urlscan.io logo urlscan.io
SecurityTrails logo

saveig.org Open in urlscan Pro
2606:4700:20::681a:8a6  Public Scan

Go To Rescan Add Verdict Report
URL: https://saveig.org/demhunneds/
Submission: On March 30 via manual from PH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 7 countries across 19 domains to perform 80 HTTP transactions. The main IP is 2606:4700:20::681a:8a6, located in United States and belongs to CLOUDFLARENET, US. The main domain is saveig.org.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 6th 2019. Valid for: a year.
This is the only time saveig.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700:20:... 13335 (CLOUDFLAR...)
17 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2804:2d94:fac... 265290 (Uplink Te...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
10 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 88.208.60.53 39572 (ADVANCEDH...)
1 5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.225.86.250 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
6 13 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 144.217.78.155 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 37.252.173.22 29990 (ASN-APPNEX)
1 95.101.184.231 20940 (AKAMAI-ASN1)
80 23
7    2606:4700:20::681a:8a6 (United States)

ASN13335 (CLOUDFLARENET, US)
saveig.org
17    2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
api.demand.supply
1    2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2804:2d94:face:0:face:b00c:3333:a3f (Brazil)

ASN265290 (Uplink Telecom, BR)
instagram.fjpa10-1.fna.fbcdn.net
2    2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
10    2606:4700:3034::6812:2a06 (United States)

ASN13335 (CLOUDFLARENET, US)
a.vdo.ai
track.vdo.ai
4    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    88.208.60.53 (Heemstede, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
nativesubscribe.pro
5    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    13.225.86.250 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-86-250.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700:3037::681f:45e3 (United States)

ASN13335 (CLOUDFLARENET, US)
metosk.com
13    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
googleads.g.doubleclick.net
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
9    144.217.78.155 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns543759.ip-144-217-78.net
s.vdo.ai
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    95.101.184.231 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-184-231.deploy.static.akamaitechnologies.com
acdn.adnxs.com
Domain Requested by
15 live.demand.supply saveig.org
live.demand.supply
pagead2.googlesyndication.com
9 s.vdo.ai a.vdo.ai
saveig.org
8 googleads.g.doubleclick.net 6 redirects pagead2.googlesyndication.com
7 a.vdo.ai saveig.org
a.vdo.ai
7 saveig.org 1 redirects saveig.org
5 www.google-analytics.com 1 redirects saveig.org
4 pagead2.googlesyndication.com live.demand.supply
pagead2.googlesyndication.com
4 fonts.gstatic.com saveig.org
3 track.vdo.ai saveig.org
2 ib.adnxs.com a.vdo.ai
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 api.demand.supply live.demand.supply
2 c.amazon-adsystem.com saveig.org
c.amazon-adsystem.com
2 imasdk.googleapis.com a.vdo.ai
imasdk.googleapis.com
2 cdnjs.cloudflare.com saveig.org
1 acdn.adnxs.com a.vdo.ai
1 www.googletagservices.com pagead2.googlesyndication.com
1 s0.2mdn.net imasdk.googleapis.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.google.de saveig.org
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 metosk.com nativesubscribe.pro
1 www.googletagmanager.com a.vdo.ai
1 nativesubscribe.pro saveig.org
1 instagram.fjpa10-1.fna.fbcdn.net saveig.org
1 fonts.googleapis.com saveig.org
80 28

This site contains links to these domains. Also see Links.

Domain
vdo.ai
instagram.fjpa10-1.fna.fbcdn.net
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-10-06 -
2020-10-05		 a year crt.sh
demand.supply
CloudFlare Inc ECC CA-2		 2019-06-23 -
2020-06-22		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.fjpa10-1.fna.fbcdn.net
DigiCert SHA2 High Assurance Server CA		 2020-03-06 -
2020-06-04		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-05 -
2020-06-12		 6 months crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
nativesubscribe.pro
Let's Encrypt Authority X3		 2020-01-20 -
2020-04-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2019-10-07 -
2020-09-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.vdo.ai
Go Daddy Secure Certificate Authority - G2		 2019-10-15 -
2021-10-15		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2020-01-02 -
2021-04-02		 a year crt.sh

This page contains 13 frames:

Primary Page: https://saveig.org/demhunneds/
Frame ID: 49F8B1B86B1677ECDEC3D7EAFA17D4FE
Requests: 69 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 6F9EAF6BEE1A9FB679A7562462F411A8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200324/r20190131/zrt_lookup.html
Frame ID: 6CBA77FD07DA1190AA8CADBD00BDA3EE
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.377.0_en.html
Frame ID: FA8FF54B06A03A47B4B4EA9A380D4E68
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 981E78837931EDD983F9C4AE3AC211C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&adk=1812271804&adf=3025194257&lmt=1585529087&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsaveig.org%2Fdemhunneds%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1585529087375&bpp=4&bdt=522&fdt=78&idt=78&shv=r20200324&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90&nras=1&correlator=7834547162851&frm=20&pv=1&ga_vid=1167616592.1585529087&ga_sid=1585529087&ga_hid=1763265503&ga_fc=0&iag=0&icsg=37383404392384&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1306526227279745&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=82
Frame ID: 004156292305EFB17BCC56EB06FD5BC5
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 9A1AAF53C7C6F6F3A9D0F44932D6BDE6
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: D85DA56BE58A77491932BD2A650E383E
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 841773B638D558C5BCC1ED6A413EDBF5
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: FBD08CEEABEBD0D0A48DBEC38EF99ACC
Requests: 1 HTTP requests in this frame

Frame: https://live.demand.supply/ds.2.html
Frame ID: 3A7A3200B81894BF472AB09969353EAD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: B14AA232AAB16B7B2E1F5C52E2DC5F07
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 2AEA3F681F6E855A94AC562E4B31E177
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://saveig.org/demhunneds HTTP 301
    https://saveig.org/demhunneds/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • script /2mdn\.net/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

80
Requests

96 %
HTTPS

79 %
IPv6

19
Domains

28
Subdomains

23
IPs

7
Countries

1345 kB
Transfer

3042 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://saveig.org/demhunneds HTTP 301
    https://saveig.org/demhunneds/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1763265503&t=pageview&_s=1&dl=https%3A%2F%2Fsaveig.org%2Fdemhunneds%2F&ul=en-us&de=UTF-8&dt=(%40demhunneds)%20download%20instagram%20stories%20highlights%2C%20photos%2C%20videos%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUAB~&jid=1837656920&gjid=1290326382&cid=1167616592.1585529087&tid=UA-113932176-19&_gid=1553547618.1585529087&_r=1&gtm=2ou3i0&z=1464704061 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-113932176-19&cid=1167616592.1585529087&jid=1837656920&_gid=1553547618.1585529087&gjid=1290326382&_v=j81&z=1464704061 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113932176-19&cid=1167616592.1585529087&jid=1837656920&_v=j81&z=1464704061 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113932176-19&cid=1167616592.1585529087&jid=1837656920&_v=j81&z=1464704061&slf_rd=1&random=386950318
Request Chain 52
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=ec39dfb7-8dfb-42ff-beda-03ba3d2f9661&adk=3806295230&adf=1991883036&w=900&fwrn=4&fwrnh=100&lmt=1585529087&rafmt=2&psa=0&guci=1.2.0.0.2.2.0.0&format=900x90&url=https%3A%2F%2Fsaveig.org%2Fdemhunneds%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&adsid=NT&dt=1585529087368&bpp=7&bdt=515&fdt=49&idt=49&shv=r20200324&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7834547162851&frm=20&pv=2&ga_vid=1167616592.1585529087&ga_sid=1585529087&ga_hid=1763265503&ga_fc=0&iag=0&icsg=2199032303552&dssz=25&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=350&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1306526227279745&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=9YTMgO2fK7&p=https%3A//saveig.org&dtd=61 HTTP 302
  • https://live.demand.supply/ds.2.html
Request Chain 57
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=853b2259-003e-469b-b1d1-43f699c283f5&adk=2438566104&adf=4149417775&w=728&lmt=1585529087&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fsaveig.org%2Fdemhunneds%2F&flash=0&wgl=1&adsid=NT&dt=1585529087480&bpp=4&bdt=627&fdt=4&idt=4&shv=r20200324&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90%2C0x0&nras=1&correlator=7834547162851&frm=20&pv=1&ga_vid=1167616592.1585529087&ga_sid=1585529087&ga_hid=1763265503&ga_fc=0&iag=0&icsg=37383404392384&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1306526227279745&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=1&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tJb4dK9mey&p=https%3A//saveig.org&dtd=7 HTTP 302
  • https://live.demand.supply/ds.2.html
Request Chain 60
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=b5a686f1-717d-4835-bfca-d1cd79140732&adk=561554433&adf=1991883036&w=900&fwrn=4&fwrnh=100&lmt=1585529087&rafmt=2&psa=0&guci=1.2.0.0.2.2.0.0&format=900x90&url=https%3A%2F%2Fsaveig.org%2Fdemhunneds%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&adsid=NT&dt=1585529087663&bpp=4&bdt=810&fdt=4&idt=5&shv=r20200324&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90%2C0x0%2C728x90&nras=1&correlator=7834547162851&frm=20&pv=1&ga_vid=1167616592.1585529087&ga_sid=1585529087&ga_hid=1763265503&ga_fc=0&iag=0&icsg=37383404392384&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=350&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1306526227279745&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&fsb=1&xpc=qnl92IucLC&p=https%3A//saveig.org&dtd=8 HTTP 302
  • https://live.demand.supply/ds.2.html
Request Chain 61
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=c48d2b7e-0c4d-4a2c-b955-b0505db247e9&adk=2531440296&adf=4149417775&w=728&lmt=1585529087&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fsaveig.org%2Fdemhunneds%2F&flash=0&wgl=1&adsid=NT&dt=1585529087704&bpp=3&bdt=851&fdt=3&idt=3&shv=r20200324&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90%2C0x0%2C728x90%2C900x90&nras=1&correlator=7834547162851&frm=20&pv=1&ga_vid=1167616592.1585529087&ga_sid=1585529087&ga_hid=1763265503&ga_fc=0&iag=0&icsg=37383404392384&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1306526227279745&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=1&fu=16&bc=31&ifi=4&uci=a!4&fsb=1&xpc=xl5quvxjsH&p=https%3A//saveig.org&dtd=5 HTTP 302
  • https://live.demand.supply/ds.2.html
Request Chain 64
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=f05ef150-dae3-4004-b68a-ea67132b6f35&adk=2262039263&adf=1991883036&w=900&fwrn=4&fwrnh=100&lmt=1585529087&rafmt=2&psa=0&guci=1.2.0.0.2.2.0.0&format=900x90&url=https%3A%2F%2Fsaveig.org%2Fdemhunneds%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&adsid=NT&dt=1585529087871&bpp=3&bdt=1018&fdt=3&idt=3&shv=r20200324&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90%2C0x0%2C728x90%2C900x90%2C728x90&nras=1&correlator=7834547162851&frm=20&pv=1&ga_vid=1167616592.1585529087&ga_sid=1585529087&ga_hid=1763265503&ga_fc=0&iag=0&icsg=37383404392384&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=350&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1306526227279745&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=5&uci=a!5&fsb=1&xpc=joLoXd8nNO&p=https%3A//saveig.org&dtd=5 HTTP 302
  • https://live.demand.supply/ds.2.html
Request Chain 66
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=ecda4504-9728-4a69-82e8-bbf8b75e697b&adk=838645803&adf=4149417775&w=728&lmt=1585529087&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fsaveig.org%2Fdemhunneds%2F&flash=0&wgl=1&adsid=NT&dt=1585529087883&bpp=3&bdt=1030&fdt=3&idt=3&shv=r20200324&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90%2C0x0%2C728x90%2C900x90%2C728x90%2C900x90&nras=1&correlator=7834547162851&frm=20&pv=1&ga_vid=1167616592.1585529087&ga_sid=1585529087&ga_hid=1763265503&ga_fc=0&iag=0&icsg=37383404392384&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1306526227279745&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=1&fu=16&bc=31&ifi=6&uci=a!6&fsb=1&xpc=Lw43uKPT9v&p=https%3A//saveig.org&dtd=5 HTTP 302
  • https://live.demand.supply/ds.2.html

80 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
saveig.org/demhunneds/
Redirect Chain
  • https://saveig.org/demhunneds
  • https://saveig.org/demhunneds/
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8277c6676a8516ed395dba211a46fcaf5ca58e24d8f14058f40fa2e70828b13

Request headers

:method
GET
:authority
saveig.org
:scheme
https
:path
/demhunneds/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d23bf43b4e4763a7cfc88a661b3a21c2e1585529086
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Mon, 30 Mar 2020 00:44:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=7200
cf-cache-status
HIT
age
9
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57bdcdd8ac31bea6-FRA
content-encoding
br

Redirect headers

status
301
date
Mon, 30 Mar 2020 00:44:46 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d23bf43b4e4763a7cfc88a661b3a21c2e1585529086; expires=Wed, 29-Apr-20 00:44:46 GMT; path=/; domain=.saveig.org; HttpOnly; SameSite=Lax; Secure
location
/demhunneds/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57bdcdd76bb9bea6-FRA
up.js
live.demand.supply/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2360cf3062cdcb281aa725e7807341c9253f684642585c782e8da153954bcb07

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-nf-request-id
5b6f45dc-9886-46d8-aad0-772613eceb3b-11401697
date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
br
cf-cache-status
HIT
age
500
cf-polished
origSize=3756
cf-ray
57bdcdd8fe35145a-FRA
status
200
cf-bgj
minify
server
cloudflare
etag
W/"657a11a9289f10f6b52509f7c67bd374-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
timing-allow-origin
*
link
</impl.v9.5.0.js>; rel=preload; as=script,</p2/v9-5-0?url=saveig.org%2Fdemhunneds%2F>; rel=preload; as=script
cf-h2-pushed
</impl.v9.5.0.js>,</p2/v9-5-0?url=saveig.org%2Fdemhunneds%2F>
art.css
saveig.org/css/ 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saveig.org/css/art.css?v77
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9730c1b6e7f373f6d6b842d080626fd6cca93e0c0682b9b48a31d5871bca36c

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 30 Mar 2020 00:44:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 29 Mar 2020 13:44:25 GMT
server
cloudflare
age
39598
etag
W/"5e80a639-962b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
cf-ray
57bdcdd8dc41bea6-FRA
expires
Tue, 28 Apr 2020 13:44:43 GMT
css
fonts.googleapis.com/ 		2 KB
659 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9982a23525ba1a5e0273ee56b3dd6b1d9c54a6be4e9081a9d5f3715e1d4b4d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 30 Mar 2020 00:44:46 GMT
server
ESF
date
Mon, 30 Mar 2020 00:44:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 30 Mar 2020 00:44:46 GMT
44884218_345707102882519_2446069589734326272_n.jpg
instagram.fjpa10-1.fna.fbcdn.net/v/t51.2885-19/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://instagram.fjpa10-1.fna.fbcdn.net/v/t51.2885-19/44884218_345707102882519_2446069589734326272_n.jpg?_nc_ht=instagram.fjpa10-1.fna.fbcdn.net&_nc_ohc=juIw_rgxYewAX9PPpy6&oh=f2a248b7f23b258d69170191787dc165&oe=5EA8E30F&ig_cache_key=YW5vbnltb3VzX3Byb2ZpbGVfcGlj.2
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2804:2d94:face:0:face:b00c:3333:a3f , Brazil, ASN265290 (Uplink Telecom, BR),
Reverse DNS
Software
/
Resource Hash
2b9c0914d8f3f0aa6cf86705df70b7b21e9ca2f9013a346463788e7cebd0158f

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-haystack-needlechecksum
2903063741
date
Mon, 30 Mar 2020 00:44:47 GMT
x-fb-config-version-elb-prod
785
last-modified
Wed, 21 Nov 2018 19:35:46 GMT
access-control-allow-origin
*
x-fb-config-version-flb-prod
434
content-type
image/jpeg
status
200
cache-control
max-age=1209600, no-transform
x-needle-checksum
3129229475
x-fb-config-version-olb-prod
783
timing-allow-origin
*
content-length
28350
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:46 GMT
content-encoding
br
cf-cache-status
HIT
age
13200518
cf-ray
57bdcdd8e87d1772-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
cloudflare
etag
W/"5afd497c-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 20 Mar 2021 00:44:46 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.003
swiper.min.js
cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.2/js/ 		122 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.2/js/swiper.min.js
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:46 GMT
content-encoding
br
cf-cache-status
HIT
age
13107818
cf-ray
57bdcdd8e87f1772-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 01 Nov 2018 15:47:39 GMT
server
cloudflare
etag
W/"5bdb201b-1e744"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 20 Mar 2021 00:44:46 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.004
art.js
saveig.org/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saveig.org/js/art.js?v77
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b4374a12b41ab97f6cde703b3c1594ddf7cd81a44847b238ed3100829e265ae

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 29 Mar 2020 01:18:15 GMT
server
cloudflare
age
39598
etag
W/"5e7ff757-1b58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
cf-ray
57bdcdd8ec43bea6-FRA
expires
Tue, 28 Apr 2020 13:44:43 GMT
save.min.js
saveig.org/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saveig.org/js/save.min.js
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5428fc64c51b512bc3ef2045239fb52a8ac81935c27c7364809f3fe57f5d9478

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 02 Jul 2019 07:17:07 GMT
server
cloudflare
age
1870823
etag
W/"5d1b04f3-98d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
cf-ray
57bdcdd8ec45bea6-FRA
expires
Mon, 06 Apr 2020 01:07:02 GMT
jszip.min.js
saveig.org/js/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saveig.org/js/jszip.min.js
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9fcebdd5f1116d6ede7b930140928dde25c9aa09dd4269bff5f5d71d868b97

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 02 Jul 2019 07:17:07 GMT
server
cloudflare
age
1870823
etag
W/"5d1b04f3-18fb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
cf-ray
57bdcdd8ec46bea6-FRA
expires
Mon, 06 Apr 2020 01:07:02 GMT
vdo.ai.js
a.vdo.ai/core/saveigv1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/saveigv1/vdo.ai.js
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945881137776aac5df929d7921a9fdbd6a2d30ef82032e154116c1e3b6a37b7b

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:46 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
age
6341
vdo-server
Tag2
x-cache
HIT
status
200
content-encoding
br
content-type
text/javascript;charset=UTF-8
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
81122222 3571769
cache-control
public, max-age=31536000
cf-ray
57bdcdd93ecfbece-FRA
expires
Sun, 28 Mar 2021 14:29:02 GMT
search.png
saveig.org/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saveig.org/img/search.png
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b58f9e33cb0610010c4af74e9eb1d407e132047fcd5af593867d92639f4cdc8a

Request headers

Referer
https://saveig.org/css/art.css?v77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 30 Mar 2020 00:44:46 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Jul 2019 07:17:07 GMT
server
cloudflare
age
1985822
etag
"5d1b04f3-869"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
57bdcdd90c4cbea6-FRA
content-length
2153
expires
Fri, 03 Apr 2020 11:41:21 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v14/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin
https://saveig.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:13:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:19 GMT
server
sffe
age
2374272
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
19172
x-xss-protection
0
expires
Tue, 02 Mar 2021 13:13:34 GMT
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v14/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
637fc05835856f967578386134fe8a10b4fc4afaae082c8052226d5bd5a23e4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin
https://saveig.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 06:20:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:18 GMT
server
sffe
age
5855053
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12196
x-xss-protection
0
expires
Thu, 21 Jan 2021 06:20:33 GMT
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v14/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c75be06dd83179b39507632603aaf3eab56409a1fb41c5a40bb68157d46029d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin
https://saveig.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 10:30:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:53 GMT
server
sffe
age
137676
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
17060
x-xss-protection
0
expires
Sun, 28 Mar 2021 10:30:10 GMT
JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v14/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
501dd7304fc93aa0a003777b7e1792da7fd6b8bf8920b3ce279ea8cbbd7c1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Origin
https://saveig.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 02:00:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:34 GMT
server
sffe
age
5179454
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
6480
x-xss-protection
0
expires
Fri, 29 Jan 2021 02:00:32 GMT
native.js
nativesubscribe.pro/code/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nativesubscribe.pro/code/native.js?h=waWQiOjEwMjQxOTIsInNpZCI6MTAyOTkwNywid2lkIjo1MzkwMCwic3JjIjoyfQ==eyJ
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.60.53 Heemstede, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
f2e7b95168e21a90906ddc773d000d9ffdd24bab36f95690e75eb843b5cc3e5f

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
gzip
server
nginx/1.17.3
access-control-allow-origin
https://saveig.org
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
x-zone
eu
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
371
date
Mon, 30 Mar 2020 00:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Mon, 30 Mar 2020 02:38:35 GMT
vdo.min.css
a.vdo.ai/core/dependencies_hbv3/ 		55 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/dependencies_hbv3/vdo.min.css
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/saveigv1/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
618679b5a7673d8a8a9a68c714c9c5e3dddde6ab095899efbbb44fc71890e2d7

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 30 Mar 2020 00:44:46 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
age
6345
vdo-server
Tag2
x-cache
HIT
status
200
content-encoding
br
content-type
text/css
last-modified
Sun, 29 Mar 2020 22:19:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
66966725 81693721
cache-control
public, max-age=31536000
cf-ray
57bdcdd95ee0bece-FRA
vdo.min.js
a.vdo.ai/core/dependencies_hbv3/ 		799 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/saveigv1/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c58c0fa75d6d2caa4b4cc94b42a056db5fc9fe0290e9c2e9900321c7b7fa405

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:46 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
age
6345
x-cache
HIT
status
200
content-encoding
br
content-type
application/javascript; charset=utf-8
last-modified
Sun, 29 Mar 2020 22:19:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
82576223 82576095
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=31536000
cf-ray
57bdcdd95ee2bece-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		264 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/saveigv1/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dc7898ac7cdc6eb727823fbaccc51c6aa405abfef6a70a37a4b9778f6bc569f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
91713
x-xss-protection
0
expires
Mon, 30 Mar 2020 00:44:46 GMT
adframe.js
a.vdo.ai/core/saveigv1/ 		2 KB
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/saveigv1/adframe.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/saveigv1/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2c479ac765bf0d8be1403140326622be59fc10ae7387327c8ce2c4ec0d879ff

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:46 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
age
6341
vdo-server
Tag1
x-cache
HIT
status
200
content-encoding
br
content-type
text/javascript;charset=UTF-8
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
82295144 2851806
cache-control
public, max-age=31536000
cf-ray
57bdcdd95ee3bece-FRA
expires
Sun, 28 Mar 2021 14:29:12 GMT
collect
www.google-analytics.com/r/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1763265503&t=pageview&_s=1&dl=https%3A%2F%2Fsaveig.org%2Fdemhunneds%2F&ul=en-us&de=UTF-8&dt=(%40demhunneds)%20download%20instagram%20stories%20highlights%2C%20photos%2C%20videos%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=130366072&gjid=869024186&cid=1167616592.1585529087&tid=UA-151166660-1&_gid=1553547618.1585529087&_r=1&z=213024272
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 30 Mar 2020 00:44:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
48888533-78a9-49ca-b49e-ef51d89d327a
https://saveig.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://saveig.org/48888533-78a9-49ca-b49e-ef51d89d327a
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
worker

Response headers

Content-Length
31
Content-Type
application/javascript
js
www.googletagmanager.com/gtag/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113932176-19
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
00810e97f8302418097e655927b953f3755ce0fc102447c1fc181a339b708507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28644
x-xss-protection
0
last-modified
Mon, 30 Mar 2020 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 30 Mar 2020 00:44:47 GMT
allowed_url.php
a.vdo.ai/core/ 		85 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/allowed_url.php?type=json&url=saveig.org%2Fdemhunneds%2F&tag=saveigv1
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
813e4f8b673f15a6a5221cb0a00fc8cdcd0cb03590327d46bc58b94205a75db2

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
via
1.1 varnish-v4
cf-cache-status
DYNAMIC
age
0
cf-ray
57bdcdda3c09dffb-FRA
x-cache
MISS
status
200
content-encoding
br
x-varnish
84551291
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
vdo-server
Tag2
access-control-allow-origin
https://saveig.org
cache-control
public, max-age=31536000
content-type
text/html; charset=UTF-8
apstag.js
c.amazon-adsystem.com/aax2/ Frame 6F9E 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-86-250.fra2.r.cloudfront.net
Software
Server /
Resource Hash
ac2a58f9d55c4642121cfb6f7e213cbc882bbdd75ef171ca8a07ed982ef693ce

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 29 Mar 2020 21:53:51 GMT
content-encoding
gzip
server
Server
age
10255
etag
1dcfbf3986ee8b9c3abbc67eb808ab43
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
9GvDunhvPgT4GSkcJGQ4f_y9WvSE93igSVSsaW9JdGnZZf21Dred1Q==
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
impl.v9.5.0.js
live.demand.supply/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v9.5.0.js
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7746d8c77f46f5818ea342182c37ef47630a6b5e53d881ec8771c7c06b6fa4b3

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-nf-request-id
480fabfe-3713-43d4-bd9e-8bf86aecb323-18774759
date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
br
cf-cache-status
HIT
age
1590649
cf-polished
origSize=65314
status
200
timing-allow-origin
*
cf-bgj
minify
server
cloudflare
etag
W/"ca46844d53c7b006c941d3483503fed9-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
57bdcdda1f87145a-FRA
v9-5-0
live.demand.supply/p2/ 		516 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p2/v9-5-0?url=saveig.org%2Fdemhunneds%2F
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d42482e099d63e6a2c3d7fa7bef8d3f03e5e1bbc3fcccf0daf26479bf05fb748

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
br
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json;charset=utf-8
status
200
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
57bdcdda1f88145a-FRA
sdk.js
metosk.com/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metosk.com/v1/sdk.js?h=waWQiOjEwMjQxOTIsInNpZCI6MTAyOTkwNywid2lkIjo1MzkwMCwic3JjIjoyfQ==eyJ&d=saveig.org&sw=sdd.js
Requested by
Host: nativesubscribe.pro
URL: https://nativesubscribe.pro/code/native.js?h=waWQiOjEwMjQxOTIsInNpZCI6MTAyOTkwNywid2lkIjo1MzkwMCwic3JjIjoyfQ==eyJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:45e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8226ff3777658f7922b9a9fea541bfadff49e6c09bdee2f8108806e89fc6886

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
256
etag
W/"V4+50gVAbGJp6qsXzA5gS6VoO5g"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=14400
cf-ray
57bdcdda5d4a96a4-FRA
access-control-allow-origin
https://saveig.org
x-zone
eu
/
live.demand.supply/e/e.js/ 		3 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js/?e=ll&d=203&cs=c
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cf-ray
57bdcdda4fefdfe7-FRA
content-length
3
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		108 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5770296964d94c22c5e1910d596ad954432f78031b3a2911e9e4fea39a9e839
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
39155
x-xss-protection
0
server
cafe
etag
18020887556007674622
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 30 Mar 2020 00:44:47 GMT
ds.2.html
live.demand.supply/ 		413 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

x-nf-request-id
668a983d-19e2-43f7-be87-f3057924e143-9826738
date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
timing-allow-origin
*
age
2014421
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
57bdcdda5ff1dfe7-FRA
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1763265503&t=pageview&_s=1&dl=https%3A%2F%2Fsaveig.org%2Fdemhunneds%2F&ul=en-us&de=UTF-8&dt=(%40demhunneds)%20download%20instagram%20stories%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-113932176-19&cid=1167616592.1585529087&jid=1837656920&_gid=1553547618.1585529087&gjid=1290326382&_v=j81&z=1464704061
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113932176-19&cid=1167616592.1585529087&jid=1837656920&_v=j81&z=1464704061
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113932176-19&cid=1167616592.1585529087&jid=1837656920&_v=j81&z=1464704061&slf_rd=1&random=386950318
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113932176-19&cid=1167616592.1585529087&jid=1837656920&_v=j81&z=1464704061&slf_rd=1&random=386950318
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Mar 2020 00:44:47 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Mar 2020 00:44:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-113932176-19&cid=1167616592.1585529087&jid=1837656920&_v=j81&z=1464704061&slf_rd=1&random=386950318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=saveig.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=saveig.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
/
live.demand.supply/x/ 		3 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/?ce=fs
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.5.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cf-ray
57bdcddaa863dfe7-FRA
content-length
3
saveig.org_responsive_h
api.demand.supply/v9-5-0/a/ 		287 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v9-5-0/a/saveig.org_responsive_h
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.5.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee994b925033ad7d01055672f36a8068873a7effa8aee5539df030e341eda93

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
7189
etag
W/"11f-+OmiwcNF+TeLS/JcX+LFqV2vpeY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json;charset=utf-8
status
200
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
57bdcddae897dfe7-FRA
access-control-allow-origin
*
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 6F9E 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-86-250.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

date
Sun, 29 Mar 2020 03:44:12 GMT
content-encoding
gzip
vary
Origin
age
75636
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 05 Mar 2020 08:28:46 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
TcNfu6xpgvkoYt-3-S55MUi-Jm4evpNzfXT9cUE2ma4EVwqNDSgmtA==
pixel.gif
track.vdo.ai/ 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.vdo.ai/pixel.gif?domainName=saveig.org&tagName=saveigv1&event=initVdo&uid=3e644580-47a8-4822-a6f9-b5f5fdd337c9&1585529087306
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
cf-ray
57bdcddc084fbece-FRA
content-length
43
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1763265503&t=event&_s=2&dl=https%3A%2F%2Fsaveig.org%2Fdemhunneds%2F&ul=en-us&de=UTF-8&dt=(%40demhunneds)%20download%20instagram%20stories%20highlights%2C%20photos%2C%20videos%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=initVdo&_u=KEDAAUAB~&jid=&gjid=&cid=1167616592.1585529087&tid=UA-113932176-19&_gid=1553547618.1585529087&gtm=2ou3i0&z=1915233321
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 18 Jan 2020 02:04:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6216035
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
a9f8c3e2-bba4-4bb0-8088-f2d90a2223a6
https://saveig.org/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://saveig.org/a9f8c3e2-bba4-4bb0-8088-f2d90a2223a6
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
972d62b3ea4efc56bc9e4a127e2de536bcd290180bba109fc3867849b7e3595b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
worker

Response headers

Content-Length
5409
Content-Type
application/javascript
2.m3u8
s.vdo.ai/vhs/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.vdo.ai/vhs/2.m3u8
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.78.155 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns543759.ip-144-217-78.net
Software
nginx/1.12.2 /
Resource Hash
b0cf6f080aa2061f191ad029779c7a44093bd4c71bd722832ecbd5dc2d3e7f33

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

Date
Mon, 30 Mar 2020 00:44:47 GMT
Last-Modified
Thu, 24 Oct 2019 11:56:55 GMT
Server
nginx/1.12.2
ETag
"5db19187-1aba"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6842
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/ 		225 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa367d459d8a6e0e561310bffc233bcd6193fe984ecd62c34d87e6d2bbdf358b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
86411
x-xss-protection
0
server
cafe
etag
14090742720300430934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Mar 2020 00:44:47 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200324/r20190131/ Frame 6CBA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200324/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200324/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://saveig.org/demhunneds/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://saveig.org/demhunneds/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 24 Mar 2020 15:12:04 GMT
expires
Tue, 07 Apr 2020 15:12:04 GMT
content-type
text/html; charset=UTF-8
etag
10348540741379653356
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4494
x-xss-protection
0
cache-control
public, max-age=1209600
age
466363
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
saveig.org_auto_728x90_sticky_display_bottom
api.demand.supply/v9-5-0/a/ 		297 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v9-5-0/a/saveig.org_auto_728x90_sticky_display_bottom
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.5.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de5ea8cfe2d77a0c42b09cd1154e629e1c170994c3eec42734ebadde03863160

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
5835
etag
W/"129-oiFIM3YoGTMxF4Hn/IsV7ZmY1Fk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json;charset=utf-8
status
200
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
57bdcddc2a1cdfe7-FRA
access-control-allow-origin
*
bridge3.377.0_en.html
imasdk.googleapis.com/js/core/ Frame FA8F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.377.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.377.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://saveig.org/demhunneds/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://saveig.org/demhunneds/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
196546
date
Sun, 29 Mar 2020 13:10:10 GMT
expires
Mon, 29 Mar 2021 13:10:10 GMT
last-modified
Wed, 25 Mar 2020 17:29:33 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
41677
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Mon, 30 Mar 2020 00:44:47 GMT
logo.svg
a.vdo.ai/core/assets/img/ 		1 KB
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vdo.ai/core/assets/img/logo.svg
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
age
6341
x-cache
HIT
status
200
content-encoding
br
content-type
image/svg+xml
last-modified
Mon, 02 Mar 2020 08:12:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
82002833 81813776
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=31536000
cf-ray
57bdcddc3877bece-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
mute.png
a.vdo.ai/core/assets/img/ 		874 B
995 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vdo.ai/core/assets/img/mute.png
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48a6023d14207d3d83a55242e918742acd4b56f39a0608d574a161e5b950d88e

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
age
6344
vdo-server
Tag2
x-cache
HIT
status
200
content-length
874
x-varnish
79793578 81122073
last-modified
Mon, 02 Mar 2020 08:07:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
57bdcddc3878bece-FRA
pixel.gif
track.vdo.ai/ 		43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.vdo.ai/pixel.gif?domainName=saveig.org&tagName=saveigv1&event=forceplay&uid=3e644580-47a8-4822-a6f9-b5f5fdd337c9&1585529087394
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
cf-ray
57bdcddc3879bece-FRA
content-length
43
pixel.gif
track.vdo.ai/ 		43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.vdo.ai/pixel.gif?domainName=saveig.org&tagName=saveigv1&event=pageview&uid=3e644580-47a8-4822-a6f9-b5f5fdd337c9&1585529087401
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
cf-ray
57bdcddc4881bece-FRA
content-length
43
collect
www.google-analytics.com/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1763265503&t=event&_s=3&dl=https%3A%2F%2Fsaveig.org%2Fdemhunneds%2F&ul=en-us&de=UTF-8&dt=(%40demhunneds)%20download%20instagram%20stories%20highlights%2C%20photos%2C%20videos%20-%20SaveIG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=pageview&_u=KEDAAUAB~&jid=&gjid=&cid=1167616592.1585529087&tid=UA-113932176-19&_gid=1553547618.1585529087&gtm=2ou3i0&z=1610365205
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 18 Jan 2020 02:04:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6216035
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ds.2.html
live.demand.supply/ Frame 981E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=ec39dfb7-8dfb-42ff-beda-03ba3d2f9661&adk=3806295230&adf=1991883036&w=900&fwrn=4&fwrnh=100&lmt...
  • https://live.demand.supply/ds.2.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
live.demand.supply
:scheme
https
:path
/ds.2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://saveig.org/demhunneds/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://saveig.org/demhunneds/

Response headers

status
200
date
Mon, 30 Mar 2020 00:44:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9a8f13693ab64527a9d1fc668261a6341585529087; expires=Wed, 29-Apr-20 00:44:47 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin
*
timing-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id
f1dedc09-ffd7-45fd-8d3a-cb1b3255bf3a-10695061
cf-cache-status
HIT
age
1657202
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57bdcddd2ba9145a-FRA
content-encoding
br

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
location
https://live.demand.supply/ds.2.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 30 Mar 2020 00:44:47 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 30-Mar-2020 00:59:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a323f4957960c6c1cf494dc3b52e1e38a97a152bedf3b9a78df4d6b60c9d00b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1585308637081045"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
27959
x-xss-protection
0
expires
Mon, 30 Mar 2020 00:44:47 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0041 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&adk=1812271804&adf=3025194257&lmt=1585529087&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsaveig.org%2Fdemhunneds%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1585529087375&bpp=4&bdt=522&fdt=78&idt=78&shv=r20200324&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90&nras=1&correlator=7834547162851&frm=20&pv=1&ga_vid=1167616592.1585529087&ga_sid=1585529087&ga_hid=1763265503&ga_fc=0&iag=0&icsg=37383404392384&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1306526227279745&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=82
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3831894559014614&output=html&adk=1812271804&adf=3025194257&lmt=1585529087&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsaveig.org%2Fdemhunneds%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1585529087375&bpp=4&bdt=522&fdt=78&idt=78&shv=r20200324&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x90&nras=1&correlator=7834547162851&frm=20&pv=1&ga_vid=1167616592.1585529087&ga_sid=1585529087&ga_hid=1763265503&ga_fc=0&iag=0&icsg=37383404392384&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1306526227279745&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=82
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://saveig.org/demhunneds/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://saveig.org/demhunneds/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 30 Mar 2020 00:44:47 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 30-Mar-2020 00:59:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires
Mon, 30 Mar 2020 00:44:47 GMT
cache-control
private
/
live.demand.supply/x/ 		3 B
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/?ce=bb&r=saveig.org_auto_728x90_sticky_display_bottom
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.5.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

date
Mon, 30 Mar 2020 00:44:47 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cf-ray
57bdcddcbb29dfe7-FRA
content-length
3
sdb.css
live.demand.supply/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.5.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
style

Response headers

x-nf-request-id
58410555-f8c9-4507-93b7-16d1ed872633-31398121
date
Mon, 30 Mar 2020 00:44:47 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
1873619
etag
W/"5d6e66c7298f44cdb3334d59121a6c80-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
57bdcddcbb36145a-FRA
ds.2.html
live.demand.supply/ Frame 9A1A
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=853b2259-003e-469b-b1d1-43f699c283f5&adk=2438566104&adf=4149417775&w=728&lmt=1585529087&psa=0...
  • https://live.demand.supply/ds.2.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
live.demand.supply
:scheme
https
:path
/ds.2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://saveig.org/demhunneds/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://saveig.org/demhunneds/

Response headers

status
200
date
Mon, 30 Mar 2020 00:44:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9a8f13693ab64527a9d1fc668261a6341585529087; expires=Wed, 29-Apr-20 00:44:47 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin
*
timing-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id
f1dedc09-ffd7-45fd-8d3a-cb1b3255bf3a-10695061
cf-cache-status
HIT
age
1657202
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57bdcddd7c15145a-FRA
content-encoding
br

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
location
https://live.demand.supply/ds.2.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 30 Mar 2020 00:44:47 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
IDE=AHWqTUmDE8M1rj01nc3xBwnmNJuU0Z_BTdfp2M7OU0qglkHbQ_k21NYs4zvmu6Sn; expires=Sat, 24-Apr-2021 00:44:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
truncated
/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		834 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

Content-Type
image/svg+xml
ds.2.html
live.demand.supply/ Frame D85D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=b5a686f1-717d-4835-bfca-d1cd79140732&adk=561554433&adf=1991883036&w=900&fwrn=4&fwrnh=100&lmt=...
  • https://live.demand.supply/ds.2.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
live.demand.supply
:scheme
https
:path
/ds.2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://saveig.org/demhunneds/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://saveig.org/demhunneds/

Response headers

status
200
date
Mon, 30 Mar 2020 00:44:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9a8f13693ab64527a9d1fc668261a6341585529087; expires=Wed, 29-Apr-20 00:44:47 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin
*
timing-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id
f1dedc09-ffd7-45fd-8d3a-cb1b3255bf3a-10695061
cf-cache-status
HIT
age
1657202
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57bdcdde9d51145a-FRA
content-encoding
br

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
location
https://live.demand.supply/ds.2.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 30 Mar 2020 00:44:47 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
ds.2.html
live.demand.supply/ Frame 8417
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=c48d2b7e-0c4d-4a2c-b955-b0505db247e9&adk=2531440296&adf=4149417775&w=728&lmt=1585529087&psa=0...
  • https://live.demand.supply/ds.2.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
live.demand.supply
:scheme
https
:path
/ds.2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://saveig.org/demhunneds/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://saveig.org/demhunneds/

Response headers

status
200
date
Mon, 30 Mar 2020 00:44:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9a8f13693ab64527a9d1fc668261a6341585529087; expires=Wed, 29-Apr-20 00:44:47 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin
*
timing-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id
f1dedc09-ffd7-45fd-8d3a-cb1b3255bf3a-10695061
cf-cache-status
HIT
age
1657202
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57bdcddebd71145a-FRA
content-encoding
br

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
location
https://live.demand.supply/ds.2.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 30 Mar 2020 00:44:47 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
da807d51-b337-4b85-84d8-fb644aad06ae
https://saveig.org/ 		52 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://saveig.org/da807d51-b337-4b85-84d8-fb644aad06ae
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f1b87e14bd105aab24ba635ab64e37860235fabda9c69712dedf71f3da6ce85

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
worker

Response headers

Content-Length
52807
Content-Type
application/javascript
2.ts
s.vdo.ai/vhs/ 		0
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.vdo.ai/vhs/2.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.78.155 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns543759.ip-144-217-78.net
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://saveig.org
Referer
https://saveig.org/demhunneds/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Access-Control-Request-Headers
range

Response headers

Date
Mon, 30 Mar 2020 00:44:47 GMT
Server
nginx/1.12.2
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
ds.2.html
live.demand.supply/ Frame FBD0
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=f05ef150-dae3-4004-b68a-ea67132b6f35&adk=2262039263&adf=1991883036&w=900&fwrn=4&fwrnh=100&lmt...
  • https://live.demand.supply/ds.2.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
live.demand.supply
:scheme
https
:path
/ds.2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://saveig.org/demhunneds/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://saveig.org/demhunneds/

Response headers

status
200
date
Mon, 30 Mar 2020 00:44:48 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de809a285efd69c41019dfdda3a9e2ac61585529088; expires=Wed, 29-Apr-20 00:44:48 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin
*
timing-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id
f1dedc09-ffd7-45fd-8d3a-cb1b3255bf3a-10695061
cf-cache-status
HIT
age
1657203
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57bdcddfce8d145a-FRA
content-encoding
br

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
location
https://live.demand.supply/ds.2.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 30 Mar 2020 00:44:47 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
2.ts
s.vdo.ai/vhs/ 		48 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.vdo.ai/vhs/2.ts
Requested by
Host: saveig.org
URL: https://saveig.org/demhunneds/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.78.155 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns543759.ip-144-217-78.net
Software
nginx/1.12.2 /
Resource Hash

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Range
bytes=0-297415

Response headers

Date
Mon, 30 Mar 2020 00:44:47 GMT
Last-Modified
Thu, 24 Oct 2019 11:57:43 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
*
ETag
"5db191b7-1ea3d04"
Content-Type
video/mp2t
Content-Range
bytes 0-297415/32128260
Connection
keep-alive
Content-Length
297416
ds.2.html
live.demand.supply/ Frame 3A7A
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3831894559014614&output=html&h=90&slotname=ecda4504-9728-4a69-82e8-bbf8b75e697b&adk=838645803&adf=4149417775&w=728&lmt=1585529087&psa=0&...
  • https://live.demand.supply/ds.2.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
live.demand.supply
:scheme
https
:path
/ds.2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://saveig.org/demhunneds/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://saveig.org/demhunneds/

Response headers

status
200
date
Mon, 30 Mar 2020 00:44:48 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de809a285efd69c41019dfdda3a9e2ac61585529088; expires=Wed, 29-Apr-20 00:44:48 GMT; path=/; domain=.demand.supply; HttpOnly; SameSite=Lax
access-control-allow-origin
*
timing-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=2592000,immutable,stale-if-error=604800
x-nf-request-id
f1dedc09-ffd7-45fd-8d3a-cb1b3255bf3a-10695061
cf-cache-status
HIT
age
1657203
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57bdcddfdea2145a-FRA
content-encoding
br

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
location
https://live.demand.supply/ds.2.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 30 Mar 2020 00:44:47 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200324&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee1c3867d4ad47ab6cf9b492fd64bd827b79176d8dfb5d6a3b63b0cad5c15f00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 30 Mar 2020 00:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5111
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 00:44:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Mon, 30 Mar 2020 00:44:48 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame B14A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://saveig.org/demhunneds/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://saveig.org/demhunneds/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Sun, 29 Mar 2020 23:50:54 GMT
expires
Mon, 29 Mar 2021 23:50:54 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3234
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200324&jk=1306526227279745&bg=!FhWlFQ1YBjHA8KgJ718CAAAARFIAAAAJmQFWDSECaWs6RTHwfO66StaV09KkXdpyprT7nblTqanrA3u5Wr9Puyu8EqhuwgZThYF_pt-71A3xB17kx8KmCIkQLOvhfe7VjEQE4W_I41cmc7CjVOJcFomHBdKQo1GfTlq8g5FYlBl2z0BPvEXZvUpJDpJtYgLSQfdz393CYpBXszFexPcG4uf9R_iwsoIGiI1bJ82hQTS0ahuHs_pTyDEFjE_MXJn-bQstkx3XKq5cVkI9beHFxdKfuz9eJalYtZ0bKsUaGv5ImYJz2nml5PUKoXzm3CAu3NcGAQpBdhg2H7BncWz2I6tIs0L-LeDmnapj7BS2IFZtBpa9OQlkCr6Y1d-tW-KHD9gWFH4rx4HIIvBST2InX0BbfccflPx0mR7qofb2nHcLYSXHoWwrH0I8VzJ065ae8ITYOLtxvfdLKksThKRPW5frfyxaOUhKyD92oUfY5r5Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/demhunneds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 30 Mar 2020 00:44:48 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
b5c589e342f9e98147396cdd6f0274dc73dd54ed8e3347c64a0f60f3b7babee5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 30 Mar 2020 00:44:50 GMT
X-Proxy-Origin
185.141.207.250; 185.141.207.250; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.24:80
AN-X-Request-Uuid
bc03e85a-d5e5-433c-92ea-0433d5f9d41b
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://saveig.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
260
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
2.ts
s.vdo.ai/vhs/ 		0
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.vdo.ai/vhs/2.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.78.155 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns543759.ip-144-217-78.net
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://saveig.org
Referer
https://saveig.org/demhunneds/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Access-Control-Request-Headers
range

Response headers

Date
Mon, 30 Mar 2020 00:44:48 GMT
Server
nginx/1.12.2
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
2.ts
s.vdo.ai/vhs/ 		290 KB
291 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.vdo.ai/vhs/2.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.78.155 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns543759.ip-144-217-78.net
Software
nginx/1.12.2 /
Resource Hash
b3434814ba3040a1cda212758c40cbd2f1a8f3fe38c3ff06fffeb09429848bac

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Range
bytes=0-297415

Response headers

Date
Mon, 30 Mar 2020 00:44:48 GMT
Last-Modified
Thu, 24 Oct 2019 11:57:43 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
*
ETag
"5db191b7-1ea3d04"
Content-Type
video/mp2t
Content-Range
bytes 0-297415/32128260
Connection
keep-alive
Content-Length
297416
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 2AEA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.184.231 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a95-101-184-231.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://saveig.org/demhunneds/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgIrpJgEAoYASABKAEwgoKF9AU4AUABSAEQgoKF9AUYAA..; uuid2=1374724300437029762
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://saveig.org/demhunneds/

Response headers

Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
Vary
Accept-Encoding
ETag
W/"573e714d-3e3"
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Tue, 30 Mar 2021 00:44:51 GMT
Date
Mon, 30 Mar 2020 00:44:51 GMT
Connection
keep-alive
e.js
live.demand.supply/e/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=saveig.org_sticky_mobile_bottom&e=ubs
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v9.5.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36

Response headers

date
Mon, 30 Mar 2020 00:44:53 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cf-ray
57bdce002818dfe7-FRA
content-length
3
2.ts
s.vdo.ai/vhs/ 		0
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.vdo.ai/vhs/2.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.78.155 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns543759.ip-144-217-78.net
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://saveig.org
Referer
https://saveig.org/demhunneds/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Access-Control-Request-Headers
range

Response headers

Date
Mon, 30 Mar 2020 00:44:53 GMT
Server
nginx/1.12.2
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
2.ts
s.vdo.ai/vhs/ 		257 KB
258 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.vdo.ai/vhs/2.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.78.155 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns543759.ip-144-217-78.net
Software
nginx/1.12.2 /
Resource Hash
cdaf26f173508007e382032be075697379e81a3c4be768f0aab27644f1626641

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Range
bytes=297416-560991

Response headers

Date
Mon, 30 Mar 2020 00:44:53 GMT
Last-Modified
Thu, 24 Oct 2019 11:57:43 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
*
ETag
"5db191b7-1ea3d04"
Content-Type
video/mp2t
Content-Range
bytes 297416-560991/32128260
Connection
keep-alive
Content-Length
263576
prebid
ib.adnxs.com/ut/v3/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4e52c032a2333e240c7cd577dfb947830b7565955e278683fedf15a33d74366d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 30 Mar 2020 00:44:58 GMT
X-Proxy-Origin
185.141.207.250; 185.141.207.250; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.16:80
AN-X-Request-Uuid
9cb2223f-11bd-4038-8802-6b6037106895
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://saveig.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
260
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
2.ts
s.vdo.ai/vhs/ 		0
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.vdo.ai/vhs/2.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.78.155 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns543759.ip-144-217-78.net
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://saveig.org
Referer
https://saveig.org/demhunneds/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Access-Control-Request-Headers
range

Response headers

Date
Mon, 30 Mar 2020 00:44:57 GMT
Server
nginx/1.12.2
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
2.ts
s.vdo.ai/vhs/ 		64 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.vdo.ai/vhs/2.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.78.155 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns543759.ip-144-217-78.net
Software
nginx/1.12.2 /
Resource Hash

Request headers

Referer
https://saveig.org/demhunneds/
Origin
https://saveig.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36
Range
bytes=560992-851827

Response headers

Date
Mon, 30 Mar 2020 00:44:57 GMT
Last-Modified
Thu, 24 Oct 2019 11:57:43 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
*
ETag
"5db191b7-1ea3d04"
Content-Type
video/mp2t
Content-Range
bytes 560992-851827/32128260
Connection
keep-alive
Content-Length
290836

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| Swiper undefined| $items undefined| tpl number| retryHigh number| retry function| addAsen function| saveImages function| downloadImages function| download function| get function| renderHigh function| renderItems function| renderComments function| throttle function| isMobile string| GoogleAnalyticsObject function| ga function| saveAs function| JSZip object| w_vdo object| d_vdo object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| pbjs_vdoChunk object| pbjs_vdo object| _pbjsGlobals object| __core-js_shared__ object| vttjs function| WebVTT object| vdo_ai_ function| inView object| dataLayer function| initVdo function| getBids function| replayVdo object| google_js_reporting_queue number| google_srt object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| ima object| google object| edPushSDK string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| demandSupply object| google_tag_manager object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| dspbjs object| _app object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars object| closure_lm_59094 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| __google_ad_urls number| __google_ad_urls_id object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired object| closure_lm_829310 function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUmDE8M1rj01nc3xBwnmNJuU0Z_BTdfp2M7OU0qglkHbQ_k21NYs4zvmu6Sn
.saveig.org/ Name: _ga
Value: GA1.2.1167616592.1585529087
.saveig.org/ Name: _gat_gtag_UA_113932176_19
Value: 1
.saveig.org/ Name: _gid
Value: GA1.2.1553547618.1585529087
.saveig.org/ Name: _gat
Value: 1
.saveig.org/ Name: __cfduid
Value: d23bf43b4e4763a7cfc88a661b3a21c2e1585529086

4 Console Messages

Source Level URL
Text
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js(Line 2)
Message:
jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at HTMLDocument.<anonymous> (https://saveig.org/js/art.js?v77:1:3571) at l (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js:2:29375) at c (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js:2:29677) undefined
console-api warning URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js(Line 26)
Message:
WARNING: videojs.ima setting adsWillAutoplay is deprecated
console-api warning URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js(Line 26)
Message:
WARNING: videojs.ima setting adsWillPlayMuted is deprecated
console-api warning URL: https://a.vdo.ai/core/dependencies_hbv3/vdo.min.js(Line 26)
Message:
AdsLoader error: AdError 1009: The VAST response document is empty.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vdo.ai
acdn.adnxs.com
adservice.google.com
adservice.google.de
api.demand.supply
c.amazon-adsystem.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
instagram.fjpa10-1.fna.fbcdn.net
live.demand.supply
metosk.com
nativesubscribe.pro
pagead2.googlesyndication.com
s.vdo.ai
s0.2mdn.net
saveig.org
stats.g.doubleclick.net
tpc.googlesyndication.com
track.vdo.ai
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
13.225.86.250
144.217.78.155
2606:4700:20::681a:8a6
2606:4700:3034::6812:2a06
2606:4700:3037::681f:45e3
2606:4700::6810:8516
2606:4700::6811:4104
2804:2d94:face:0:face:b00c:3333:a3f
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::2006
2a00:1450:4001:814::2002
2a00:1450:4001:815::2002
2a00:1450:4001:816::2001
2a00:1450:4001:819::200e
2a00:1450:4001:81b::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:81e::2003
2a00:1450:4001:821::200a
2a00:1450:4001:824::2002
2a00:1450:400c:c08::9c
37.252.173.22
88.208.60.53
95.101.184.231
00810e97f8302418097e655927b953f3755ce0fc102447c1fc181a339b708507
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c58c0fa75d6d2caa4b4cc94b42a056db5fc9fe0290e9c2e9900321c7b7fa405
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2360cf3062cdcb281aa725e7807341c9253f684642585c782e8da153954bcb07
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
2b9c0914d8f3f0aa6cf86705df70b7b21e9ca2f9013a346463788e7cebd0158f
3b4374a12b41ab97f6cde703b3c1594ddf7cd81a44847b238ed3100829e265ae
3d9fcebdd5f1116d6ede7b930140928dde25c9aa09dd4269bff5f5d71d868b97
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
48a6023d14207d3d83a55242e918742acd4b56f39a0608d574a161e5b950d88e
4dc7898ac7cdc6eb727823fbaccc51c6aa405abfef6a70a37a4b9778f6bc569f
4e52c032a2333e240c7cd577dfb947830b7565955e278683fedf15a33d74366d
4f1b87e14bd105aab24ba635ab64e37860235fabda9c69712dedf71f3da6ce85
501dd7304fc93aa0a003777b7e1792da7fd6b8bf8920b3ce279ea8cbbd7c1096
5428fc64c51b512bc3ef2045239fb52a8ac81935c27c7364809f3fe57f5d9478
5c75be06dd83179b39507632603aaf3eab56409a1fb41c5a40bb68157d46029d
618679b5a7673d8a8a9a68c714c9c5e3dddde6ab095899efbbb44fc71890e2d7
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
637fc05835856f967578386134fe8a10b4fc4afaae082c8052226d5bd5a23e4e
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7746d8c77f46f5818ea342182c37ef47630a6b5e53d881ec8771c7c06b6fa4b3
813e4f8b673f15a6a5221cb0a00fc8cdcd0cb03590327d46bc58b94205a75db2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
945881137776aac5df929d7921a9fdbd6a2d30ef82032e154116c1e3b6a37b7b
972d62b3ea4efc56bc9e4a127e2de536bcd290180bba109fc3867849b7e3595b
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9982a23525ba1a5e0273ee56b3dd6b1d9c54a6be4e9081a9d5f3715e1d4b4d36
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
a323f4957960c6c1cf494dc3b52e1e38a97a152bedf3b9a78df4d6b60c9d00b6
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a8277c6676a8516ed395dba211a46fcaf5ca58e24d8f14058f40fa2e70828b13
ac2a58f9d55c4642121cfb6f7e213cbc882bbdd75ef171ca8a07ed982ef693ce
b0cf6f080aa2061f191ad029779c7a44093bd4c71bd722832ecbd5dc2d3e7f33
b3434814ba3040a1cda212758c40cbd2f1a8f3fe38c3ff06fffeb09429848bac
b5770296964d94c22c5e1910d596ad954432f78031b3a2911e9e4fea39a9e839
b58f9e33cb0610010c4af74e9eb1d407e132047fcd5af593867d92639f4cdc8a
b5c589e342f9e98147396cdd6f0274dc73dd54ed8e3347c64a0f60f3b7babee5
b9730c1b6e7f373f6d6b842d080626fd6cca93e0c0682b9b48a31d5871bca36c
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bee994b925033ad7d01055672f36a8068873a7effa8aee5539df030e341eda93
cdaf26f173508007e382032be075697379e81a3c4be768f0aab27644f1626641
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d42482e099d63e6a2c3d7fa7bef8d3f03e5e1bbc3fcccf0daf26479bf05fb748
de5ea8cfe2d77a0c42b09cd1154e629e1c170994c3eec42734ebadde03863160
df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ee1c3867d4ad47ab6cf9b492fd64bd827b79176d8dfb5d6a3b63b0cad5c15f00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c479ac765bf0d8be1403140326622be59fc10ae7387327c8ce2c4ec0d879ff
f2e7b95168e21a90906ddc773d000d9ffdd24bab36f95690e75eb843b5cc3e5f
f8226ff3777658f7922b9a9fea541bfadff49e6c09bdee2f8108806e89fc6886
fa367d459d8a6e0e561310bffc233bcd6193fe984ecd62c34d87e6d2bbdf358b