![](/screenshots/051d95b6-d895-4757-ba49-252d39962740.png)
savings.insurancebargains.net
Open in
urlscan Pro
20.69.117.1
Public Scan
Submission: On February 15 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on February 15th 2023. Valid for: 3 months.
This is the only time savings.insurancebargains.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 20.69.117.1 20.69.117.1 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
4 | 3.11.150.0 3.11.150.0 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 108.157.4.79 108.157.4.79 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700:10:... 2606:4700:10::6816:26b6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 52.6.30.198 52.6.30.198 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 13.32.118.65 13.32.118.65 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 44.196.193.95 44.196.193.95 | 14618 (AMAZON-AES) (AMAZON-AES) | |
25 | 7 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
savings.insurancebargains.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-150-0.eu-west-2.compute.amazonaws.com
script.anura.io |
ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-79.dus51.r.cloudfront.net
ads.anura.io |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-30-198.compute-1.amazonaws.com
create.leadid.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-65.fra60.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-193-95.compute-1.amazonaws.com
deviceid.trueleadid.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
insurancebargains.net
savings.insurancebargains.net |
89 KB |
5 |
leadid.com
create.leadid.com — Cisco Umbrella Rank: 14251 |
3 KB |
5 |
anura.io
script.anura.io — Cisco Umbrella Rank: 49459 ads.anura.io — Cisco Umbrella Rank: 81384 |
21 KB |
1 |
trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 15651 |
2 KB |
1 |
cloudfront.net
d2m2wsoho8qq12.cloudfront.net |
2 KB |
1 |
lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 22400 |
39 KB |
25 | 6 |
Domain | Requested by | |
---|---|---|
12 | savings.insurancebargains.net |
savings.insurancebargains.net
|
5 | create.leadid.com |
create.lidstatic.com
deviceid.trueleadid.com |
4 | script.anura.io |
savings.insurancebargains.net
script.anura.io |
1 | deviceid.trueleadid.com |
d2m2wsoho8qq12.cloudfront.net
|
1 | d2m2wsoho8qq12.cloudfront.net |
create.lidstatic.com
|
1 | create.lidstatic.com |
savings.insurancebargains.net
|
1 | ads.anura.io |
script.anura.io
|
25 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
savings.insurancebargains.net R3 |
2023-02-15 - 2023-05-16 |
3 months | crt.sh |
script.anura.io Amazon |
2022-07-12 - 2023-08-10 |
a year | crt.sh |
ads.anura.io Amazon |
2022-06-29 - 2023-07-28 |
a year | crt.sh |
lidstatic.com Cloudflare Inc ECC CA-3 |
2022-03-30 - 2023-03-30 |
a year | crt.sh |
create.leadid.com Amazon |
2022-09-21 - 2023-10-19 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
deviceid.trueleadid.com Amazon |
2022-12-08 - 2024-01-06 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://savings.insurancebargains.net/
Frame ID: 44319A15A6006D7914C65E9B80A09F6D
Requests: 22 HTTP requests in this frame
Frame:
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=775D867D-9068-55B8-65AF-1646DB514F61&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA
Frame ID: 6F29A79699C760F1ED100773257D6817
Requests: 1 HTTP requests in this frame
Frame:
https://deviceid.trueleadid.com/iframe.html?token=775D867D-9068-55B8-65AF-1646DB514F61&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=E4A414D8-5B2F-FC13-0E46-7F6E7994C38F&lac=28E26C96-47B1-6572-594C-870A142734FA
Frame ID: BB3E73678DA7D5A6564D5EBBBDE936B8
Requests: 2 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
savings.insurancebargains.net/ |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layout.css
savings.insurancebargains.net/landing/Auto/qis/css/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
savings.insurancebargains.net/css/frontend/ |
413 B 716 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sibs.png
savings.insurancebargains.net/logos/ |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img03.jpg
savings.insurancebargains.net/landing/Auto/qis/images/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.3.min.js
savings.insurancebargains.net/js/frontend/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validation.js
savings.insurancebargains.net/js/ |
12 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
landing.js
savings.insurancebargains.net/js/ |
11 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form_validation.js
savings.insurancebargains.net/js/ |
2 KB 894 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
criteo_event_call.js
savings.insurancebargains.net/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic_calls.js
savings.insurancebargains.net/js/ |
310 B 633 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
request.js
script.anura.io/ |
53 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
showads.js
ads.anura.io/ |
0 351 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e4a414d8-5b2f-fc13-0e46-7f6e7994c38f.js
create.lidstatic.com/campaign/ |
123 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
response.json
script.anura.io/ |
93 B 441 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
cnf.php
script.anura.io/ |
0 353 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
result.json
script.anura.io/ |
41 B 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
GenerateToken
create.leadid.com/2.11.9/ |
36 B 660 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
update-anura-status
savings.insurancebargains.net/ |
0 921 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 6F29 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
SaveDom
create.leadid.com/2.11.9/ |
0 623 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
InitFormData
create.leadid.com/2.11.9/ |
0 623 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.html
deviceid.trueleadid.com/ Frame BB3E |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Snap
create.leadid.com/2.11.9/ |
0 623 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SaveDeviceId.js
create.leadid.com/2.11.9/ Frame BB3E |
0 628 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
64 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| oncontentvisibilityautostatechange function| anuraResponseHandler function| resultHandler object| Anura function| $ function| jQuery string| results_url string| flow_url function| isValidEmail function| validateGender function| validateIsInsured function| validateOwnHome function| validateMaritalStatus function| validateHeight function| validateWeight function| validateAge function| validateDateOfBirth function| validateNames function| validateEmail function| validateAddressBKP function| validateAddress function| validateCity function| validateState function| validateZipCode function| validatePhone function| getObviouseValue function| validateMedicalCondition function| validateYears function| validateMonths function| validateHHSize function| validateHHIncome function| validateVehicleYears function| validateVehicleMake function| validateVehicleModel function| validateVehicleSubModel function| validateNumberOfVehicles function| validateHeaderZipCode function| validateAgeyear function| validateIsInsuredField function| validateDOB function| validateForm function| validateMultiFieldsForm function| validateTwoFieldsForm function| validateDOBForm function| is_app function| handle_lb_redirect function| validateMultiFieldsHomeForm function| validateMultiFieldsAutoNoVehicleForm function| validatePersonalloanForm function| validatePersonalloanSliderForm string| tid_criteo string| update_anura_status_url function| validateNamesV2 function| validateAddressV2 function| criteoEventCall function| updateAnuraStatus object| LeadiDconfig object| LeadiD string| label string| id boolean| sensitiveData object| defaultStyleFrame5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
savings.insurancebargains.net/ | Name: local_transaction_ids Value: eyJpdiI6IlpJSEZOYkt1Qm40dm9VbGh4Yi9VeGc9PSIsInZhbHVlIjoiMFEra0hsaXVjZGhpbUJJNEVLS0x5TmtleXY4SENUOXZ1M3pZa2NHeGxzdHJORW9oa1FsRlRrWEZTWmZFREhVQzVldmw1ZU5mS1RvSHZ6TnlTNDdqMzgwa09ibWhhQ3JxODVDbWJ0ditVOU5xY3hCbDNtMGZTUFh4ak9YeGxobU9ncmhuQ2dDdk8vYnlnS0l4aURTZjdnPT0iLCJtYWMiOiJjYzZjYWNkZTRiNzlmMTEwODlkOTBjOTE3ODNkMjlmYTA0YTc2MDExZTQzN2IwZGY2ZDY2Y2E2MDAwNTNkMGVlIiwidGFnIjoiIn0%3D |
|
savings.insurancebargains.net/ | Name: leadid_token-28E26C96-47B1-6572-594C-870A142734FA-E4A414D8-5B2F-FC13-0E46-7F6E7994C38F Value: 775D867D-9068-55B8-65AF-1646DB514F61 |
|
.deviceid.trueleadid.com/ | Name: uuid Value: 355574aa561b4af2a29a366aa51de79b |
|
savings.insurancebargains.net/ | Name: XSRF-TOKEN Value: eyJpdiI6IjNhaXR5T2NZSHg3Z0FYZDFGMTFuekE9PSIsInZhbHVlIjoiWWlSeGN3M1ZDazZsK3FMR21lTlkvTmtqVnpIN000TktzNFZTT01QMGpMNTdDSElPN2hpWDlkQ0NaQkl6OGM3bS9iN0w3RmpXUUpxRnlkRXpDdzJMNHpUajFSTDVYWUJPcjNNOTY1aTJJemVETmNXeTNyVDhoYTV5TGRaeWpQRlYiLCJtYWMiOiJhNzFjZGEwY2I5MWQ3ZWY3OTRkOTQ1OGJkZDk1MWUxMjVjODE1ODFhNWFjODI4OTFhYWMwNDFmYWU0YjFhY2E5IiwidGFnIjoiIn0%3D |
|
savings.insurancebargains.net/ | Name: admin_panel_session Value: eyJpdiI6InI4OTdOTVpUSlkvVmtQQ0JnazMwd2c9PSIsInZhbHVlIjoiQVA0cisvUW1WMmxQeExYVVhFazkzaEJUUVQ1eWh6dXJHd1AxbXg1T3lac3lDS2hsajNRRS9TcHdIQ2ljb1ZPd1NQTUZRUnU4N1hJbVltOUdRVUhvVGVwWEwvc1M2T1EvWmQyMjFTLzBOWUdrY0ZhWnUrSXV6SnNIeDZHaTNYcisiLCJtYWMiOiI0MDc5MGY1MWE2MThkYzhiYjk1Y2JmYTFiMjBjMzUwNTM4YmMyYWYzOGViODFkMzA2YjRhNTAzMDc5NDRjY2U5IiwidGFnIjoiIn0%3D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15724800; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.anura.io
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
savings.insurancebargains.net
script.anura.io
108.157.4.79
13.32.118.65
20.69.117.1
2606:4700:10::6816:26b6
3.11.150.0
44.196.193.95
52.6.30.198
0448e770a1d3e803604075e350f72a15962b3fa6098b14ac7f118ce1bdfc0356
04685bdefed2099cae5f544505b8319ee7ae4d0a7f90a93b2e764bde5cad1de6
1d8f7961f0862795b0a5054a126ffaad4adcb6bcc86ea4bd5f971ec84532a854
3b81feaf7885d0f1b7ad3ed370d6eecec6edc36b946a80aba83fdb3a4ce0fabc
47149ccce4364ba4495df62176857061e10c78b9f755596c46a922897daf7af1
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
686ec04932f0e5978a95d3ad807afb4999b2460b62c63a9c08f9fd998a3bd0f0
73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9
8a9d093ceac22f0c0d20aff5bae6daf84d29623be98906b6abb93e3482665261
9258476d7782a261fdd6bc8d38fe0db04f212447d260a0f6b959e12c30f1957c
b0a0aabbe776399a85220bf97a3482e59793ee730c348c779a764e51a6252fae
bcd60ebbacc78571b31ae08c7351d9e81c1974d5af28be29f2c959d486a91ae9
c99266c9e99b6029ec1bf10c72f8b599caadee3d580d1f1231a75849b244f205
ca1b39184cbe3b7cc53c8de16c49bb3acb80e32127ad2d8a732211b174e4dbd9
cc5a54e66a45775534e8ffac00f474e56d1771b92c393a9dae4d292aa4d7fcfa
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f39e45d88afb6d3a04525b47714cb078a5b0a20933d91da514c62d59bb6b3993
ff1ca0fe12dde4ce5374c68aba0fe142b848782b4871c412c558482e9c93ba0d