www.savethechildren.it Open in urlscan Pro
212.35.198.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.iperjob.com/c/eJwdjkuOAiEURVdTDMl7fIQeMFC7agMuoAP4iLRFo0BM3L2kk5t7kjM6VxcSGMuyEyAQNBzATliO_Gy0kKDX7w3O61GdFg...
Effective URL:
https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-...
Submission: On May 06 via manual (May 6th 2021, 9:46:00 am UTC) from US

Summary HTTP 80 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 33 IPs in 9 countries across 28 domains to perform 80 HTTP transactions. The main IP is 212.35.198.153, located in Italy and belongs to SEEWEB Web hosting, colocation and cloud services, IT. The main domain is www.savethechildren.it.
TLS certificate: Issued by GeoTrust RSA CA 2018 on January 18th 2021. Valid for: a year.

This is the only time www.savethechildren.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.202.59.252 34.202.59.252	14618 (AMAZON-AES) (AMAZON-AES)
1	178.255.74.102 178.255.74.102	20746 (ASN-IDC T...) (ASN-IDC T.NO.OM.I.NC)
19	212.35.198.153 212.35.198.153	12637 (SEEWEB We...) (SEEWEB Web hosting)
2	65.9.76.159 65.9.76.159	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:215... 2600:9000:2156:d400:4:92f5:2b80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	65.9.73.108 65.9.73.108	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
1	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
2	151.1.245.21 151.1.245.21	3242 (ASN-ITNET) (ASN-ITNET)
1	2606:4700:10:... 2606:4700:10::6814:15ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	83.221.105.143 83.221.105.143	20746 (ASN-IDC T...) (ASN-IDC T.NO.OM.I.NC)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	35.177.43.219 35.177.43.219	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.73.11 65.9.73.11	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.73.94 65.9.73.94	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	52.30.208.177 52.30.208.177	16509 (AMAZON-02) (AMAZON-02)
80	33

1 34.202.59.252 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

email.iperjob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.255.74.102 (Italy)

ASN20746 (ASN-IDC T.NO.OM.I.NC, IT)
PTR: oleggiocastello.espotter.net

affiliate.across.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 212.35.198.153 (Italy)

ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT)
PTR: vm5378.savethechildren.it

www.savethechildren.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.76.159 (United States)

ASN16509 (AMAZON-02, US)

d1azc1qln24ryf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:d400:4:92f5:2b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

s3.savethechildren.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.108 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.251 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.1.245.21 (Italy)

ASN3242 (ASN-ITNET, IT)
PTR: bv01.er.bemail.it

bv01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:15ef (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.221.105.143 (Italy)

ASN20746 (ASN-IDC T.NO.OM.I.NC, IT)
PTR: reverse83-142-143.mag-news.it

fe-mn1.mag-news.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.177.43.219 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-43-219.eu-west-2.compute.amazonaws.com

www.tag4arm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.11 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.94 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.208.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-208-177.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	savethechildren.it www.savethechildren.it s3.savethechildren.it	510 KB
6	googleapis.com maps.googleapis.com	204 KB
6	google-analytics.com www.google-analytics.com	60 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
4	criteo.com sslwidget.criteo.com gum.criteo.com	4 KB
4	adform.net 2 redirects track.adform.net s2.adform.net	30 KB
3	tag4arm.com www.tag4arm.com	24 KB
3	bing.com bat.bing.com	9 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
2	twitter.com analytics.twitter.com	886 B
2	facebook.com www.facebook.com	278 B
2	t.co t.co	575 B
2	google.de www.google.de	171 B
2	google.com www.google.com	171 B
2	gstatic.com maps.gstatic.com	5 KB
2	doubleclick.net stats.g.doubleclick.net	119 B
2	yandex.ru 1 redirects mc.yandex.ru	69 KB
2	pingdom.net rum-static.pingdom.net rum-collector-2.pingdom.net	3 KB
2	bemail.it bv01.er.bemail.it	3 KB
2	facebook.net connect.facebook.net	96 KB
2	cloudfront.net d1azc1qln24ryf.cloudfront.net	40 KB
1	mag-news.it fe-mn1.mag-news.it	39 KB
1	criteo.net static.criteo.net	12 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	72 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	across.it affiliate.across.it	1 KB
1	iperjob.com 1 redirects email.iperjob.com	227 B
80	28

	Domain	Requested by
19	www.savethechildren.it	www.savethechildren.it
6	maps.googleapis.com	www.savethechildren.it maps.googleapis.com
6	www.google-analytics.com	www.savethechildren.it www.google-analytics.com
5	mc.yandex.com	2 redirects www.savethechildren.it
3	sslwidget.criteo.com	static.criteo.net
3	www.tag4arm.com	affiliate.across.it www.tag4arm.com www.savethechildren.it
3	track.adform.net	2 redirects www.savethechildren.it
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.savethechildren.it
2	analytics.twitter.com	static.ads-twitter.com
2	www.facebook.com	www.savethechildren.it connect.facebook.net
2	t.co	www.savethechildren.it
2	www.google.de	www.savethechildren.it
2	www.google.com	www.savethechildren.it
2	maps.gstatic.com	www.savethechildren.it
2	stats.g.doubleclick.net	www.google-analytics.com
2	mc.yandex.ru	1 redirects affiliate.across.it
2	bv01.er.bemail.it	affiliate.across.it bv01.er.bemail.it
2	connect.facebook.net	affiliate.across.it connect.facebook.net
2	s3.savethechildren.it	www.savethechildren.it
2	d1azc1qln24ryf.cloudfront.net	www.savethechildren.it d1azc1qln24ryf.cloudfront.net
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	vars.hotjar.com	static.hotjar.com
1	gum.criteo.com	static.criteo.net
1	script.hotjar.com	static.hotjar.com
1	fe-mn1.mag-news.it	affiliate.across.it
1	rum-static.pingdom.net	www.googletagmanager.com
1	s2.adform.net	www.savethechildren.it
1	static.criteo.net	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	www.savethechildren.it
1	cdn.onesignal.com	www.savethechildren.it
1	affiliate.across.it
1	email.iperjob.com	1 redirects
80	34

This site contains links to these domains. Also see Links.

Domain
risorse.arcipelagoeducativo.it
www.facebook.com
twitter.com
instagram.com
www.youtube.com
it.linkedin.com
www.macaronibros.com

Subject Issuer	Validity	Valid
www.ediscom.it Sectigo RSA Organization Validation Secure Server CA	`2021-02-25` - `2022-02-23`	a year	crt.sh
*.savethechildren.it GeoTrust RSA CA 2018	`2021-01-18` - `2022-02-18`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
bv01.er.bemail.it R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
*.pingdom.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-15` - `2022-01-15`	a year	crt.sh
*.mag-news.it DigiCert SHA2 High Assurance Server CA	`2020-04-27` - `2022-07-31`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
tag4arm.com Amazon	`2021-01-22` - `2022-02-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-01-12` - `2022-01-11`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-30` - `2021-11-29`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Frame ID: 9FC465EC6285875C09817A53E669EB16
Requests: 77 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.savethechildren.it&origin=onetag
Frame ID: F2CF771A9FDB556A22C4E223348383DB
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: AAB65E6F111DAEF1C093191DF01A99D9
Requests: 1 HTTP requests in this frame

Frame: https://bv01.er.bemail.it/api/v1/?be=%5B%22bebox_code%3DBE-2106-7%22%2C%22js_client%3Djavascript%22%2C%22action%3Diosave%22%2C%22ref%3Dhttps%253A%252F%252Faffiliate.across.it%252F%22%2C%22ver%3Dv3%22%2C%22url%3Dhttps%253A%252F%252Fwww.savethechildren.it%252Fdona-ora-io-save-the-children%253Fab%253D2%2526utm_source%253Dediscom%2526utm_medium%253Demail%2526utm_campaign%253Drf-rg-corno-africa%2526utm_content%253Ddemo-sh%2526utm_term%253Dce-9%2526causale%253D16067%22%2C%22host%3Dwww.savethechildren.it%22%2C%22search%3D%253Fab%253D2%2526utm_source%253Dediscom%2526utm_medium%253Demail%2526utm_campaign%253Drf-rg-corno-africa%2526utm_content%253Ddemo-sh%2526utm_term%253Dce-9%2526causale%253D16067%22%5D
Frame ID: A1F29F93A6C9E6CAB816B736040A77C4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

UNIX (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Unix/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

mod_dav (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /\b(?:mod_)?DAV\b(?:\/([\d.]+))?/i

mod_ssl (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /mod_ssl(?:\/([\d.]+))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
headers server /\b(?:mod_)?DAV\b(?:\/([\d.]+))?/i
headers server /mod_ssl(?:\/([\d.]+))?/i

Page Statistics

80
Requests

100 %
HTTPS

50 %
IPv6

28
Domains

34
Subdomains

33
IPs

9
Countries

1250 kB
Transfer

3358 kB
Size

27
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://risorse.arcipelagoeducativo.it/
Title: Risorse Educative

Search URL Search Domain Scan URL

URL: https://www.facebook.com/savethechildrenitalia
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/SaveChildrenIT
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/savethechildrenitalia/
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/savethechildrenIT
Title: Youtube

Search URL Search Domain Scan URL

URL: https://it.linkedin.com/company/save-the-children-italy
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://www.macaronibros.com/
Title: Credits

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://email.iperjob.com/c/eJwdjkuOAiEURVdTDMl7fIQeMFC7agMuoAP4iLRFo0BM3L2kk5t7kjM6VxcSGMuyEyAQNBzATliO_Gy0kKDX7w3O61GdFgX5Qe23Bh5rYTcXrgRKGEOKIqkQyCarUEhFCom-NCsOtTRSS7a72xiPvsjjIrY5n1Lesx_EfWy1d57HtC8xL-453icLRnxjlzoc2vMVSjWSNZd8j7WNPGMCxXvxf_8xw138z2zXAj8sxT4Q HTTP 302
https://affiliate.across.it/v2/click/m1c1y1s35b6rqvbmo73

Request Chain 35

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 64

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9265.xMi4FD9FbwnpiBXNMqqiAokIVZ2j-z_pR6RDW2byIKvbHdit7k1w-yA9e7oGCJ_E.LlKESC-aVz7BzNEjx5sE7Q4B4NY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9265.KL-RahVEmcrkcqdAb_V75fXJR1HeWNy4QnEN-FwNHv83lQKu7lEfCeH7XOsnMUE7eejxGpedRJhkegiNGHPIrw%2C%2C.uo50dXfuT8fsRM7r0AYM6xYn4xQ%2C

Request Chain 71

https://track.adform.net/Serving/TrackPoint/?pm=1459189&ADFPageName=Donazione%20RG&ADFdivider=%7C&ord=351825703476&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Faffiliate.across.it%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1459189&ADFPageName=Donazione%20RG&ADFdivider=%7C&ord=351825703476&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Faffiliate.across.it%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067

Request Chain 74

https://mc.yandex.com/watch/62169178?wmode=7&page-url=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067&page-ref=https%3A%2F%2Faffiliate.across.it%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1070%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A290085126234%3Ahid%3A404558360%3Az%3A120%3Ai%3A20210506114545%3Aet%3A1620294345%3Ac%3A1%3Arn%3A1037978717%3Au%3A1620294345418056186%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620294344179%3Ads%3A19%2C100%2C116%2C1%2C0%2C0%2C%2C395%2C92%2C%2C%2C%2C634%3Adsn%3A19%2C101%2C115%2C1%2C0%2C0%2C%2C398%2C92%2C%2C%2C%2C635%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620294346%3At%3ATanti%20bambini%20aspettano%20il%20tuo%20aiuto HTTP 302
https://mc.yandex.com/watch/62169178/1?wmode=7&page-url=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067&page-ref=https%3A%2F%2Faffiliate.across.it%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1070%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A290085126234%3Ahid%3A404558360%3Az%3A120%3Ai%3A20210506114545%3Aet%3A1620294345%3Ac%3A1%3Arn%3A1037978717%3Au%3A1620294345418056186%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620294344179%3Ads%3A19%2C100%2C116%2C1%2C0%2C0%2C%2C395%2C92%2C%2C%2C%2C634%3Adsn%3A19%2C101%2C115%2C1%2C0%2C0%2C%2C398%2C92%2C%2C%2C%2C635%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620294346%3At%3ATanti%20bambini%20aspettano%20il%20tuo%20aiuto

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set m1c1y1s35b6rqvbmo73 Show response
affiliate.across.it/v2/click/
Redirect Chain

http://email.iperjob.com/c/eJwdjkuOAiEURVdTDMl7fIQeMFC7agMuoAP4iLRFo0BM3L2kk5t7kjM6VxcSGMuyEyAQNBzATliO_Gy0kKDX7w3O61GdFgX5Qe23Bh5rYTcXrgRKGEOKIqkQyCarUEhFCom-NCsOtTRSS7a72xiPvsjjIrY5n1Lesx_EfWy1d5...
https://affiliate.across.it/v2/click/m1c1y1s35b6rqvbmo73

0
1 KB

188ms
52ms

Document
text/html

178.255.74.102
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.across.it/v2/click/m1c1y1s35b6rqvbmo73
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 178.255.74.102 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS: oleggiocastello.espotter.net
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13 / PHP/5.4.13
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: affiliate.across.it
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:45 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13
X-Powered-By: PHP/5.4.13
Set-Cookie: tr[m1c1y1s35b6rqvbmo73]=1; expires=Thu, 06-May-2021 10:45:45 GMT; path=/; samesite=None; secure track[5395]=m1c1y1s35b6rqvbmo73C391031053; expires=Fri, 07-May-2021 09:45:45 GMT; path=/; samesite=None; secure track[0]=m1c1y1s35b6rqvbmo73C391031053; expires=Fri, 07-May-2021 09:45:45 GMT; path=/; samesite=None; secure
P3P: policyref="https://affiliate.across.it/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa OUR NOR UNI COM NAV INT";
Refresh: 0; URL=https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Content-Encoding: gzip
Vary: Accept-Encoding
X-Robots-Tag: noindex
Content-Length: 20
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Thu, 06 May 2021 09:45:43 GMT
Location: https://affiliate.across.it/v2/click/m1c1y1s35b6rqvbmo73
Server: nginx
Content-Length: 319
Connection: keep-alive

GET
H/1.1 200
OK Primary Request dona-ora-io-save-the-children Show response
www.savethechildren.it/ 88 KB
19 KB 235ms
115ms Document
text/html 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),

Reverse DNS

vm5378.savethechildren.it

Software

nginx / PHP/7.3.28 PleskLin

Resource Hash

03db8f6ad499f8deb3869b36a1db13efb26d62e6f9d64818a428a0e213a35c23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.savethechildren.it
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://affiliate.across.it/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://affiliate.across.it/

Response headers

Server: nginx
Date: Thu, 06 May 2021 09:45:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.28 PleskLin
X-Drupal-Cache: HIT
Content-Language: it
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 7 (http://drupal.org)
Link: <https://www.savethechildren.it/dona-ora-io-save-the-children>; rel="canonical",<https://www.savethechildren.it/node/5565>; rel="shortlink"
Cache-Control: public, max-age=3600
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Vary: Cookie,Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Etag: "1620294143-1"
Last-Modified: Thu, 06 May 2021 09:42:23 GMT

GET
H/1.1 200
OK css_P9RYYHSoJhL70A8ZKZmBSiBB5c9nYKq7pwY1j4XUnFA.css
www.savethechildren.it/s3fs-css/css/ 12 KB
3 KB 82ms
82ms Stylesheet
text/css 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://www.savethechildren.it/s3fs-css/css/css_P9RYYHSoJhL70A8ZKZmBSiBB5c9nYKq7pwY1j4XUnFA.css
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: 3fd4586074a82612fbd00f192999814a2041e5cf6760aabba706358f85d49c50

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Connection: keep-alive
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
Via: 1.1 a3c45801400ad96696351de8a51ae95c.cloudfront.net (CloudFront)
Age: 132
X-Powered-By: PleskLin
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2236
Last-Modified: Mon, 19 Apr 2021 07:41:39 GMT
Server: nginx
ETag: "7e45df6dfd70e9d3b43d35740c80e3b3-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: MXP64-C3
Accept-Ranges: bytes
X-Amz-Cf-Id: dwzyJVWLDgYkjfd596JB11PWgUfhTLEcIw9ruXpgR04A0THvwfyQuA==

GET
H/1.1 200
OK css_R7m53979hZAeJQZTjTDgICWDxwMmjNE_3hQ628JNVMI.css
www.savethechildren.it/s3fs-css/css/ 148 B
707 B 139ms
60ms Stylesheet
text/css 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://www.savethechildren.it/s3fs-css/css/css_R7m53979hZAeJQZTjTDgICWDxwMmjNE_3hQ628JNVMI.css
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: 47b9b9dfdefd85901e2506538d30e0202583c703268cd13fde143adbc24d54c2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Connection: keep-alive
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
Via: 1.1 b42dcb0e829272da33349fb003e43062.cloudfront.net (CloudFront)
Age: 200
X-Powered-By: PleskLin
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 139
Last-Modified: Thu, 22 Apr 2021 15:39:01 GMT
Server: nginx
ETag: "d4b9d85cc9eeb2781f674be663b170b1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: MXP64-C3
Accept-Ranges: bytes
X-Amz-Cf-Id: hbjkrQKWgZB5ChZZdj_NPigoiMPd8hP8KXYGBNvbuJNBwJuq_-d-sw==

GET
H/1.1 200
OK css_zISHZqdE6o2HqkIxMUaACvs0aUoWhK5I-Q6dZagQJZY.css
www.savethechildren.it/s3fs-css/css/ 5 KB
2 KB 176ms
77ms Stylesheet
text/css 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://www.savethechildren.it/s3fs-css/css/css_zISHZqdE6o2HqkIxMUaACvs0aUoWhK5I-Q6dZagQJZY.css
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: cc848766a744ea8d87aa42313146800afb34694a1684ae48f90e9d65a8102596

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Connection: keep-alive
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
Via: 1.1 f6f860dfc55b1909ca7a53c7e5987f4b.cloudfront.net (CloudFront)
Age: 212
X-Powered-By: PleskLin
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1356
Last-Modified: Mon, 19 Apr 2021 07:41:38 GMT
Server: nginx
ETag: "17301675c16eca546f6e6741d23b3bdf-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: MXP64-C3
Accept-Ranges: bytes
X-Amz-Cf-Id: TVpdjR-IoPSHWo_CgHPjNUeLluYU8vr88dbTWA-EzyFeMPARVLkJ_w==

GET
H2 200 style-cf.css
d1azc1qln24ryf.cloudfront.net/9120/SavetheChildren/ 5 KB
1 KB 109ms
35ms Stylesheet
text/css 65.9.76.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1azc1qln24ryf.cloudfront.net/9120/SavetheChildren/style-cf.css?baa630
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.76.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3d9dbecb5b444a549c50b07db0c071782eb845e801e05fbe7a7d1c749ec3324

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 08:36:02 GMT
content-encoding: gzip
last-modified: Fri, 12 Jun 2020 10:58:53 GMT
server: AmazonS3
age: 5447382
etag: "f2d4cb057cca94b7243b5433fcd5bc77"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
cache-control: max-age=31000000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1157
x-amz-cf-id: NOuner505xjCi9ZijZKpGOE8HVUc56OQ-EhBjYvRuHQbZBaQN_2_AA==

GET
H/1.1 200
OK css_pJy9PNUqrd5loGzGJbQ5qa32nCGueCFiE14X_StweYk.css
www.savethechildren.it/s3fs-css/css/ 221 KB
30 KB 279ms
155ms Stylesheet
text/css 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://www.savethechildren.it/s3fs-css/css/css_pJy9PNUqrd5loGzGJbQ5qa32nCGueCFiE14X_StweYk.css
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: a49cbd3cd52aadde65a06cc625b439a9adf69c21ae782162135e17fd2b707989

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Connection: keep-alive
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
Via: 1.1 1b85b70d3076f639e39cb6d3bd427e80.cloudfront.net (CloudFront)
Age: 200
X-Powered-By: PleskLin
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 07:56:00 GMT
Server: nginx
ETag: "e3f71bde63ee91ed266c67127d447f4d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: MXP64-C3
Accept-Ranges: bytes
X-Amz-Cf-Id: G-8Fx2E89Gczb0ONMiLIjT-7-q7BdRdz2NFRb70POUGDzCmw5OXZYw==

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 56ms
38ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:44 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 832
etag: W/"5404400d01d5519bc4a10316e7ed5c9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 64b14706ce6cbeec-FRA
cf-request-id: 09e2aab83b0000beec65081000000001
expires: Sun, 09 May 2021 09:45:44 GMT

GET
H/1.1 200
OK js_zS-CmNFGyegtLYJmqFRpxQvvQrfPIFrOMq_3T3C8sZE.js Show response
www.savethechildren.it/s3fs-js/js/ 131 KB
46 KB 276ms
152ms Script
application/x-javascript 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://www.savethechildren.it/s3fs-js/js/js_zS-CmNFGyegtLYJmqFRpxQvvQrfPIFrOMq_3T3C8sZE.js
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: cd2f8298d146c9e82d2d8266a85469c50bef42b7cf205ace32aff74f70bcb191

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Connection: keep-alive
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
Via: 1.1 1b85b70d3076f639e39cb6d3bd427e80.cloudfront.net (CloudFront)
Age: 200
X-Powered-By: PleskLin
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 46343
Last-Modified: Mon, 19 Apr 2021 07:41:47 GMT
Server: nginx
ETag: "a590b37f517c2938f4b87059152e462e-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: MXP64-C3
Accept-Ranges: bytes
X-Amz-Cf-Id: 8s5BEolfQc4zHP1eTkbz-NwII6RragzY33cYHMom-jrlb29sdpSxgw==

GET
H/1.1 200
OK js_z9YOg8KPjr468Ex2vMRYN9qfb7cCVhUPldNBJ22i1Wk.js Show response
www.savethechildren.it/s3fs-js/js/ 98 KB
28 KB 262ms
139ms Script
application/x-javascript 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://www.savethechildren.it/s3fs-js/js/js_z9YOg8KPjr468Ex2vMRYN9qfb7cCVhUPldNBJ22i1Wk.js
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: cfd60e83c28f8ebe3af04c76bcc45837da9f6fb70256150f95d341276da2d569

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Connection: keep-alive
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
Via: 1.1 b0fb64973ef509b9c9508897337515c3.cloudfront.net (CloudFront)
Age: 212
X-Powered-By: PleskLin
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 28323
Last-Modified: Thu, 22 Apr 2021 15:39:24 GMT
Server: nginx
ETag: "92d9da40bd14ab4c62170bac848837cb-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: MXP64-C3
Accept-Ranges: bytes
X-Amz-Cf-Id: cxGfVgkLvXNKueIG2ovVdEipY7ycj2D0-xfOwQfD4qxNE6btu7a7aQ==

GET
H/1.1 200
OK js_sJ-SY2tZs5xFgYKQSK0ZFAeJamwnLVO_y9AoGWo7z2E.js Show response
www.savethechildren.it/s3fs-js/js/ 4 KB
2 KB 213ms
90ms Script
application/x-javascript 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://www.savethechildren.it/s3fs-js/js/js_sJ-SY2tZs5xFgYKQSK0ZFAeJamwnLVO_y9AoGWo7z2E.js
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: b09f92636b59b39c4581829048ad191407896a6c272d53bfcbd028196a3bcf61

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Connection: keep-alive
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
Via: 1.1 b23e0cf8a6d3410d603ef3fb3377aa08.cloudfront.net (CloudFront)
Age: 265
X-Powered-By: PleskLin
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1425
Last-Modified: Mon, 19 Apr 2021 07:41:47 GMT
Server: nginx
ETag: "7de92d8806c504df2e7430c6507a5bc3-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: MXP64-C3
Accept-Ranges: bytes
X-Amz-Cf-Id: zDzZKvU4m_aEh1ekIi6CU-YoduhEfihAPEZuuFc5daXea7USnA8KXw==

GET
H/1.1 200
OK js_jeNuzOYJoGuB2bEADgMhrCB1cjGuIxGLZRam4KWwSU0.js Show response
www.savethechildren.it/s3fs-js/js/ 194 KB
50 KB 240ms
101ms Script
application/x-javascript 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://www.savethechildren.it/s3fs-js/js/js_jeNuzOYJoGuB2bEADgMhrCB1cjGuIxGLZRam4KWwSU0.js
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: 8de36ecce609a06b81d9b1000e0321ac20757231ae23118b6516a6e0a5b0494d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Connection: keep-alive
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
Via: 1.1 ac9a9db2e57fbe7ebe7ee8fc2d557857.cloudfront.net (CloudFront)
Age: 21
X-Powered-By: PleskLin
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 50945
Last-Modified: Tue, 04 May 2021 14:53:24 GMT
Server: nginx
ETag: "07d3daf3dfbd55cd4e53b4418809641a-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: MXP64-C3
Accept-Ranges: bytes
X-Amz-Cf-Id: MNEj5aSQAbfXODBWANj8SDBOhW6rdHT6xV63VF0RzgS1PYiWTK1NMw==

GET
H2 200 2amydrtv.jpg
s3.savethechildren.it/public/styles/one_columns/public/images/uploads/ui/ 40 KB
41 KB 83ms
13ms Image
image/jpeg 2600:9000:2156:d400:4:92f5:2b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.savethechildren.it/public/styles/one_columns/public/images/uploads/ui/2amydrtv.jpg?itok=yIbyoL0u
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d400:4:92f5:2b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 166f06f89308abd8dcf62142129d4747c16c6ac6c459cffd21e65879bebf0f40

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:35 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jun 2020 12:55:40 GMT
server: AmazonS3
age: 10
etag: "e159628f7f53492982e20cf653080da7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=300
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 41151
x-amz-cf-id: dOjNdGHGEuSOzct5RmCtg-nC1xuLlBFXP9rhUaVO3KeCCJAMGYlmKw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4732
date: Thu, 06 May 2021 08:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 06 May 2021 10:26:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 301 KB
72 KB 41ms
39ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TXBFKK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79dd863629cf4b0fb1585fff1cb381f3cb066d4367496309e5f810f12fb57474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73082
x-xss-protection: 0
last-modified: Thu, 06 May 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 May 2021 09:45:44 GMT

GET
H/1.1 200
OK euro-2019.jpg
www.savethechildren.it/sites/default/files/images/ 34 KB
34 KB 81ms
79ms Image
image/jpeg 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.savethechildren.it/sites/default/files/images/euro-2019.jpg
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: 9b423074a2963d3a045f66e67d592ce0c199894a538b3c54675fcd189e25552f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Cookie: has_js=1
Connection: keep-alive
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
ETag: "5f283b78-8726"
Last-Modified: Mon, 03 Aug 2020 16:29:44 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34598
Expires: Thu, 20 May 2021 09:45:44 GMT

GET
H/1.1 200
OK stc-transazione.gif
www.savethechildren.it/sites/default/files/images/UI/ 15 KB
15 KB 63ms
62ms Image
image/gif 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.savethechildren.it/sites/default/files/images/UI/stc-transazione.gif
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: 02558b39e4c8e6d04cb9fe319b265efdc45253b4a4814d2ddc86973224d6b9d6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Cookie: has_js=1
Connection: keep-alive
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
ETag: "5fbbb884-3aa7"
Last-Modified: Mon, 23 Nov 2020 13:26:28 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/gif
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15015
Expires: Thu, 20 May 2021 09:45:44 GMT

GET
H/1.1 200
OK SaveTheChildren-white.png
www.savethechildren.it/sites/all/themes/stc/img/ 16 KB
16 KB 83ms
81ms Image
image/png 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.savethechildren.it/sites/all/themes/stc/img/SaveTheChildren-white.png
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: 9ca7fe6f096bb183db0cee2ecc304a1dc1862ac9dfaca5417e350b69effac1b9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Cookie: has_js=1
Connection: keep-alive
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
ETag: "5ff73143-3f95"
Last-Modified: Thu, 07 Jan 2021 16:05:23 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16277
Expires: Thu, 20 May 2021 09:45:44 GMT

GET
H/1.1 200
OK js_0BoLoLqFNSo6rfFuSQAMK-bkmd6LtT7A0IWy19Cixzw.js Show response
www.savethechildren.it/s3fs-js/js/ 74 KB
14 KB 91ms
91ms Script
application/x-javascript 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://www.savethechildren.it/s3fs-js/js/js_0BoLoLqFNSo6rfFuSQAMK-bkmd6LtT7A0IWy19Cixzw.js
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: d01a0ba0ba85352a3aadf16e49000c2be6e499de8bb53ec0d085b2d7d0a2c73c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Connection: keep-alive
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
Via: 1.1 6f6484aa8a9f0cd7156cc9e6f320c8f2.cloudfront.net (CloudFront)
Age: 132
X-Powered-By: PleskLin
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 14139
Last-Modified: Mon, 19 Apr 2021 07:41:38 GMT
Server: nginx
ETag: "b61881e6c8408b42a30b2a4b36cde68c-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: MXP64-C3
Accept-Ranges: bytes
X-Amz-Cf-Id: 5-u8GqkKLC20PFsa5oENEdXW94fTus7ZAf-C4GamFxwdkp69aDOKdQ==

GET
H/1.1 200
OK SaveTheChildren.png
www.savethechildren.it/sites/all/themes/stc/img/ 30 KB
31 KB 116ms
115ms Image
image/png 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.savethechildren.it/sites/all/themes/stc/img/SaveTheChildren.png
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/s3fs-css/css/css_pJy9PNUqrd5loGzGJbQ5qa32nCGueCFiE14X_StweYk.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: 3b0af0f7411ca7f642a0f291ad2cfa53a0557c96b977db347348efd737cfab0d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.savethechildren.it/s3fs-css/css/css_pJy9PNUqrd5loGzGJbQ5qa32nCGueCFiE14X_StweYk.css
Cookie: has_js=1
Connection: keep-alive
Referer: https://www.savethechildren.it/s3fs-css/css/css_pJy9PNUqrd5loGzGJbQ5qa32nCGueCFiE14X_StweYk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
ETag: "5ff73143-78ca"
Last-Modified: Thu, 07 Jan 2021 16:05:23 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30922
Expires: Thu, 20 May 2021 09:45:44 GMT

GET
H/1.1 200
OK GillSansInfantW01.woff2
www.savethechildren.it/sites/all/themes/stc/stylesheets/fonts/gill_sans/Fonts/ 17 KB
18 KB 91ms
91ms Font
font/woff2 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://www.savethechildren.it/sites/all/themes/stc/stylesheets/fonts/gill_sans/Fonts/GillSansInfantW01.woff2
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/s3fs-css/css/css_pJy9PNUqrd5loGzGJbQ5qa32nCGueCFiE14X_StweYk.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: 5238b012aca705cdad3edf44f20c8c255386ff41e0a9d2e030d07061f66f706c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.savethechildren.it
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.savethechildren.it/s3fs-css/css/css_pJy9PNUqrd5loGzGJbQ5qa32nCGueCFiE14X_StweYk.css
Cookie: has_js=1
Connection: keep-alive
Origin: https://www.savethechildren.it
Referer: https://www.savethechildren.it/s3fs-css/css/css_pJy9PNUqrd5loGzGJbQ5qa32nCGueCFiE14X_StweYk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
ETag: "5b116d83-4530"
Last-Modified: Fri, 01 Jun 2018 16:00:03 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: font/woff2
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17712
Expires: Thu, 20 May 2021 09:45:44 GMT

GET
H2 200 icomoon.woff2
d1azc1qln24ryf.cloudfront.net/9120/SavetheChildren/ 38 KB
38 KB 119ms
48ms Font
application/font-woff2 65.9.76.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1azc1qln24ryf.cloudfront.net/9120/SavetheChildren/icomoon.woff2?baa630
Requested by: Host: d1azc1qln24ryf.cloudfront.net
URL: https://d1azc1qln24ryf.cloudfront.net/9120/SavetheChildren/style-cf.css?baa630
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.76.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 302186486480859822b068060399ec97e39320fd0d09dba3e7715f34ba3592ce

Request headers

Origin: https://www.savethechildren.it
Referer: https://d1azc1qln24ryf.cloudfront.net/9120/SavetheChildren/style-cf.css?baa630
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 10:59:58 GMT
via: 1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
age: 1809947
x-cache: Hit from cloudfront
content-length: 38472
last-modified: Fri, 12 Jun 2020 10:58:55 GMT
server: AmazonS3
etag: "66adc45b35cd6d3a7ebdb5224259e969"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31000000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: et0s9n_Oug1HdHjdgO5FKMYAXI3X-HiUyuyNqidKg1jT8Aond4NJtA==

GET
H/1.1 200
OK TradeGothicW02-BoldCn20.woff2
www.savethechildren.it/sites/all/themes/stc/stylesheets/fonts/trade_gothic/Fonts/ 37 KB
38 KB 98ms
76ms Font
font/woff2 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://www.savethechildren.it/sites/all/themes/stc/stylesheets/fonts/trade_gothic/Fonts/TradeGothicW02-BoldCn20.woff2
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/s3fs-css/css/css_pJy9PNUqrd5loGzGJbQ5qa32nCGueCFiE14X_StweYk.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: 0edce345a4da7944cf4b16e188a5df2e9c19f7225e22cb440d699cc4d2ffaacd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.savethechildren.it
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.savethechildren.it/s3fs-css/css/css_pJy9PNUqrd5loGzGJbQ5qa32nCGueCFiE14X_StweYk.css
Cookie: has_js=1
Connection: keep-alive
Origin: https://www.savethechildren.it
Referer: https://www.savethechildren.it/s3fs-css/css/css_pJy9PNUqrd5loGzGJbQ5qa32nCGueCFiE14X_StweYk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
ETag: "5b116d83-9594"
Last-Modified: Fri, 01 Jun 2018 16:00:03 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: font/woff2
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38292
Expires: Thu, 20 May 2021 09:45:44 GMT

GET
H/1.1 200
OK GillSansInfantW01-Bold.woff2
www.savethechildren.it/sites/all/themes/stc/stylesheets/fonts/gill_sans/Fonts/ 17 KB
18 KB 102ms
60ms Font
font/woff2 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://www.savethechildren.it/sites/all/themes/stc/stylesheets/fonts/gill_sans/Fonts/GillSansInfantW01-Bold.woff2
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/s3fs-css/css/css_pJy9PNUqrd5loGzGJbQ5qa32nCGueCFiE14X_StweYk.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: 6f209ee5dd83bad534054fb4090f2b8fc6246a29fd7eec15dc3b4e40d4d91c29

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.savethechildren.it
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.savethechildren.it/s3fs-css/css/css_pJy9PNUqrd5loGzGJbQ5qa32nCGueCFiE14X_StweYk.css
Cookie: has_js=1
Connection: keep-alive
Origin: https://www.savethechildren.it
Referer: https://www.savethechildren.it/s3fs-css/css/css_pJy9PNUqrd5loGzGJbQ5qa32nCGueCFiE14X_StweYk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
ETag: "5b116d83-44c8"
Last-Modified: Fri, 01 Jun 2018 16:00:03 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: font/woff2
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17608
Expires: Thu, 20 May 2021 09:45:44 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 134 KB
44 KB 48ms
30ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBfQhokO73lXN7uOsMLInyq_CNCEA9zcI8&callback=stcapp.initializeGoogleMaps&libraries=places&_=1620294344834

Requested by

Host: www.savethechildren.it
URL: https://www.savethechildren.it/s3fs-js/js/js_zS-CmNFGyegtLYJmqFRpxQvvQrfPIFrOMq_3T3C8sZE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

0fa08e631e7d0777e7314421a3e72ab78c6805ce46c5a51a9a46c92195d3d023

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:44 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=15
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44897
x-xss-protection: 0
expires: Thu, 06 May 2021 10:15:44 GMT

GET
H/1.1 200
OK chosen-sprite.png
www.savethechildren.it/sites/all/libraries/chosen/ 538 B
933 B 74ms
73ms Image
image/png 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.savethechildren.it/sites/all/libraries/chosen/chosen-sprite.png

Requested by

Host: www.savethechildren.it
URL: https://www.savethechildren.it/s3fs-css/css/css_P9RYYHSoJhL70A8ZKZmBSiBB5c9nYKq7pwY1j4XUnFA.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),

Reverse DNS

vm5378.savethechildren.it

Software

nginx / PleskLin

Resource Hash

8aa69ee6b2376505578d758bfbbc52aec88fa5e591f1a7cabd8adfa80a7b613a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.savethechildren.it/s3fs-css/css/css_P9RYYHSoJhL70A8ZKZmBSiBB5c9nYKq7pwY1j4XUnFA.css
Cookie: has_js=1; stc_utm_source=ediscom; stc_utm_campaign=rf-rg-corno-africa; stc_utm_medium=email; stc_utm_content=demo-sh; stc_utm_term=ce-9; stc_causale=16067
Connection: keep-alive
Referer: https://www.savethechildren.it/s3fs-css/css/css_P9RYYHSoJhL70A8ZKZmBSiBB5c9nYKq7pwY1j4XUnFA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Sep 2016 16:34:47 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
X-Accel-Version: 0.01
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 538
ETag: "21a-53b88e897735f"
Expires: Thu, 20 May 2021 09:45:44 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 118 KB
41 KB 25ms
22ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PQ9G88D&cid=1049150491.1620294345

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb1a571bc400edbc927e7d19dc2709bdcd20be3b933f37f01a37181956aaa338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41608
x-xss-protection: 0
expires: Thu, 06 May 2021 09:45:44 GMT

GET
H3-29 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/13/ 85 KB
31 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/13/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBfQhokO73lXN7uOsMLInyq_CNCEA9zcI8&callback=stcapp.initializeGoogleMaps&libraries=places&_=1620294344834

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1dce47905b8a2e6e1e5da69f1da637d583ae6d5186e06906a37ac24d0426224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 18:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 20:17:58 GMT
server: sffe
age: 56194
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31682
x-xss-protection: 0
expires: Thu, 05 May 2022 18:09:11 GMT

GET
H3-29 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/13/ 280 KB
86 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/13/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBfQhokO73lXN7uOsMLInyq_CNCEA9zcI8&callback=stcapp.initializeGoogleMaps&libraries=places&_=1620294344834

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee871f0f2416fafa676fb2acddbd9803356dc2fcf505541f537b7ec31c82f3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 18:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 20:17:58 GMT
server: sffe
age: 56194
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87533
x-xss-protection: 0
expires: Thu, 05 May 2022 18:09:11 GMT

GET
H3-29 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/13/ 90 KB
27 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/13/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBfQhokO73lXN7uOsMLInyq_CNCEA9zcI8&callback=stcapp.initializeGoogleMaps&libraries=places&_=1620294344834

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0df1529f77f285fbae123c8ae43a43a012ff8524a02fb594583adbd1bd8c8fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 18:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 20:17:58 GMT
server: sffe
age: 56194
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27708
x-xss-protection: 0
expires: Thu, 05 May 2022 18:09:11 GMT

GET
H3-29 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/13/ 44 KB
17 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/13/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBfQhokO73lXN7uOsMLInyq_CNCEA9zcI8&callback=stcapp.initializeGoogleMaps&libraries=places&_=1620294344834

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2789e9704151cc172626b126fd57ada6dad8307bb68696a3595f151fde24985a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 18:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 20:17:58 GMT
server: sffe
age: 56172
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16911
x-xss-protection: 0
expires: Thu, 05 May 2022 18:09:33 GMT

GET
H2 200 hotjar-454452.js Show response
static.hotjar.com/c/ 13 KB
4 KB 131ms
54ms Script
application/javascript 65.9.73.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-454452.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXBFKK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

366515aab2aa528a20b8ed0dcf6f595942ce902d7fe3a2369b637bffb24ac6cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 55
etag: W/ad326ae0691962327792df522a8add1d
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: biEd6ydVbXbzp_-0NLwZQjh3pB5Sk1rjAUZpyKGdfTBcgZgEhtWZLg==
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 32ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXBFKK
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:44 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 17:21:02 GMT
x-msedge-ref: Ref A: 8E00BC71A4E341B2AD54745A902D5BF2 Ref B: FRAEDGE1414 Ref C: 2021-05-06T09:45:45Z
etag: "0d398608930d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8910

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 98ms
29ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXBFKK
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 35184
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1620294345.109866,VS0,VE0
x-served-by: cache-fra19154-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: affiliate.across.it
URL: https://affiliate.across.it/v2/click/m1c1y1s35b6rqvbmo73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: private
x-fb-debug: oQJzSm+kTFmflaWzm+DPqND9uYwI7GpI7RvVzFZGfW/LMkvEdLbfEBupbTPDCbwNPBGH5yitm6b0ml5IAsLDcg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 06 May 2021 09:45:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: private
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 36 KB
12 KB 77ms
22ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXBFKK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 78dc1d813da12c0a30b5f00242c82b9cd577771cf689d3d1061fea6cc9613cc0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
content-encoding: gzip
last-modified: Wed, 07 Apr 2021 11:44:21 GMT
server: nginx
etag: W/"606d9b15-9076"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 May 2021 09:45:45 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
29 KB

134ms
42ms

Script
application/x-javascript

37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e900793533d5a24861457658acd88eefaf284309e5e5f8a049b9468af341abf2

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 08:03:14 GMT
server: nginx
etag: W/"6076a1c2-13f40"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Thu, 06 May 2021 09:45:45 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H/1.1 200
OK analytics.js Show response
bv01.er.bemail.it/js/v3/ 2 KB
2 KB 245ms
57ms Script
application/javascript 151.1.245.21
ASN-ITNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bv01.er.bemail.it/js/v3/analytics.js
Requested by: Host: affiliate.across.it
URL: https://affiliate.across.it/v2/click/m1c1y1s35b6rqvbmo73
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 151.1.245.21 , Italy, ASN3242 (ASN-ITNET, IT),
Reverse DNS: bv01.er.bemail.it
Software: nginx/1.10.2 /
Resource Hash: 579c49c652e192a9b64757cee13e8266a8923691eb37702b446764361be51305

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:46 GMT
Via: 1.1 varnish-v4
Last-Modified: Thu, 27 Apr 2017 16:34:04 GMT
Server: nginx/1.10.2
Age: 937517
ETag: "6e1-54e28867257aa"
X-Varnish: 320620248 220707513
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 1761

GET
H2 200 pa-5d63d6879623b00008000255.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 140ms
116ms Script
application/javascript 2606:4700:10::6814:15ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5d63d6879623b00008000255.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXBFKK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:15ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d55333b61993fba9ac22353281fa5fae571fd6d85e4aadce039a133edb31348

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 27 Nov 2020 12:36:14 GMT
server: cloudflare
etag: W/"5fc0f2be-1889"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 64b14708adce4e1f-FRA
cf-request-id: 09e2aab96900004e1f4f327000000001
expires: Thu, 06 May 2021 09:50:45 GMT

GET
H/1.1 200 mna1583319600000a1631.js Show response
fe-mn1.mag-news.it/nl/ 38 KB
39 KB 203ms
65ms Script
application/javascript 83.221.105.143
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL

https://fe-mn1.mag-news.it/nl/mna1583319600000a1631.js

Requested by

Host: affiliate.across.it
URL: https://affiliate.across.it/v2/click/m1c1y1s35b6rqvbmo73

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

83.221.105.143 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),

Reverse DNS

reverse83-142-143.mag-news.it

Software

Resource Hash

d2c03bf880df9e560333794799492e08f013e96c9b442bfce435a25165e422f1

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: blob:; font-src * data: blob:; media-src * blob:; connect-src * data: blob:; worker-src * blob:; report-uri https://csp-reporting.mag-news.it
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-MnPageType: fe
Content-Security-Policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: blob:; font-src * data: blob:; media-src * blob:; connect-src * data: blob:; worker-src * blob:; report-uri https://csp-reporting.mag-news.it
Referrer-Policy: same-origin
Last-modified: Fri, 30 Apr 2021 15:08:59 GMT
Date: Thu, 06 May 2021 09:45:44 GMT
Expect-CT: max-age=86400, report-uri="https://csp-reporting.mag-news.it"
Content-Type: application/javascript;charset=UTF-8
Cache-Control: public, max-age=14400
X-Content-Type-Options: nosniff
X-Proxy-Path: secure_request;fehttps_a;fehttps_d;fehttps12
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 39080
X-XSS-Protection: 1; mode=block
Expires: Thu, 06 May 2021 13:45:45 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 215 KB
68 KB 46ms
45ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: affiliate.across.it
URL: https://affiliate.across.it/v2/click/m1c1y1s35b6rqvbmo73

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1234d3283f11235deeaa9c66ea51b7f5177161ab47278594372972092b587f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
content-encoding: br
last-modified: Fri, 30 Apr 2021 17:14:07 GMT
etag: "608a4fd7-11068"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69736
expires: Thu, 06 May 2021 10:45:45 GMT

GET
H2 200 tag4arm.js Show response
www.tag4arm.com/tags4arm/ 69 KB
24 KB 135ms
54ms Script
application/javascript 35.177.43.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tag4arm.com/tags4arm/tag4arm.js
Requested by: Host: affiliate.across.it
URL: https://affiliate.across.it/v2/click/m1c1y1s35b6rqvbmo73
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.43.219 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-43-219.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2231582d65dac7e03f2bdc05be35ff373ca893111098cbd87b56adbb91d33faf

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 06 May 2021 09:45:45 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 10:21:00 GMT
server: nginx
etag: W/"5f61e70c-1149f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200, public
expires: Thu, 06 May 2021 11:45:45 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=807971568&t=pageview&_s=1&dl=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067&dr=https%3A%2F%2Faffiliate.across.it%2F&ul=en-us&de=UTF-8&dt=Tanti%20bambini%20aspettano%20il%20tuo%20aiuto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KHBAAEADQAAAAC~&jid=1016275213&gjid=59764580&cid=1049150491.1620294345&tid=UA-83431119-1&_gid=2035395989.1620294345&_r=1&_slc=1&z=1801951822

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 May 2021 09:45:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.savethechildren.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 right_now_drtv_0.jpg
s3.savethechildren.it/public/images/uploads/ui/ 98 KB
99 KB 54ms
54ms Image
image/jpeg 2600:9000:2156:d400:4:92f5:2b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.savethechildren.it/public/images/uploads/ui/right_now_drtv_0.jpg?itok=yIbyoL0u
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d400:4:92f5:2b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69a2f8e0fa2980d5df7abe8513fd75d144a1329bae4005928af9002545ee1efa

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2019 15:24:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "585ea7417613958474184fc4a40be140"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
content-length: 100601
x-amz-cf-id: 3SPYAHbkYVItsPhGKgeFKcRCQNAstQwj0pVu78Sy4PTSwW6lC5NVdQ==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=807971568&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067&dr=https%3A%2F%2Faffiliate.across.it%2F&ul=en-us&de=UTF-8&dt=Tanti%20bambini%20aspettano%20il%20tuo%20aiuto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AdBlock&ea=0&el=%2Fdona-ora-io-save-the-children&_u=aHDAAEADQAAAAC~&jid=387309701&gjid=779663519&cid=1049150491.1620294345&tid=UA-83431119-1&_gid=2035395989.1620294345&_r=1&gtm=2wg4s0TXBFKK&cd4=0&z=1385068000

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 May 2021 09:45:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.savethechildren.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK securedonation-3.png
www.savethechildren.it/sites/default/files/images/ 6 KB
6 KB 82ms
82ms Image
image/png 212.35.198.153
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.savethechildren.it/sites/default/files/images/securedonation-3.png
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.35.198.153 , Italy, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: vm5378.savethechildren.it
Software: nginx / PleskLin
Resource Hash: 7570eac13e4d43e886a82174b15fcdc6b469438ae27b1226d4b71a965a9fd395

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.savethechildren.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Cookie: has_js=1; stc_utm_source=ediscom; stc_utm_campaign=rf-rg-corno-africa; stc_utm_medium=email; stc_utm_content=demo-sh; stc_utm_term=ce-9; stc_causale=16067; cb-enabled=enabled; _ga=GA1.2.1049150491.1620294345; _gid=GA1.2.2035395989.1620294345; _gcl_au=1.1.888688228.1620294345; _gat=1; _gat_UA-83431119-1=1
Connection: keep-alive
Referer: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:45:45 GMT
ETag: "5fbba270-1664"
Last-Modified: Mon, 23 Nov 2020 11:52:16 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5732
Expires: Thu, 20 May 2021 09:45:45 GMT

GET
H3-29 200 464256450377537 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 71ms
70ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/464256450377537?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e19fb6a5c78502d5fe25332614e6e2e8d108735da4297daa6a441b2b949c168

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: ADvhVsLBXL35OwQoTIIzeNmhWWw+pkCMpdkNv3zNBO33vDLBZoWwCI5O+PhVqIKSDu+EwX5CwS3yBMhE4mWWNQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Thu, 06 May 2021 09:45:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-83431119-1&cid=1049150491.1620294345&jid=1016275213&gjid=59764580&_gid=2035395989.1620294345&_u=KHBAAEACQAAAAC~&z=595469880

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 06 May 2021 09:45:45 GMT
content-type: text/plain
access-control-allow-origin: https://www.savethechildren.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5739178 Show response
bat.bing.com/p/action/ 0
92 B 30ms
29ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5739178
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 06 May 2021 09:45:44 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 12CFB427EEC145958CD1591CF102CC78 Ref B: FRAEDGE1414 Ref C: 2021-05-06T09:45:45Z
x-powered-by: ARR/3.0

GET
H2 204 0
bat.bing.com/action/ 0
93 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5739178&tm=gtm001&Ver=2&mid=1e9842b0-f0d6-4e44-a908-26dfc3a52115&sid=d43e7110ae4f11ebaeb953cd88c888f8&vid=d43e92f0ae4f11eb8507d7cc79cbf58d&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Tanti%20bambini%20aspettano%20il%20tuo%20aiuto&p=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067&r=https%3A%2F%2Faffiliate.across.it%2F&lt=726&evt=pageLoad&msclkid=N&sv=1&rn=704375
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 06 May 2021 09:45:44 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: E6F6BA5D598A45FB80B4181AA84ED120 Ref B: FRAEDGE1414 Ref C: 2021-05-06T09:45:45Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 35ms
17ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-83431119-1&cid=1049150491.1620294345&jid=387309701&gjid=779663519&_gid=2035395989.1620294345&_u=aHDAAEADQAAAAC~&z=1078468338

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 06 May 2021 09:45:45 GMT
content-type: text/plain
access-control-allow-origin: https://www.savethechildren.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=807971568&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067&dr=https%3A%2F%2Faffiliate.across.it%2F&ul=en-us&de=UTF-8&dt=Tanti%20bambini%20aspettano%20il%20tuo%20aiuto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Google%20Optimize&ea=r8G015YSRk6QKuk6NGiF-w&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=1049150491.1620294345&tid=UA-83431119-1&_gid=2035395989.1620294345&z=881899897

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 07:34:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7863
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=807971568&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067&dr=https%3A%2F%2Faffiliate.across.it%2F&ul=en-us&de=UTF-8&dt=Tanti%20bambini%20aspettano%20il%20tuo%20aiuto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Google%20Optimize&ea=_OIdR27GQIqLT_NwoKzu8Q&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=1049150491.1620294345&tid=UA-83431119-1&_gid=2035395989.1620294345&z=1777169508

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 07:34:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7863
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 37ms
13ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1616
x-xss-protection: 0
expires: Thu, 06 May 2021 09:45:45 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
3 KB 38ms
14ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3351
x-xss-protection: 0
expires: Thu, 06 May 2021 09:45:45 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 33ms
27ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-83431119-1&cid=1049150491.1620294345&jid=1016275213&_u=KHBAAEACQAAAAC~&z=1990515884

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 09:45:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 32ms
29ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-83431119-1&cid=1049150491.1620294345&jid=1016275213&_u=KHBAAEACQAAAAC~&z=1990515884

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 09:45:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 1 KB
1 KB 78ms
30ms Script
application/x-javascript 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://sslwidget.criteo.com/event?a=8846&v=5.6.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Faffiliate.across.it&p2=e%3Dvl%26tms%3Dgtm-criteo-2.0.0%26p%3D%255BICS_3361_25%252CICS_3361_30%252CICS_3361_40%252CICS_3361_50%252CRG_3453_9%252CRG_3453_15%252CRG_3453_30%255D&p3=e%3Ddis&adce=1&tld=savethechildren.it&dtycbr=80947
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a406f760754e7bb7371e45c84759400e768df46253d178640d1c7ee4bb8f98d2

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 09:45:45 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
timing-allow-origin: *
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 15852
content-type: application/x-javascript
content-length: 862
expires: 0

GET
H2 200 modules.7225c79fe4e29708c611.js Show response
script.hotjar.com/ 219 KB
58 KB 114ms
42ms Script
application/javascript 65.9.73.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7225c79fe4e29708c611.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-454452.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bb5824e55fb08d11d1bbcc144d776acc19dddf21298c684ff143c1b0cfd046af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 11:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167318
x-cache: Hit from cloudfront
content-length: 59087
access-control-allow-origin: *
last-modified: Tue, 04 May 2021 11:17:02 GMT
etag: "5a825663eb0181940c9c8432508f6197"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
cache-control: max-age=30758400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: JZWf3OYajsoU23du6dY4Nm3tLiPCi6TzdfoM7Fh25Uv3gRfw1hw2IQ==

GET
H2 200 event Show response
sslwidget.criteo.com/ 1 KB
1 KB 71ms
27ms Script
application/x-javascript 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://sslwidget.criteo.com/event?a=8846&v=5.6.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Faffiliate.across.it&p2=e%3Dvl%26tms%3Dgtm-criteo-2.0.0%26p%3D%255BRG_3453_9%252CRG_3453_15%252CRG_3453_30%255D&p3=e%3Ddis&adce=1&tld=savethechildren.it&dtycbr=12024
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a406f760754e7bb7371e45c84759400e768df46253d178640d1c7ee4bb8f98d2

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 09:45:44 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
timing-allow-origin: *
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 14304
content-type: application/x-javascript
content-length: 862
expires: 0

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 50ms
47ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-83431119-1&cid=1049150491.1620294345&jid=387309701&_u=aHDAAEADQAAAAC~&z=485967333

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 09:45:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 52ms
37ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-83431119-1&cid=1049150491.1620294345&jid=387309701&_u=aHDAAEADQAAAAC~&z=485967333

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 09:45:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
125 B 196ms
134ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nykiu&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 104
pragma: no-cache
last-modified: Thu, 06 May 2021 09:45:45 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e0a76db9184863b1a39254a9f441cf2f
x-transaction: 0053c9b400d56dda
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
450 B 193ms
132ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o5k3n&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 102
pragma: no-cache
last-modified: Thu, 06 May 2021 09:45:45 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e0a76db9184863b1a39254a9f441cf2f
x-transaction: 00eb8a7e008bc0b5
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F2CF 0
150 B 46ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.savethechildren.it&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.savethechildren.it&origin=onetag
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.savethechildren.it/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.savethechildren.it/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1808
date: Thu, 06 May 2021 09:45:44 GMT
content-length: 0

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9265.xMi4FD9FbwnpiBXNMqqiAokIVZ2j-z_pR6RDW2byIKvbHdit7k1w-yA9e7oGCJ_E.LlKESC-aVz7BzNEjx5sE7Q4B4NY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9265.KL-RahVEmcrkcqdAb_V75fXJR1HeWNy4QnEN-FwNHv83lQKu7lEfCeH7XOsnMUE7eejxGpedRJhkegiNGHPIrw%2C%2C.uo50dXfuT8fsRM7r0AYM6xYn4xQ%2C

75 B
75 B

48ms
48ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9265.KL-RahVEmcrkcqdAb_V75fXJR1HeWNy4QnEN-FwNHv83lQKu7lEfCeH7XOsnMUE7eejxGpedRJhkegiNGHPIrw%2C%2C.uo50dXfuT8fsRM7r0AYM6xYn4xQ%2C

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9265.KL-RahVEmcrkcqdAb_V75fXJR1HeWNy4QnEN-FwNHv83lQKu7lEfCeH7XOsnMUE7eejxGpedRJhkegiNGHPIrw%2C%2C.uo50dXfuT8fsRM7r0AYM6xYn4xQ%2C
date: Thu, 06 May 2021 09:45:45 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 45ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
last-modified: Fri, 30 Apr 2021 17:14:07 GMT
etag: "608a4fd7-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 06 May 2021 10:45:45 GMT

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame AAB6 1 KB
1 KB 106ms
36ms Document
text/html 65.9.73.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-454452.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.savethechildren.it/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.savethechildren.it/

Response headers

content-type: text/html
content-length: 684
date: Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: RgD8yS4pKIooaIsWj-LtpZmrgE62o7MYtuI4cF686GC7E4xELdIIbA==
age: 3173713

GET
H2 200 tag4armcheck.php Show response
www.tag4arm.com/tags4arm/scripts/ 1 B
210 B 108ms
36ms XHR
text/html 35.177.43.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tag4arm.com/tags4arm/scripts/tag4armcheck.php?name=397
Requested by: Host: www.tag4arm.com
URL: https://www.tag4arm.com/tags4arm/tag4arm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.43.219 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-43-219.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
content-encoding: gzip
referrer-policy: origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *

GET
H2 200 tag4arm.php
www.tag4arm.com/tags4arm/ 43 B
154 B 58ms
58ms Image
image/gif 35.177.43.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tag4arm.com/tags4arm/tag4arm.php?action_name=Tanti%20bambini%20aspettano%20il%20tuo%20aiuto&idsite=397&rec=1&r=979500&h=11&m=45&s=45&url=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067&urlref=https%3A%2F%2Faffiliate.across.it%2F&_id=0206a94b639dc81a&_idts=1620294345&_idvc=1&_idn=0&_rcn=rf-rg-corno-africa&_rck=ce-9&_refts=1620294345&_viewts=1620294345&_ref=https%3A%2F%2Faffiliate.across.it%2F&send_image=1&cookie=1&res=1600x1200&gt_ms=117&pv_id=uCtFVu
Requested by: Host: www.savethechildren.it
URL: https://www.savethechildren.it/dona-ora-io-save-the-children?ab=2&utm_source=ediscom&utm_medium=email&utm_campaign=rf-rg-corno-africa&utm_content=demo-sh&utm_term=ce-9&causale=16067
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.43.219 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-43-219.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
cache-control: no-store
referrer-policy: origin
server: nginx
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 44 B
263 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=464256450377537&ev=PageView&dl=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067&rl=https%3A%2F%2Faffiliate.across.it%2F&if=false&ts=1620294345381&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620294345379.166534460&it=1620294345121&coo=false&exp=l0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 06 May 2021 09:45:45 GMT

GET
H/1.1 200
OK Cookie set / Show response
bv01.er.bemail.it/api/v1/ Frame A1F2 43 B
615 B 63ms
62ms Document
image/gif 151.1.245.21
ASN-ITNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bv01.er.bemail.it/api/v1/?be=%5B%22bebox_code%3DBE-2106-7%22%2C%22js_client%3Djavascript%22%2C%22action%3Diosave%22%2C%22ref%3Dhttps%253A%252F%252Faffiliate.across.it%252F%22%2C%22ver%3Dv3%22%2C%22url%3Dhttps%253A%252F%252Fwww.savethechildren.it%252Fdona-ora-io-save-the-children%253Fab%253D2%2526utm_source%253Dediscom%2526utm_medium%253Demail%2526utm_campaign%253Drf-rg-corno-africa%2526utm_content%253Ddemo-sh%2526utm_term%253Dce-9%2526causale%253D16067%22%2C%22host%3Dwww.savethechildren.it%22%2C%22search%3D%253Fab%253D2%2526utm_source%253Dediscom%2526utm_medium%253Demail%2526utm_campaign%253Drf-rg-corno-africa%2526utm_content%253Ddemo-sh%2526utm_term%253Dce-9%2526causale%253D16067%22%5D
Requested by: Host: bv01.er.bemail.it
URL: https://bv01.er.bemail.it/js/v3/analytics.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 151.1.245.21 , Italy, ASN3242 (ASN-ITNET, IT),
Reverse DNS: bv01.er.bemail.it
Software: nginx/1.10.2 / PHP/5.4.16
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: bv01.er.bemail.it
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.savethechildren.it/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.savethechildren.it/

Response headers

Server: nginx/1.10.2
Date: Thu, 06 May 2021 09:45:46 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Set-Cookie: _be=BE1-2021050611-60467-0.294937001620294342-d58b281fa8dc1abeea19db620fb048ac; expires=Tue, 31-May-2022 09:45:42 GMT; path=/; domain=bemail.it _be_ssl=BE1-2021050611-60467-0.294937001620294342-d58b281fa8dc1abeea19db620fb048ac; expires=Tue, 31-May-2022 09:45:42 GMT; path=/; domain=bemail.it; secure
X-Varnish: 320620268
Age: 0
Via: 1.1 varnish-v4
Accept-Ranges: bytes

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=1459189&ADFPageName=Donazione%20RG&ADFdivider=%7C&ord=351825703476&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Faffiliate.across.it%2F&ADF...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1459189&ADFPageName=Donazione%20RG&ADFdivider=%7C&ord=351825703476&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Faffiliate.across.it%2...

112 B
594 B

45ms
45ms

Script
text/javascript

37.157.6.251
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1459189&ADFPageName=Donazione%20RG&ADFdivider=%7C&ord=351825703476&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Faffiliate.across.it%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

de276c12eeed008c61eab92a415cf899b8b2bce5895e735707cee87a6b01d543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 09:45:45 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 187
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 06 May 2021 09:45:45 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1459189&ADFPageName=Donazione%20RG&ADFdivider=%7C&ord=351825703476&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Faffiliate.across.it%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
653 B 208ms
141ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nykiu&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Thu, 06 May 2021 09:45:45 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c1af4ce7dea714e97caae50744978516
x-transaction: 0093023d0023cead
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
233 B 208ms
141ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o5k3n&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 09:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Thu, 06 May 2021 09:45:45 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c1af4ce7dea714e97caae50744978516
x-transaction: 006bea5b009cde43
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/62169178/
Redirect Chain

https://mc.yandex.com/watch/62169178?wmode=7&page-url=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-r...
https://mc.yandex.com/watch/62169178/1?wmode=7&page-url=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf...

203 B
284 B

45ms
45ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/62169178/1?wmode=7&page-url=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067&page-ref=https%3A%2F%2Faffiliate.across.it%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1070%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A290085126234%3Ahid%3A404558360%3Az%3A120%3Ai%3A20210506114545%3Aet%3A1620294345%3Ac%3A1%3Arn%3A1037978717%3Au%3A1620294345418056186%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620294344179%3Ads%3A19%2C100%2C116%2C1%2C0%2C0%2C%2C395%2C92%2C%2C%2C%2C634%3Adsn%3A19%2C101%2C115%2C1%2C0%2C0%2C%2C398%2C92%2C%2C%2C%2C635%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620294346%3At%3ATanti%20bambini%20aspettano%20il%20tuo%20aiuto

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9d02e7e0ac7a12c7669fb49e96b2d19d64bf73f3431acc40740e35b12594a106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 09:45:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 06-May-2021 09:45:45 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.savethechildren.it
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 203
x-xss-protection: 1; mode=block
expires: Thu, 06-May-2021 09:45:45 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 May 2021 09:45:45 GMT
last-modified: Thu, 06-May-2021 09:45:45 GMT
location: /watch/62169178/1?wmode=7&page-url=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067&page-ref=https%3A%2F%2Faffiliate.across.it%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1070%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A290085126234%3Ahid%3A404558360%3Az%3A120%3Ai%3A20210506114545%3Aet%3A1620294345%3Ac%3A1%3Arn%3A1037978717%3Au%3A1620294345418056186%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620294344179%3Ads%3A19%2C100%2C116%2C1%2C0%2C0%2C%2C395%2C92%2C%2C%2C%2C634%3Adsn%3A19%2C101%2C115%2C1%2C0%2C0%2C%2C398%2C92%2C%2C%2C%2C635%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620294346%3At%3ATanti%20bambini%20aspettano%20il%20tuo%20aiuto
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.savethechildren.it
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 06-May-2021 09:45:45 GMT

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 188ms
47ms XHR
text/plain 52.30.208.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5d63d6879623b00008000255&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=20&cE=120&dLE=20&dLS=1&fS=0&hS=40&rE=-1&rS=-1&reS=120&resS=236&resE=237&uEE=-1&uES=-1&dL=239&dI=634&dCLES=634&dCLEE=726&dC=1367&lES=1367&lEE=1380&s=nt&title=Tanti%20bambini%20aspettano%20il%20tuo%20aiuto&path=https%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children&ref=https%3A%2F%2Faffiliate.across.it%2F&sId=i2shrgt9&sST=1620294345&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5d63d6879623b00008000255.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.208.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-208-177.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 06 May 2021 09:45:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryB2vXvHF1T565EYHs

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 06 May 2021 09:45:45 GMT
content-type: text/plain
access-control-allow-origin: https://www.savethechildren.it
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 event Show response
sslwidget.criteo.com/ 1 KB
1 KB 58ms
57ms Script
application/x-javascript 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://sslwidget.criteo.com/event?a=8846&v=5.6.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Faffiliate.across.it&p2=e%3Dvb%26p%3D%255Bi%25253DRG_3453_25%252526pr%25253D25%252526q%25253D1%255D&p3=e%3Ddis&adce=1&tld=savethechildren.it&dtycbr=13740
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a406f760754e7bb7371e45c84759400e768df46253d178640d1c7ee4bb8f98d2

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 09:45:47 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
timing-allow-origin: *
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 64364
content-type: application/x-javascript
content-length: 862
expires: 0

GET
H3-29 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
83 B 30ms
29ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.savethechildren.it%2Fdona-ora-io-save-the-children%3Fab%3D2%26utm_source%3Dediscom%26utm_medium%3Demail%26utm_campaign%3Drf-rg-corno-africa%26utm_content%3Ddemo-sh%26utm_term%3Dce-9%26causale%3D16067&4sAIzaSyBfQhokO73lXN7uOsMLInyq_CNCEA9zcI8&callback=_xdc_._toil13&key=AIzaSyBfQhokO73lXN7uOsMLInyq_CNCEA9zcI8&token=1705

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/13/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

9a3f17af96f59513324daf57efbe794924ae3ba267f4b290004a5cf960e4a833

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.savethechildren.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 May 2021 09:45:50 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=15
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.savethechildren.it/	1970-01-19 18:04:56	Name: _hjFirstSeen Value: 1
.savethechildren.it/	1970-01-20 02:50:30	Name: _hjid Value: d6160e88-2e94-4dbc-8f99-928f97855d7b
www.savethechildren.it/	1969-12-31 23:59:59	Name: stc_utm_medium Value: email
.savethechildren.it/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.savethechildren.it/	1970-01-19 18:06:06	Name: _ym_isad Value: 2
.savethechildren.it/	1970-01-19 18:28:18	Name: _uetvid Value: d43e92f0ae4f11eb8507d7cc79cbf58d
www.savethechildren.it/	1969-12-31 23:59:59	Name: has_js Value: 1
.savethechildren.it/	1970-01-19 18:06:20	Name: _uetsid Value: d43e7110ae4f11ebaeb953cd88c888f8
www.savethechildren.it/	1969-12-31 23:59:59	Name: stc_utm_source Value: ediscom
.savethechildren.it/	1970-01-19 18:04:54	Name: _gat Value: 1
.savethechildren.it/	1970-01-19 18:04:54	Name: _gat_UA-83431119-1 Value: 1
.savethechildren.it/	1970-01-19 18:06:20	Name: _gid Value: GA1.2.2035395989.1620294345
.savethechildren.it/	1970-01-19 20:14:30	Name: _gcl_au Value: 1.1.888688228.1620294345
.savethechildren.it/	1970-01-20 11:36:06	Name: _ga Value: GA1.2.1049150491.1620294345
.criteo.com/	1970-01-20 03:26:30	Name: uid Value: e66d2586-bf98-49ab-bef9-93e7e35f5122
www.savethechildren.it/	1969-12-31 23:59:59	Name: stc_causale Value: 16067
www.savethechildren.it/	1970-01-19 18:04:56	Name: _pk_ses.397.05ef Value: 1
www.savethechildren.it/	1969-12-31 23:59:59	Name: stc_utm_term Value: ce-9
www.savethechildren.it/	1970-01-20 03:30:49	Name: _pk_id.397.05ef Value: 0206a94b639dc81a.1620294345.1.1620294345.1620294345.
www.savethechildren.it/	1970-01-20 02:50:30	Name: cb-enabled Value: enabled
www.savethechildren.it/	1970-01-19 18:05:04	Name: pa Value: stc_utm_campaign=rf-rg-corno-africa%20stc_utm_campaign%3Drf-rg-corno-africa%20stc_utm_campaign%3Drf-rg-corno-africa%20stc_utm_campaign%3Drf-rg-corno-africa&pa=sid%3Di2shrgt9%26sst%3D1620294345%26sis%3D1%26rv%3D0
.savethechildren.it/	1970-01-20 02:50:30	Name: _ym_d Value: 1620294345
www.savethechildren.it/	1969-12-31 23:59:59	Name: stc_utm_content Value: demo-sh
www.savethechildren.it/	1970-01-19 22:27:42	Name: _pk_ref.397.05ef Value: %5B%22rf-rg-corno-africa%22%2C%22ce-9%22%2C1620294345%2C%22https%3A%2F%2Faffiliate.across.it%2F%22%5D
.savethechildren.it/	1970-01-20 02:50:30	Name: _ym_uid Value: 1620294345418056186
www.savethechildren.it/	1969-12-31 23:59:59	Name: stc_utm_campaign Value: rf-rg-corno-africa
.savethechildren.it/	1970-01-19 20:14:30	Name: _fbp Value: fb.1.1620294345379.166534460

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	(Line 1) Message: TEST TUTTI I FORM DI DONAZIONE
console-api	log	(Line 1) Message: PSD2: inizio
console-api	log	(Line 2) Message: PSD2: if 1
console-api	log	(Line 2) Message: viewBasket -> ProductID:RG_3453_25 \| priceVal:25 \| PartnerID:8846 \| deviceType:d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliate.across.it
analytics.twitter.com
bat.bing.com
bv01.er.bemail.it
cdn.onesignal.com
connect.facebook.net
d1azc1qln24ryf.cloudfront.net
email.iperjob.com
fe-mn1.mag-news.it
gum.criteo.com
maps.googleapis.com
maps.gstatic.com
mc.yandex.com
mc.yandex.ru
rum-collector-2.pingdom.net
rum-static.pingdom.net
s2.adform.net
s3.savethechildren.it
script.hotjar.com
sslwidget.criteo.com
static.ads-twitter.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
t.co
track.adform.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.savethechildren.it
www.tag4arm.com
104.244.42.131
104.244.42.197
151.1.245.21
151.101.12.157
178.250.0.163
178.255.74.102
212.35.198.153
2600:9000:2156:d400:4:92f5:2b80:93a1
2606:4700:10::6814:15ef
2606:4700::6812:e234
2620:1ec:c11::200
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9c
2a02:2638:1::13
2a02:2638::3
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.202.59.252
35.177.43.219
37.157.6.235
37.157.6.251
52.30.208.177
65.9.73.108
65.9.73.11
65.9.73.94
65.9.76.159
83.221.105.143
02558b39e4c8e6d04cb9fe319b265efdc45253b4a4814d2ddc86973224d6b9d6
03db8f6ad499f8deb3869b36a1db13efb26d62e6f9d64818a428a0e213a35c23
0df1529f77f285fbae123c8ae43a43a012ff8524a02fb594583adbd1bd8c8fed
0edce345a4da7944cf4b16e188a5df2e9c19f7225e22cb440d699cc4d2ffaacd
0fa08e631e7d0777e7314421a3e72ab78c6805ce46c5a51a9a46c92195d3d023
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1234d3283f11235deeaa9c66ea51b7f5177161ab47278594372972092b587f25
166f06f89308abd8dcf62142129d4747c16c6ac6c459cffd21e65879bebf0f40
2231582d65dac7e03f2bdc05be35ff373ca893111098cbd87b56adbb91d33faf
2789e9704151cc172626b126fd57ada6dad8307bb68696a3595f151fde24985a
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d55333b61993fba9ac22353281fa5fae571fd6d85e4aadce039a133edb31348
302186486480859822b068060399ec97e39320fd0d09dba3e7715f34ba3592ce
3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299
366515aab2aa528a20b8ed0dcf6f595942ce902d7fe3a2369b637bffb24ac6cf
3b0af0f7411ca7f642a0f291ad2cfa53a0557c96b977db347348efd737cfab0d
3fd4586074a82612fbd00f192999814a2041e5cf6760aabba706358f85d49c50
47b9b9dfdefd85901e2506538d30e0202583c703268cd13fde143adbc24d54c2
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e19fb6a5c78502d5fe25332614e6e2e8d108735da4297daa6a441b2b949c168
5238b012aca705cdad3edf44f20c8c255386ff41e0a9d2e030d07061f66f706c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
579c49c652e192a9b64757cee13e8266a8923691eb37702b446764361be51305
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
69a2f8e0fa2980d5df7abe8513fd75d144a1329bae4005928af9002545ee1efa
6f209ee5dd83bad534054fb4090f2b8fc6246a29fd7eec15dc3b4e40d4d91c29
7570eac13e4d43e886a82174b15fcdc6b469438ae27b1226d4b71a965a9fd395
78dc1d813da12c0a30b5f00242c82b9cd577771cf689d3d1061fea6cc9613cc0
79dd863629cf4b0fb1585fff1cb381f3cb066d4367496309e5f810f12fb57474
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa69ee6b2376505578d758bfbbc52aec88fa5e591f1a7cabd8adfa80a7b613a
8de36ecce609a06b81d9b1000e0321ac20757231ae23118b6516a6e0a5b0494d
9a3f17af96f59513324daf57efbe794924ae3ba267f4b290004a5cf960e4a833
9b423074a2963d3a045f66e67d592ce0c199894a538b3c54675fcd189e25552f
9ca7fe6f096bb183db0cee2ecc304a1dc1862ac9dfaca5417e350b69effac1b9
9d02e7e0ac7a12c7669fb49e96b2d19d64bf73f3431acc40740e35b12594a106
a406f760754e7bb7371e45c84759400e768df46253d178640d1c7ee4bb8f98d2
a49cbd3cd52aadde65a06cc625b439a9adf69c21ae782162135e17fd2b707989
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b09f92636b59b39c4581829048ad191407896a6c272d53bfcbd028196a3bcf61
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1dce47905b8a2e6e1e5da69f1da637d583ae6d5186e06906a37ac24d0426224
bb5824e55fb08d11d1bbcc144d776acc19dddf21298c684ff143c1b0cfd046af
c3d9dbecb5b444a549c50b07db0c071782eb845e801e05fbe7a7d1c749ec3324
cc848766a744ea8d87aa42313146800afb34694a1684ae48f90e9d65a8102596
cd2f8298d146c9e82d2d8266a85469c50bef42b7cf205ace32aff74f70bcb191
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
cfd60e83c28f8ebe3af04c76bcc45837da9f6fb70256150f95d341276da2d569
d01a0ba0ba85352a3aadf16e49000c2be6e499de8bb53ec0d085b2d7d0a2c73c
d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de
d2c03bf880df9e560333794799492e08f013e96c9b442bfce435a25165e422f1
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
de276c12eeed008c61eab92a415cf899b8b2bce5895e735707cee87a6b01d543
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e900793533d5a24861457658acd88eefaf284309e5e5f8a049b9468af341abf2
eb1a571bc400edbc927e7d19dc2709bdcd20be3b933f37f01a37181956aaa338
ee871f0f2416fafa676fb2acddbd9803356dc2fcf505541f537b7ec31c82f3ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.savethechildren.it Open in urlscan Pro 212.35.198.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

80 Requests

100 %HTTPS

50 %IPv6

28 Domains

34 Subdomains

33 IPs

9 Countries

1250 kBTransfer

3358 kBSize

27 Cookies

7 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.savethechildren.it Open in urlscan Pro
212.35.198.153 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

100 %
HTTPS

50 %
IPv6

28
Domains

34
Subdomains

33
IPs

9
Countries

1250 kB
Transfer

3358 kB
Size

27
Cookies

80 HTTP transactions
0 data transactions