urlscan.io logo urlscan.io
SecurityTrails logo

saveyoumoney.biz Open in urlscan Pro
77.111.240.159  Public Scan

Go To Rescan Add Verdict Report
URL: https://saveyoumoney.biz/
Submission: On July 15 via automatic, source certstream-suspicious — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 77.111.240.159, located in Copenhagen, Denmark and belongs to ONECOM, DK. The main domain is saveyoumoney.biz.
TLS certificate: Issued by E5 on July 15th 2024. Valid for: 3 months.
This is the only time saveyoumoney.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 77.111.240.159 51468 (ONECOM)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2
Apex Domain
Subdomains		 Transfer
2 saveyoumoney.biz
saveyoumoney.biz
1 KB
1 uw.co.uk
partner.uw.co.uk
1 uw.partners
uw.partners
322 B
3 3
Domain Requested by
2 saveyoumoney.biz
1 partner.uw.co.uk saveyoumoney.biz
1 uw.partners 1 redirects
3 3

This site contains no links.

Subject Issuer Validity Valid
*.saveyoumoney.biz
E5		 2024-07-15 -
2024-10-13		 3 months crt.sh
partner.uw.co.uk
GTS CA 1P5		 2024-06-05 -
2024-09-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://saveyoumoney.biz/
Frame ID: F373990CFA97DEC12EC29D95075BAD67
Requests: 2 HTTP requests in this frame

Frame: https://partner.uw.co.uk/partner/kiran-vadgama-c69591
Frame ID: FFFEEC5A9DEAB7561815817E62CE2A1D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

"saveyoumoney.biz"

Page Statistics

3
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://uw.partners/kiran.vadgama HTTP 308
  • https://partner.uw.co.uk/partner/kiran-vadgama-c69591

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
saveyoumoney.biz/ 		449 B
729 B 		Document
General
Check archive.org
Download Go to
Full URL
https://saveyoumoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.111.240.159 Copenhagen, Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
webcluster1.webpod11-cph3.one.com
Software
/
Resource Hash
93b2546b6a502137094cb3db7f7a6a5a6a5f6ae752446de9e0b88ba734fcd8bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
cache-control
max-age:600, public
content-length
449
content-type
text/html; charset=utf-8
date
Mon, 15 Jul 2024 09:44:26 GMT
expires
Mon, 15 Jul 2024 09:54:26 GMT
last-modified
Mon, 15 Jul 2024 09:44:26 GMT
via
1.1 webcache1 (Varnish/trunk)
x-onecom-cluster-name
x-varnish
2116420943 1988377720
kiran-vadgama-c69591
partner.uw.co.uk/partner/ Frame FFFE
Redirect Chain
  • https://uw.partners/kiran.vadgama
  • https://partner.uw.co.uk/partner/kiran-vadgama-c69591
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://partner.uw.co.uk/partner/kiran-vadgama-c69591
Requested by
Host: saveyoumoney.biz
URL: https://saveyoumoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://saveyoumoney.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
body-hash
Ora5qfv28ILukbCMPcGnh60p1i2qggkcTSpR4uviC/i/x/GYdMvloqKDYJK6ytph/fAJmTaJ2qL0ik3ZzalrNA==
cache-control
max-age=0, s-maxage=3600, must-revalidate
cf-cache-status
MISS
cf-ray
8a38d0675d160a30-ARN
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 15 Jul 2024 09:44:28 GMT
etag
W/"7n40g9a2nWhCk+GZ3Vo4MVcy8OD1hI7PG1qLpclKEeExhxeIkIngRMoM3QZnOQXsZyfB0bz5tPDDWHbALBs5RA=="
last-modified
Fri, 12 Jul 2024 16:01:23 GMT
owner
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-yext-serving-tags
static_file
x-yext-site
us2

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8a38d0647f130a1f-ARN
content-type
text/html; charset=utf-8
date
Mon, 15 Jul 2024 09:44:27 GMT
location
https://partner.uw.co.uk/partner/kiran-vadgama-c69591
server
cloudflare
strict-transport-security
max-age=15768000; includeSubDomains; preload
x-content-type-options
nosniff
favicon.ico
saveyoumoney.biz/ 		473 B
742 B 		Other
General
Check archive.org
Download Go to
Full URL
https://saveyoumoney.biz/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.111.240.159 Copenhagen, Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
webcluster1.webpod11-cph3.one.com
Software
/
Resource Hash
04d8934825973ad0da3ea9b4ea2836831be74282af2cb81fb65f4e773b6bf342

Request headers

Referer
https://saveyoumoney.biz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 09:44:30 GMT
via
1.1 webcache1 (Varnish/trunk)
x-onecom-cluster-name
last-modified
Mon, 15 Jul 2024 09:44:30 GMT
age
0
content-type
text/html; charset=utf-8
x-varnish
2116420944
cache-control
max-age:600, public
accept-ranges
bytes
content-length
473
expires
Mon, 15 Jul 2024 09:54:30 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

16 Cookies

Domain/Path Name / Value
.uw.partners/ Name: _cfuvid
Value: b.yxvFLtD1UzlNRuTlJqO6ZtLm1d8d7HRQSOl26o7ZM-1721036667775-0.0.1.1-604800000
.partner.uw.co.uk/ Name: __cf_bm
Value: HanaqUhieUO1t4e851y7Sw1HP48aaULR_4LYZkcsSlc-1721036668-1.0.1.1-2hXMPEzxE1rsqxWfzUfVXE0BW8f7BWVdcsGoz5wduGrtrvXm8GSslRuPPaJBopbfR3D.31B4JHpSIRwMgBH2kg
.bing.com/ Name: MUID
Value: 05ADD2B31D4167DC1932C60E1C2A660D
.wufoo.com/ Name: ep201
Value: zMrzt0rTytDYl1Zoszq4unkGMVI=
.doubleclick.net/ Name: ar_debug
Value: 1
www.clarity.ms/ Name: CLID
Value: fe257b5b708a4d0a9ae7c2cc86fdacf4.20240715.20250715
.doubleclick.net/ Name: IDE
Value: AHWqTUkOToxeqQ8IsDvWmj2-87z5qwflhQafgbKq4bxCs4VuWhBukZEx-vmZ-klDN9Y
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
partner.uw.co.uk/ Name: _sp_ses.6998
Value: *
partner.uw.co.uk/ Name: _sp_id.6998
Value: dd676666-acd1-4ad4-b1ef-79b4b1da5107.1721036670.1.1721036670..71453aef-f6ff-4e38-846a-3f509009093b..a1889ab4-0a92-4575-ab32-91dd187ebe8b.1721036670247.1
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 05ADD2B31D4167DC1932C60E1C2A660D
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 05ADD2B31D4167DC1932C60E1C2A660D
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

partner.uw.co.uk
saveyoumoney.biz
uw.partners
2606:4700::6812:1b73
2606:4700::6812:548
77.111.240.159
04d8934825973ad0da3ea9b4ea2836831be74282af2cb81fb65f4e773b6bf342
93b2546b6a502137094cb3db7f7a6a5a6a5f6ae752446de9e0b88ba734fcd8bd