urlscan.io logo urlscan.io
SecurityTrails logo

save.uno Open in urlscan Pro
104.130.255.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.save.uno/ls/click?upn=OCivFNKZvSsapTRsyn5NE0-2F0e6cG41JRFiCc6aaN8yb8p-2BDt2i17lcuqaDCyTNTzW7hjrFWtgD4t4j8...
Effective URL: https://save.uno/users/edit_name
Submission: On October 07 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 23 HTTP transactions. The main IP is 104.130.255.75, located in San Antonio, United States and belongs to RMH-14, US. The main domain is save.uno.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 29th 2019. Valid for: 2 years.
This is the only time save.uno was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    167.89.123.54 (United States)

ASN11377 (SENDGRID, US)
PTR: o16789123x54.outbound-mail.sendgrid.net
links.save.uno
3    104.130.255.75 (San Antonio, United States)

ASN33070 (RMH-14, US)
save.uno
5    2a02:26f0:64:697::2c01 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
cashback.scdn5.secure.raxcdn.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    34.107.252.72 (United States)

ASN15169 (GOOGLE, US)
PTR: 72.252.107.34.bc.googleusercontent.com
www.fullstory.com
1    35.201.112.186 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
4    2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    162.247.242.18 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net
bam.nr-data.net
3    35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
Domain Requested by
5 cashback.scdn5.secure.raxcdn.com save.uno
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 rs.fullstory.com www.fullstory.com
3 save.uno 2 redirects
2 bam.nr-data.net js-agent.newrelic.com
2 fonts.gstatic.com fonts.googleapis.com
1 stats.g.doubleclick.net www.google-analytics.com
1 edge.fullstory.com
1 www.fullstory.com 1 redirects
1 js-agent.newrelic.com save.uno
1 www.googletagmanager.com save.uno
1 fonts.googleapis.com cashback.scdn5.secure.raxcdn.com
1 links.save.uno 1 redirects
23 13

This site contains no links.

Subject Issuer Validity Valid
konim.uno
Sectigo RSA Domain Validation Secure Server CA		 2019-04-29 -
2021-07-27		 2 years crt.sh
*.scdn5.secure.raxcdn.com
DigiCert SHA2 Secure Server CA		 2020-01-01 -
2021-04-01		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-01 -
2021-05-07		 7 months crt.sh
edge.fullstory.com
GTS CA 1D2		 2020-08-29 -
2020-11-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.fullstory.com
Let's Encrypt Authority X3		 2020-09-30 -
2020-12-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://save.uno/users/edit_name
Frame ID: AFA9F212A6DF9C14F7DA197535CEE1DE
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://links.save.uno/ls/click?upn=OCivFNKZvSsapTRsyn5NE0-2F0e6cG41JRFiCc6aaN8yb8p-2BDt2i17lcuqaDC... HTTP 302
    https://save.uno/confirm?confirmation_token=40312112d728bb5fc87ff31de5a013f31c6724e9c1&email=... HTTP 302
    https://save.uno/users/pages HTTP 302
    https://save.uno/users/edit_name Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /Phusion Passenger ([\d.]+)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

23
Requests

96 %
HTTPS

46 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

599 kB
Transfer

1485 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.save.uno/ls/click?upn=OCivFNKZvSsapTRsyn5NE0-2F0e6cG41JRFiCc6aaN8yb8p-2BDt2i17lcuqaDCyTNTzW7hjrFWtgD4t4j8Y8FZeepFbI9FmZOGZsUhW7vS8RgAcRKAsk8i6hPBOLPX-2BYdWirphMGH-2Fo9ua0QjKHJMnoL8-2FGpRUxOyGIjJUtUid7Z2hAoFvViFD9CrhAbTCScmgA6cb2ZdxGkVfB3j05TOZMbq0h-2BBev4HDM3TTIK3jg9nviFI1orfpWQUiLMOtj-2Fo7sQumDs-2F18-2FeEtrcSmdcrmNztf-2BJwUFc1G3ZW50MZHPeI-3D_p-w_y-2B8uQF3wYGvBju8qHvfvZaFTeGusF4Y7UHrI0ijtKh5opdEPa7kdRsmTfZhW-2BxypzBhHh2bSMf2T-2BVLyQyPz1Gl-2FF4bhjt8Uw9k-2BuI9e9gs2eZqRmiPfg74LmSHarUd6sARS0iaskSBinYpA01y-2FIl3RkZ81NdvSJpqzS9UMamE4KvvvsQoxSlHEn2WZV2FVDmznHKVQwIwGmzH31Ve7I8vxF7ZPZ3NYMFrZdju2i9RiZTKmik8eA3-2FkMI8BGquQdB15phzAwXPoGP61Z2Hfrg-3D-3D HTTP 302
    https://save.uno/confirm?confirmation_token=40312112d728bb5fc87ff31de5a013f31c6724e9c1&email=ssaunders%40ghs.org&utm_content=activation_button&utm_source=activation_email&utm_medium=email&utm_campaign=website HTTP 302
    https://save.uno/users/pages HTTP 302
    https://save.uno/users/edit_name Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.fullstory.com/s/fs.js HTTP 301
  • https://edge.fullstory.com/s/fs.js

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set edit_name
save.uno/users/
Redirect Chain
  • http://links.save.uno/ls/click?upn=OCivFNKZvSsapTRsyn5NE0-2F0e6cG41JRFiCc6aaN8yb8p-2BDt2i17lcuqaDCyTNTzW7hjrFWtgD4t4j8Y8FZeepFbI9FmZOGZsUhW7vS8RgAcRKAsk8i6hPBOLPX-2BYdWirphMGH-2Fo9ua0QjKHJMnoL8-2FG...
  • https://save.uno/confirm?confirmation_token=40312112d728bb5fc87ff31de5a013f31c6724e9c1&email=ssaunders%40ghs.org&utm_content=activation_button&utm_source=activation_email&utm_medium=email&utm_campa...
  • https://save.uno/users/pages
  • https://save.uno/users/edit_name
17 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://save.uno/users/edit_name
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.130.255.75 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
nginx + Phusion Passenger 5.1.11 / Phusion Passenger 5.1.11
Resource Hash
f33336a25d47313eb91c1777b394c2f587b11fcb2cae65f20480071ea015d87a
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Host
save.uno
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
_uno_access_token=8ca7c5d82061a14e631033d622173b5a68198a16f7; user_locale=en
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Status
200 OK
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Origin
*
Vary
Origin
Pragma
no-cache
X-Request-Id
b2d04c7f-c677-43a9-a502-c4f399961aae
X-Runtime
0.021134
X-Frame-Options
ALLOWALL
Access-Control-Request-Method
GET,POST,OPTIONS
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Date
Wed, 07 Oct 2020 18:57:18 GMT
Set-Cookie
_uno_session=d0JOOUdhKzhIeGQrQXJlZ0FVOEZtZjNTczdWZkowa1JYMkJidTJyU05lcFhURWlpL0lrcVFPTDNWSVJlT2pjb2FNNnkwTzBpSXlYU3J1enY3TWcwWG1hUm9nV1FPQjNtR045WWd3RVZ6cWQ4eEJXek56RjVQTEhYUDRWYmpBVHZ1akdlVVlHSmg2UlBiZnF3M1ZBWE1UT0llY0Z2YXE2RFV6TG9rcGNhc2djT2JCdHMzNWFHMkMrbEg3Nm8zbzdOLS1PTXN5bkJMbHNRdkhrMldSeS9yaGFBPT0%3D--7e042959ceecb039c22888090f55c94e25c37db0; path=/; HttpOnly
X-Powered-By
Phusion Passenger 5.1.11
Server
nginx + Phusion Passenger 5.1.11
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Encoding
gzip

Redirect headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Status
302 Found
Cache-Control
no-cache
Access-Control-Allow-Origin
*
Vary
Origin
X-Request-Id
31ddb9b5-8ece-4a95-9463-d7024455d624
Location
https://save.uno/users/edit_name
X-Runtime
0.033200
X-Frame-Options
ALLOWALL
Access-Control-Request-Method
GET,POST,OPTIONS
Date
Wed, 07 Oct 2020 18:57:18 GMT
Set-Cookie
user_locale=en; domain=save.uno; path=/
X-Powered-By
Phusion Passenger 5.1.11
Server
nginx + Phusion Passenger 5.1.11
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
login-4ea272c9a31eec2509a1c1920040737a.js
cashback.scdn5.secure.raxcdn.com/assets/ 		391 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cashback.scdn5.secure.raxcdn.com/assets/login-4ea272c9a31eec2509a1c1920040737a.js
Requested by
Host: save.uno
URL: https://save.uno/users/edit_name
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:64:697::2c01 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
1d130032bfffed7dc14f19349e0d1097964630a504acb474bab346e4157c838c

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 18:57:18 GMT
content-encoding
gzip
last-modified
Tue, 17 Oct 2017 00:27:02 GMT
server
nginx
etag
W/"59e54e56-61a0b"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-cache-info
caching
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
125646
konim_uno-637260d53a829b7c542cafaadfaad11d.css
cashback.scdn5.secure.raxcdn.com/assets/ 		579 KB
266 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cashback.scdn5.secure.raxcdn.com/assets/konim_uno-637260d53a829b7c542cafaadfaad11d.css
Requested by
Host: save.uno
URL: https://save.uno/users/edit_name
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:64:697::2c01 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
fbe6a870613858c973bfa01bb6ac5122cca718065e143436b2841aec7dfece33

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 18:57:18 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 23:54:54 GMT
server
nginx
etag
W/"5a063c4e-90bad"
vary
Accept-Encoding
content-type
text/css
status
200
x-cache-info
caching
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
271309
close-white-70d003b8e00e26b8e53c81b48ec24991.png
cashback.scdn5.secure.raxcdn.com/assets/ 		394 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cashback.scdn5.secure.raxcdn.com/assets/close-white-70d003b8e00e26b8e53c81b48ec24991.png
Requested by
Host: save.uno
URL: https://save.uno/users/edit_name
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:64:697::2c01 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
122481ff5730d7ebba3f4e4163ad8c79f32d89687421c62f269cdc0e6c2708b0

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 18:57:19 GMT
last-modified
Wed, 15 Feb 2017 02:30:07 GMT
server
nginx
etag
"58a3bd2f-18a"
content-type
image/png
status
200
x-cache-info
caching
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
394
default_user_thumbnail-c9b7cbac4bee07bbd6f5f275dfcb884c.png
cashback.scdn5.secure.raxcdn.com/assets/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cashback.scdn5.secure.raxcdn.com/assets/default_user_thumbnail-c9b7cbac4bee07bbd6f5f275dfcb884c.png
Requested by
Host: save.uno
URL: https://save.uno/users/edit_name
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:64:697::2c01 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
012faa2bbbf6bf4fa38dd290e42103231e26b1ce6109897dc091591bbae0fad8

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 18:57:19 GMT
last-modified
Sat, 12 Aug 2017 20:01:29 GMT
server
nginx
etag
"598f5e99-3303"
content-type
image/png
status
200
x-cache-info
caching
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
13059
save-logo-white-605977183347b66b8424be1db83f8d7c.png
cashback.scdn5.secure.raxcdn.com/assets/konim2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cashback.scdn5.secure.raxcdn.com/assets/konim2/save-logo-white-605977183347b66b8424be1db83f8d7c.png
Requested by
Host: save.uno
URL: https://save.uno/users/edit_name
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:64:697::2c01 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
b364b38243e2dffe6dea4fa23074e9d7efd72112e61327afe0bfa6eedffeb884

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 18:57:19 GMT
last-modified
Wed, 12 Apr 2017 13:41:41 GMT
server
nginx
etag
"58ee2e95-81b"
content-type
image/png
status
200
x-cache-info
caching
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
2075
opensanshebrew.css
fonts.googleapis.com/earlyaccess/ 		5 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/earlyaccess/opensanshebrew.css
Requested by
Host: cashback.scdn5.secure.raxcdn.com
URL: https://cashback.scdn5.secure.raxcdn.com/assets/konim_uno-637260d53a829b7c542cafaadfaad11d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25e905a4cbc6a26d6d0a1e720b8f0cb5c809eee25c625ba1bf452c3bbfc98e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cashback.scdn5.secure.raxcdn.com/assets/konim_uno-637260d53a829b7c542cafaadfaad11d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 18:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 07 Oct 2020 18:57:19 GMT
gtm.js
www.googletagmanager.com/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PVJ6R8
Requested by
Host: save.uno
URL: https://save.uno/users/edit_name
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49c4148388f2a5b07b59d7a70899770645bedbbace7162f32baf1de14ae5237a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 18:57:19 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34181
x-xss-protection
0
last-modified
Wed, 07 Oct 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Oct 2020 18:57:19 GMT
OpenSansHebrew-Regular.woff2
fonts.gstatic.com/ea/opensanshebrew/v3/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/opensanshebrew/v3/OpenSansHebrew-Regular.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/opensanshebrew.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00a37289fdde29892417e72bb1494d7967af5f3d8e5a437f07376a8b3f044373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://save.uno
Referer
https://fonts.googleapis.com/earlyaccess/opensanshebrew.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 14:39:47 GMT
x-content-type-options
nosniff
age
15452
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14228
x-xss-protection
0
last-modified
Wed, 13 Aug 2014 16:50:04 GMT
server
sffe
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Oct 2021 14:39:47 GMT
OpenSansHebrew-Bold.woff2
fonts.gstatic.com/ea/opensanshebrew/v3/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/opensanshebrew/v3/OpenSansHebrew-Bold.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/opensanshebrew.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04f279b27c82c089bce1998a9ce8864f9211d98e5a08de95819444ea7aecc687
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://save.uno
Referer
https://fonts.googleapis.com/earlyaccess/opensanshebrew.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 06:51:42 GMT
x-content-type-options
nosniff
age
129937
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14060
x-xss-protection
0
last-modified
Wed, 13 Aug 2014 16:50:04 GMT
server
sffe
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Oct 2021 06:51:42 GMT
nr-1184.min.js
js-agent.newrelic.com/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1184.min.js
Requested by
Host: save.uno
URL: https://save.uno/users/edit_name
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 18:57:19 GMT
content-encoding
gzip
x-amz-request-id
A21809B1C987C063
x-cache
HIT
status
200
content-length
10624
x-amz-id-2
5/0iWHe8AbcxZN6Jo3BmJ2Q+tztfRSNwr+lcNTrsM79nJm6KurTN6rNwf14f8ELquc1TIDOjlf4=
x-served-by
cache-hhn4031-HHN
last-modified
Mon, 28 Sep 2020 16:34:45 GMT
server
AmazonS3
x-timer
S1602097039.266239,VS0,VE0
etag
"3d7f312be60d08a2568e311e4762f3af"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
15045
fs.js
edge.fullstory.com/s/
Redirect Chain
  • https://www.fullstory.com/s/fs.js
  • https://edge.fullstory.com/s/fs.js
203 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
076fcf4db8e33f2ec5c948a05f540279f47b4617f74c51a9f2d177936a44faf7

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 18:48:54 GMT
content-encoding
gzip
age
505
x-guploader-uploadid
ABg5-Uy0tuatG0LLqPGQUVs_8jC6AmtvVgzA4vbacfDQHRm56nvJoia7SWGGepCy8vn2wSdY2h_igW_eRGN3kgHwc0I
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
61891
last-modified
Thu, 24 Sep 2020 15:36:08 GMT
server
UploadServer
etag
"3c7c845e078a26dbf9e6d06bc7b174bc"
x-goog-hash
crc32c=OA1UKw==, md5=PHyEXgeKJtv55tBrx7F0vA==
x-goog-generation
1600961768648174
access-control-allow-origin
*
cache-control
public, max-age=600,no-transform
x-goog-stored-content-length
61891
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 07 Oct 2020 18:58:54 GMT

Redirect headers

date
Sat, 26 Sep 2020 14:07:41 GMT
via
1.1 google
age
967778
status
301
location
https://edge.fullstory.com/s/fs.js
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=63072000
timing-allow-origin
*
alt-svc
clear
content-length
0
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ6R8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
6100
date
Wed, 07 Oct 2020 17:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Wed, 07 Oct 2020 19:15:39 GMT
js
www.google-analytics.com/gtm/ 		80 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NVLTZQ2&t=gtm3&cid=609157654.1602097039
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5aee0240bf957906c802334c67fba1f73fcdd158b4f487b46fc22774f5a2d220
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 07 Oct 2020 18:57:19 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32284
x-xss-protection
0
last-modified
Wed, 07 Oct 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Oct 2020 18:57:19 GMT
collect
www.google-analytics.com/j/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=799715958&t=pageview&_s=1&dl=https%3A%2F%2Fsave.uno%2Fusers%2Fedit_name&ul=en-us&de=UTF-8&dt=Please%20complete%20your%20profile%20-%20Save.uno&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=902127531&gjid=1441133700&cid=609157654.1602097039&uid=108119&tid=UA-60776306-1&_gid=823415560.1602097039&_r=1&gtm=2wg9n1PVJ6R8&z=1618210395
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Oct 2020 18:57:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://save.uno
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=799715958&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsave.uno%2Fusers%2Fedit_name&ul=en-us&de=UTF-8&dt=Please%20complete%20your%20profile%20-%20Save.uno&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Users&ea=Non%20EN%20name&el=108119%20-%20ssaunders%40ghs.org%20-%20528___***%20ONLINE%20ADULT%20DATING%20SITE%3A%20https%3A%2F%2Fsoo.gd%2FOhjO%20***___263MA%20204___***%20BEST%20ADULT%20DATING%20SITE%3A%20https%3A%2F%2Fv.ht%2FxPO6%20***___294MA&_u=aGDACEADRAAAAC~&jid=&gjid=&cid=609157654.1602097039&tid=UA-60776306-1&_gid=823415560.1602097039&gtm=2wg9n1PVJ6R8&z=984732253
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Oct 2020 06:08:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
46119
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-60776306-1&cid=609157654.1602097039&jid=902127531&uid=108119&gjid=1441133700&_gid=823415560.1602097039&_u=aGDAAEACQAAAAC~&z=1135846215
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 07 Oct 2020 18:57:19 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://save.uno
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
18b10d4187
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/18b10d4187?a=49254625&v=1184.ab39b52&to=cAwPEkZdCg8HEEsQEVYREklRVg8XPQwFCAc%3D&rst=2119&ck=1&ref=https://save.uno/users/edit_name&ap=20&be=1748&fe=2013&dc=1992&perf=%7B%22timing%22:%7B%22of%22:1602097037173,%22n%22:0,%22f%22:1579,%22dn%22:1579,%22dne%22:1579,%22c%22:1579,%22ce%22:1579,%22rq%22:1579,%22rp%22:1741,%22rpe%22:1743,%22dl%22:1744,%22di%22:1991,%22ds%22:1991,%22de%22:2000,%22dc%22:2013,%22l%22:2013,%22le%22:2014%7D,%22navigation%22:%7B%7D%7D&fp=1996&fcp=1996&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
page
rs.fullstory.com/rec/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: www.fullstory.com
URL: https://www.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
ccd6a0606c2667fa85eb35bae8027ccefbe52a6cb3fb2aca2aac5c84c982ae9c

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Oct 2020 18:57:19 GMT
content-encoding
gzip
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://save.uno
access-control-allow-credentials
true
alt-svc
clear
content-length
1023
via
1.1 google
bundle
rs.fullstory.com/rec/ 		29 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=WNG2&UserId=4802557608771584&SessionId=6752465983160320&PageId=5254690179170304&Seq=1&PageStart=1602097039677&PrevBundleTime=0&LastActivity=410&IsNewSession=true
Requested by
Host: www.fullstory.com
URL: https://www.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
8b15f7073f5bd7c872876d39d213d48ecd5cd47f38636d4592e24d4382cb3821

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Oct 2020 18:57:20 GMT
via
1.1 google
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://save.uno
access-control-allow-credentials
true
alt-svc
clear
content-length
29
bundle
rs.fullstory.com/rec/ 		29 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle?OrgId=WNG2&UserId=4802557608771584&SessionId=6752465983160320&PageId=5254690179170304&Seq=2&PageStart=1602097039677&PrevBundleTime=1602097039968&LastActivity=4858&IsNewSession=true
Requested by
Host: www.fullstory.com
URL: https://www.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
58515c6b7fff1c08ef2c586470f9e27185d67d0eeef436db3a721e0bb079a621

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Oct 2020 18:57:24 GMT
via
1.1 google
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://save.uno
access-control-allow-credentials
true
alt-svc
clear
content-length
29
18b10d4187
bam.nr-data.net/events/1/ 		24 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/18b10d4187?a=49254625&v=1184.ab39b52&to=cAwPEkZdCg8HEEsQEVYREklRVg8XPQwFCAc%3D&rst=12119&ck=1&ref=https://save.uno/users/edit_name
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://save.uno/users/edit_name
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://save.uno
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif
bundle
rs.fullstory.com/rec/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rs.fullstory.com
URL
https://rs.fullstory.com/rec/bundle?OrgId=WNG2&UserId=4802557608771584&SessionId=6752465983160320&PageId=5254690179170304&Seq=3&PageStart=1602097039677&PrevBundleTime=1602097044956&LastActivity=9858&IsNewSession=true

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| NREUM object| newrelic function| __nr_require function| receiveMessageReadyness object| SETTINGS function| receiveMessage boolean| prev_message function| $ function| jQuery object| jQuery1121041251483901718444 object| Foundation function| _ object| dataLayer object| google_tag_manager boolean| _fs_debug string| _fs_host string| _fs_org string| _fs_namespace function| FS string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_optimize string| _fs_loaded function| _fs_shutdown

3 Cookies

Domain/Path Name / Value
save.uno/ Name: _uno_session
Value: d0JOOUdhKzhIeGQrQXJlZ0FVOEZtZjNTczdWZkowa1JYMkJidTJyU05lcFhURWlpL0lrcVFPTDNWSVJlT2pjb2FNNnkwTzBpSXlYU3J1enY3TWcwWG1hUm9nV1FPQjNtR045WWd3RVZ6cWQ4eEJXek56RjVQTEhYUDRWYmpBVHZ1akdlVVlHSmg2UlBiZnF3M1ZBWE1UT0llY0Z2YXE2RFV6TG9rcGNhc2djT2JCdHMzNWFHMkMrbEg3Nm8zbzdOLS1PTXN5bkJMbHNRdkhrMldSeS9yaGFBPT0%3D--7e042959ceecb039c22888090f55c94e25c37db0
.save.uno/ Name: user_locale
Value: en
.save.uno/ Name: _uno_access_token
Value: 8ca7c5d82061a14e631033d622173b5a68198a16f7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cashback.scdn5.secure.raxcdn.com
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
links.save.uno
rs.fullstory.com
save.uno
stats.g.doubleclick.net
www.fullstory.com
www.google-analytics.com
www.googletagmanager.com
rs.fullstory.com
104.130.255.75
151.101.114.110
162.247.242.18
167.89.123.54
2a00:1450:4001:800::200a
2a00:1450:4001:806::2003
2a00:1450:4001:81e::200e
2a00:1450:4001:81f::2008
2a00:1450:400c:c06::9c
2a02:26f0:64:697::2c01
34.107.252.72
35.186.194.58
35.201.112.186
00a37289fdde29892417e72bb1494d7967af5f3d8e5a437f07376a8b3f044373
012faa2bbbf6bf4fa38dd290e42103231e26b1ce6109897dc091591bbae0fad8
04f279b27c82c089bce1998a9ce8864f9211d98e5a08de95819444ea7aecc687
076fcf4db8e33f2ec5c948a05f540279f47b4617f74c51a9f2d177936a44faf7
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
122481ff5730d7ebba3f4e4163ad8c79f32d89687421c62f269cdc0e6c2708b0
1d130032bfffed7dc14f19349e0d1097964630a504acb474bab346e4157c838c
25e905a4cbc6a26d6d0a1e720b8f0cb5c809eee25c625ba1bf452c3bbfc98e46
49c4148388f2a5b07b59d7a70899770645bedbbace7162f32baf1de14ae5237a
58515c6b7fff1c08ef2c586470f9e27185d67d0eeef436db3a721e0bb079a621
5aee0240bf957906c802334c67fba1f73fcdd158b4f487b46fc22774f5a2d220
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b15f7073f5bd7c872876d39d213d48ecd5cd47f38636d4592e24d4382cb3821
b364b38243e2dffe6dea4fa23074e9d7efd72112e61327afe0bfa6eedffeb884
ccd6a0606c2667fa85eb35bae8027ccefbe52a6cb3fb2aca2aac5c84c982ae9c
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
f33336a25d47313eb91c1777b394c2f587b11fcb2cae65f20480071ea015d87a
fbe6a870613858c973bfa01bb6ac5122cca718065e143436b2841aec7dfece33