/ov1/0.14008039757918844:1649070576:a6f0dfec5f5e2c742a5c1a85bcaa4bcc42f2ccd60ef0c19b60ec89cd60fe8b37/6f69dfa119319177/9bf3dbefd1fe571 Requested by Host: savelife.in.ua URL: https://savelife.in.ua/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6f69dfa119319177 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f1bf0c26733a41b35249e158d2533c21d38a640ee267c0b28e2ab846e06376e Request headers Referer https://savelife.in.ua/en/donate/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 CF-Challenge 9bf3dbefd1fe571 Content-type application/x-www-form-urlencoded Response headers date Mon, 04 Apr 2022 11:58:41 GMT cf_chl_gen hoM3Z3xv23eNsOv7VBAJPjukBgYaRQodZIkcC/DSDlRwxYwJx4ASpgQwegqKEoy/n7DjDgzHPle7gfw9X24x62wNuhtCYDD8tHigqP0mhpJwRa7hjxsxuz5wnoTDH3i0z7L/MjCOwrC6n8QMLx68PxsMz0mN+3qctimSNGHqCeRl4sSzoyIVvbBEDy4DFt9/4igI5narcBuIu5do7gjC41dDdXWdqVA4q+cBIPS88kVhqDTVZQGQj4NpGgZ51YZM3VxfWruYYgCqNFv7LgatG1P32dr0dw3u9Smd549hS3LxVgFrIGV3eTzsCpszkg5D4OtHMGG82M2eb4ZjqgBN0bVOrJNQrcSlRRwBNk/zmmU=$IGIWwtzl1ndhgYz6MgLXmw== nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6f69dfa27cb09177-FRA expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBBGXbnbYmdGUudsVAoDBGS46W0W6CKK1TTQKzNfvRk7%2BEk%2FrIg92pLuCodfjb5bc0XKGmkWOExXWamOwB10gA%2BE3uQGfSBWCk0S08nyZnOOibZ9SzoIGQfPAdjHaCIJPVnjIWn297gnL59f"}],"group":"cf-nel","max_age":604800}
GET H2	200	6a7a9e60f7482da-1649073521049 savelife.in.ua/cdn-cgi/challenge-platform/h/b/img/6f69dfa119319177/70a73539/	61 B 342 B	33ms 32ms	Image image/png	2606:4700:20::681a:2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://savelife.in.ua/cdn-cgi/challenge-platform/h/b/img/6f69dfa119319177/70a73539/6a7a9e60f7482da-1649073521049 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f1c7cee7d4dfd6a310014b84b82f437ca17820acbf6afa7494dabd66ffa95f9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://savelife.in.ua/en/donate/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 11:58:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6f69dfa4496f9177-FRA expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w31ZqiZjVOSXBOrHWtcoIz%2FJOZ4qaad%2FLXQcEwDg9DXTE0vukuoOiHfIn8QjKMBxomrTjPA4yqfCUyqMkbkAnIxGn0g6WjwZ4GFSO1KQw2SHLmSjbPLUpP1jEgAJJ8Z6gPaFGgRT%2FUdk2Qil"}],"group":"cf-nel","max_age":604800} content-type image/png
GET BLOB	200 OK	e6c3281a-1dbb-4a0a-a719-371354646e16 https://savelife.in.ua/	120 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://savelife.in.ua/e6c3281a-1dbb-4a0a-a719-371354646e16 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Content-Length 120 Content-Type application/javascript
POST H2	200	9bf3dbefd1fe571 Show response savelife.in.ua/cdn-cgi/challenge-platform/h/b/flow/ov1/0.14008039757918844:1649070576:a6f0dfec5f5e2c742a5c1a85bcaa4bcc42f2ccd60ef0c19b60ec89cd60fe8b37/6f69dfa119319177/	1 KB 2 KB	82ms 82ms	XHR text/plain	2606:4700:20::681a:2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savelife.in.ua/cdn-cgi/challenge-platform/h/b/flow/ov1/0.14008039757918844:1649070576:a6f0dfec5f5e2c742a5c1a85bcaa4bcc42f2ccd60ef0c19b60ec89cd60fe8b37/6f69dfa119319177/9bf3dbefd1fe571 Requested by Host: savelife.in.ua URL: https://savelife.in.ua/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6f69dfa119319177 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96f5744ec59b85f34615b9de12e23eb2fe42f22c965719b8f0358f6ca8bbb2a9 Request headers Referer https://savelife.in.ua/en/donate/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 CF-Challenge 9bf3dbefd1fe571 Content-type application/x-www-form-urlencoded Response headers date Mon, 04 Apr 2022 11:58:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf_chl_out qFRvTo4Q8y9Au98+p80POAi+PcnZTm/T0SJl6RYkZhmWSMaMzTvAs2LmVH8GmENNjCdGDT44mFe/EFJi9SIDlA==$yRK9xXbA4YwztTRKw4pvQA== expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2fmKGkKh4gDyR0ui6t9GlarzG9au7wharRMUmiwkt1Gsq2FQatr7RiL9EPtLtmqy4YmtvUTIfm8KNIOYVN%2Fvv%2ByYEv33EGmEB0CfsdgcEbvwU466%2BYrv6fhjgxN4JjFUiMr0UL7CsPAhQmC"}],"group":"cf-nel","max_age":604800} cf_chl_out_s Ox+qX8VR4dNNG/WEAOcph89GN6qOhT+ZQ5g7Kb+JWddn3ROAXoAM6zU/ynZdYJ0LKNgqoUTGiGVv+ULMljHF8U4fYvOuIJEPntK1kUccg+MZbDfU7S2GSbAFCVrLxhuMs/mPf9tQ0I+Hl39STUIbQycXz67h9RMWFc1534H4B1PdwG6gKw4JtoTsT5QFC4a7Z3dIaxoSib3wWnKQS3tQ4Dw/rcudwDKs3ZsQZSiOxL1+T+g3XQXWVCnluARzESSJr9MpfatFzqzmKsK0V28aYrAcD1vzl3AZcH7ETpJQUaPnm/qLv+RCFcrji9vSF9bFFChErdeUYcU1wEOhIrZkR6qJ6+qZW0dH4rzwqnmUxaow736DJSZpH1pGx1pRdL5cLQ4bVzQvuzSjyFf+0uls0g==$6OuA5XOHLSy7zOzw/CCzPA== cf-ray 6f69dfa89caa9177-FRA
GET H2	503	Primary Request / Show response savelife.in.ua/en/donate/	10 KB 11 KB	25ms 24ms	Document text/html	2606:4700:20::681a:2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savelife.in.ua/en/donate/ Requested by Host: www.mgid.com URL: https://www.mgid.com/ghits/12521125/i/57618430/0/pp/2/1?h=_g1qa4uUKWEfMAJeTyVW8mL3r-KAilRp1g3LA9gcE127sLjSS9uPgLWGlqiUx0Mx&rid=7087b25b-b40e-11ec-bec0-e43d1a2a53a0&ts=google.com&tt=Organic&att=2&cpm=1&gbpp=1&abd=1&iv=11&ct=1&gdpr=1&st=180&k=1285858fcX4OZ_Jc3tffX_4cCwcfX_4cLD0ffODM2*DU0OQ%3D%3Df!fL_fS*fa%3BffMjk0*DM0NA%3D%3DffKb6LbBffTfTfaHR0cHM6Ly93d3cudW5pYW4ubmV0L3J1c3NpYW53b3JsZC9yb3NzaXlza2llLXByb3BhZ2FuZGlzdHktdnlwdXN0aWxpLXN0YXR5d%241vcHJhdmR5dmF5dXNoY2h1eXUtdWJpeXN0dmEtdnNlaC11a3JhaW5jZXYtbm92bw%3D%3DfaHR0cHM6Ly93d3cuZ29vZ2xlLmNvb%248%3DfKysvf*fODM2*DI1MjF8NzY4*DIxODM%3DfMHww*DB8Mg%3D%3DfMHwwf!fcfMzQ0*DI5NHw3Njd8MjEwfaQfQaf!f!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC44NCBTYWZhcmkvNTM3LjM2IE9QUi84N%244wLjQzNDEuNDc%3DfUERGVmlld2Vy*ENocm9tZVBERlZpZXdlcnxDaHJvbWl1bVBERlZpZXdlcnxNaWNyb3NvZnRFZGdlUERGVmlld2Vy*FdlYktpdGJ1aWx0LWluUERGffV2luMzI%3DfMTgwfMXwxMDA%3DfMTY4MHwxMDEwfdW5rbm93bnw0Z3wwf!f!fTff*f*(UN77S!&crst=1649073487&wrst=1649073487 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a821e6a79b4b071d6192cac4bbeb5e549b0b22a19b5bce1639be68cefef75c11 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://savelife.in.ua/en/donate/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 6f69dfb59f3e9177-FRA content-type text/html; charset=UTF-8 date Mon, 04 Apr 2022 11:58:44 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZVSFtYQdmdINs4NulautTGisfUM6FdwrwEiiDL8GBepAOwWAAJcvIrOAmFv8jTdi%2F1mZQuTtdQW2n7TbLEQ5LlhbsyDC92iJ%2FtwVu4TzyMiDOj%2FEsWb6jkxuBqwHfPLl6TIJ8jXW8woKqw7"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	v1 Show response savelife.in.ua/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/	39 KB 14 KB	32ms 32ms	Script text/javascript	2606:4700:20::681a:2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savelife.in.ua/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6f69dfb59f3e9177 Requested by Host: savelife.in.ua URL: https://savelife.in.ua/en/donate/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26becd87b020a600750c5f4ae675b091971c2931c609aa0be4d2c08a73c9b6e1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://savelife.in.ua/en/donate/?__cf_chl_rt_tk=f.Ot0AhIesS5zPOeXWIpG.dfutCaogo_Z5g4wSS30cY-1649073524-0-gaNycGzNBxE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 11:58:44 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACvFGRI%2FeGfJRJvA2HYGLV1kx5xU0uFNJ7isDZgZ3qoesHAK4ZOfNbzshFGqbtMNh%2B6aKtBwuD3WNlto3QyXGHmuk%2Bb49%2FfVtdRx4cHn6AJ0GgQMF5t%2Fkl9ly01v9PUaekrfOgY2sfY9fS4U"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=0, must-revalidate cf-ray 6f69dfb5dff49177-FRA
GET H2	200	transparent.gif savelife.in.ua/cdn-cgi/images/trace/jschal/js/	42 B 221 B	21ms 21ms	Image image/gif	2606:4700:20::681a:2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://savelife.in.ua/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6f69dfb59f3e9177 Requested by Host: savelife.in.ua URL: https://savelife.in.ua/en/donate/?__cf_chl_rt_tk=f.Ot0AhIesS5zPOeXWIpG.dfutCaogo_Z5g4wSS30cY-1649073524-0-gaNycGzNBxE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://savelife.in.ua/en/donate/?__cf_chl_rt_tk=f.Ot0AhIesS5zPOeXWIpG.dfutCaogo_Z5g4wSS30cY-1649073524-0-gaNycGzNBxE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 11:58:44 GMT x-content-type-options nosniff last-modified Thu, 24 Mar 2022 11:29:15 GMT server cloudflare etag "623c560b-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 6f69dfb5dff79177-FRA vary Accept-Encoding content-length 42 expires Mon, 04 Apr 2022 13:58:44 GMT
GET H2	200	transparent.gif savelife.in.ua/cdn-cgi/images/trace/jschal/nojs/	42 B 101 B	20ms 20ms	Image image/gif	2606:4700:20::681a:2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://savelife.in.ua/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6f69dfb59f3e9177 Requested by Host: savelife.in.ua URL: https://savelife.in.ua/en/donate/?__cf_chl_rt_tk=f.Ot0AhIesS5zPOeXWIpG.dfutCaogo_Z5g4wSS30cY-1649073524-0-gaNycGzNBxE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://savelife.in.ua/en/donate/?__cf_chl_rt_tk=f.Ot0AhIesS5zPOeXWIpG.dfutCaogo_Z5g4wSS30cY-1649073524-0-gaNycGzNBxE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Mon, 04 Apr 2022 11:58:44 GMT x-content-type-options nosniff last-modified Thu, 24 Mar 2022 11:29:15 GMT server cloudflare etag "623c560b-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 6f69dfb5dffa9177-FRA vary Accept-Encoding content-length 42 expires Mon, 04 Apr 2022 13:58:44 GMT
POST H2	200	aea38529aa67610 Show response savelife.in.ua/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9342770870632322:1649070557:c358bcbafdf8e5dd55b54e6ed3b7555f8cf0f1af0ce09e8086a7d3c9369eb72b/6f69dfb59f3e9177/	128 KB 129 KB	75ms 75ms	XHR text/plain	2606:4700:20::681a:2f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savelife.in.ua/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9342770870632322:1649070557:c358bcbafdf8e5dd55b54e6ed3b7555f8cf0f1af0ce09e8086a7d3c9369eb72b/6f69dfb59f3e9177/aea38529aa67610 Requested by Host: savelife.in.ua URL: https://savelife.in.ua/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6f69dfb59f3e9177 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:2f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0cc29e7a2086de7b683fa10a337d04f71201943ef16e8b55f5266c246990474f Request headers Referer https://savelife.in.ua/en/donate/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 CF-Challenge aea38529aa67610 Content-type application/x-www-form-urlencoded Response headers date Mon, 04 Apr 2022 11:58:44 GMT cf_chl_gen 0jkJax4LrwnKCcqGNiTBd5bxz7I5KtU2SiquEBjA2SkszOH3SCnOzy46geuoG+Sg7Znr5iVONBwiOmSYSA3zYKxjOWbf5bcEsFovcpfLFMx1m3wvKHG+l6hacFRkSahH0jB3GOAB7hXZ19UyFbFwtQ7C17frxkN/4JiD4b/V/FHODXbm/REstUuR+IQrN7sngs/NtmM+vSVq9lPfCaxJWrlp5tzuCQcjuXVNA5c+hFZ08ASOriXxB2MKMMRfpxKS5E2BojNqQYSEYUemhJyhO3RhF/HSyQ3IKExHNvSg5tW/kZP9OW1obEweKYpJHtpn3W/1NepGXqxE1ya7jN1erQ==$V7WsAW1dk3PTsTHcLbmxEA== nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6f69dfb6ca3a9177-FRA expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuvQdxG3swO4NlWfAMjPZi3SVrJtj2VBXjTTAeGACXd2H7kKrlIvlh50gVe%2BAQy%2FpJqETl87%2FaBwYx%2F%2FwOAkfDN18Yc999bT%2FvwUdqabdQHkB3iJCG63k5f0PIp%2By1mZwJr7sF8wcWfJYfrP"}],"group":"cf-nel","max_age":604800}
GET BLOB	200 OK	23cc3165-611d-47a2-86ad-b95f53f27671 https://savelife.in.ua/	120 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://savelife.in.ua/23cc3165-611d-47a2-86ad-b95f53f27671 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Content-Length 120 Content-Type application/javascript

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| _cf_chl_opt function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| sendRequest function| _cf_atob function| SHA256 object| _cf_chl_ctx object| _ number| GTd string| prop

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			savelife.in.ua/cdn-cgi/challenge-platform/h/b/flow/ov1/0.9342770870632322:1649070557:c358bcbafdf8e5dd55b54e6ed3b7555f8cf0f1af0ce09e8086a7d3c9369eb72b/6f69dfb59f3e9177	1969-12-31 23:59:59	Name: cf_chl_seq_aea38529aa67610 Value: 9c22beea5a35ca3
			www.mgid.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 096q7df48rbiclah86bs3s1g5i
			.mgid.com/	1970-01-20 02:05:59	Name: mgid Value: 12521125
			.mgid.com/	1970-01-20 02:05:59	Name: mtid Value: 57618430
			.mgid.com/	1970-01-20 02:05:59	Name: mtuid Value: 57618430
			.mgid.com/	1970-01-20 02:05:59	Name: mstatus Value: 0
			.mgid.com/	1970-01-20 02:05:59	Name: mghd Value: savelife.in.ua
			.mgid.com/	1970-01-20 02:04:35	Name: __cf_bm Value: ZeXtKiviIG.0UEM1ue7s21Ew.P1qvd4eBcP.jiayoas-1649073520-0-AS+7W4eQMRGGKkoTklJS4s1Drq8fmayBlCKa5wAlH23lRItZLLYtPDwqYFgzRjKcy8Ek0TYdTUBm6fyaGgRHNf8=
			savelife.in.ua/	1970-01-20 02:04:37	Name: cf_chl_rc_ni Value: 1
			savelife.in.ua/	1970-01-20 02:04:37	Name: cf_chl_2 Value: aea38529aa67610
			savelife.in.ua/	1970-01-20 02:04:37	Name: cf_chl_prog Value: e

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://savelife.in.ua/en/donate/ Message: Failed to load resource: the server responded with a status of 503 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://savelife.in.ua/en/donate/ Message: Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

savelife.in.ua
www.mgid.com
104.19.135.78
2606:4700:20::681a:2f
032e92d9306c3117d09154733e387bc86492d7fd786991aa4ae29525c8e01fff
0cc29e7a2086de7b683fa10a337d04f71201943ef16e8b55f5266c246990474f
1356749aa82753de15286c9208ac034453521fb2352798f8fc1c916790cf1d52
26becd87b020a600750c5f4ae675b091971c2931c609aa0be4d2c08a73c9b6e1
5f1c7cee7d4dfd6a310014b84b82f437ca17820acbf6afa7494dabd66ffa95f9
96f5744ec59b85f34615b9de12e23eb2fe42f22c965719b8f0358f6ca8bbb2a9
9f1bf0c26733a41b35249e158d2533c21d38a640ee267c0b28e2ab846e06376e
a821e6a79b4b071d6192cac4bbeb5e549b0b22a19b5bce1639be68cefef75c11
c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629