savingsrelief.com Open in urlscan Pro
2606:4700:3031::6815:4781  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response savingsrelief.com/	13 KB 6 KB	162ms 123ms	Document text/html	2606:4700:3031::6815:4781 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savingsrelief.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:4781 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7bdaba5e2dd844667d0ff1718e8e7f98f058bb49bbf8420e540612b5cc5e173b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7a4ca53a5e83bb8c-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 08 Mar 2023 17:02:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjZZU4IIPQZPYiXh3J6LOXuRce%2BQZ4oYXxWj%2FA%2BRZeUxSUDdy6dh5NfCbjxVJGWlfXLav4aGFPuKKFw%2FOf2JTRdGomLBCTyAlGEoaUeIlNr671slCCJOTJ5Zj1PKmevaqjjK6qXmf8OGtFUjd%2BU8YA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	css2 fonts.googleapis.com/	25 KB 1 KB	108ms 45ms	Stylesheet text/css	2a00:1450:400d:80d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700&display=swap Requested by Host: savingsrelief.com URL: https://savingsrelief.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 98389ace585f0ebd06c5647b190927f04e8fc29722da7dbfaa22600f56d39bca Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://savingsrelief.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 08 Mar 2023 17:02:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 08 Mar 2023 16:38:32 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 08 Mar 2023 17:02:22 GMT
GET H2	200	bootstrap.min.css savingsrelief.com/css/	138 KB 21 KB	113ms 112ms	Stylesheet text/css	2606:4700:3031::6815:4781 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savingsrelief.com/css/bootstrap.min.css Requested by Host: savingsrelief.com URL: https://savingsrelief.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:4781 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 316a6654a1e38088142995fd94b66dee27f4c21ba65053bf8f647c91a0e17980 Request headers accept-language de-DE,de;q=0.9 Referer https://savingsrelief.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 17:02:22 GMT content-encoding br cf-cache-status HIT last-modified Thu, 23 Sep 2021 11:59:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"614c6c3b-22737" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fd1KAsVbdmG%2FBbpwh5xZRSbNS9%2Byq7ICQeoi2OXAIa35FZ2UEo1Ll7n2LBrGWwuI%2Fs88jDz0v%2FHYpeBTTd%2BSufkdxHCZ63hNQDVlJ4Uan17OtWcHGv83AMHbNs9OdvwxtCz%2B0Lfv8ghdytsDIO4a%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=2592000 cf-ray 7a4ca53b3805bb8c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	style1.css savingsrelief.com/css/	6 KB 2 KB	106ms 105ms	Stylesheet text/css	2606:4700:3031::6815:4781 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savingsrelief.com/css/style1.css?v=fb8417298 Requested by Host: savingsrelief.com URL: https://savingsrelief.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:4781 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ca9683422030652586b766a5dcd2486518a3b66ebcae862931242dbe45e8af7 Request headers accept-language de-DE,de;q=0.9 Referer https://savingsrelief.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 17:02:22 GMT content-encoding br cf-cache-status HIT last-modified Thu, 23 Sep 2021 11:59:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"614c6c3d-1945" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsW8W7vuJUyPvGOQf6vRzPRgW89I9E5Ym1MiZ0JQAPcE%2BU633HG4mGZtOblDYuXKphGaobHmt%2BF6A7KuQba7MJQc%2BJqSJGvpnJssjSxoAvrjIG%2F1vJb%2FoQb%2FA9ZK47G9EL3H%2BcK%2Bx19AYbTaqrgvug%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=2592000 cf-ray 7a4ca53b3806bb8c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	font-awesome.min.css savingsrelief.com/css/	32 KB 6 KB	111ms 110ms	Stylesheet text/css	2606:4700:3031::6815:4781 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savingsrelief.com/css/font-awesome.min.css Requested by Host: savingsrelief.com URL: https://savingsrelief.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:4781 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 382b40894696653c2258b08a376f22727e41e4790b3810d2c4b5d352495d1904 Request headers accept-language de-DE,de;q=0.9 Referer https://savingsrelief.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 17:02:22 GMT content-encoding br cf-cache-status HIT last-modified Thu, 23 Sep 2021 11:59:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"614c6c3c-7f56" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDyVdfM%2Fk2ao66JwKJ6G6GGIIMKZsHYiG2kHMwLX%2Bj2lTJo6a9fep15eU5h8Bp0obVKD%2FdJK6FFAbB7NseTPlvZ%2BbeQXLdyapns0G4Rdt%2FnTPk2TQmfkR7G%2FSHE6KyZF2v%2BKm1w6QcKsS8IRgap4uw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=2592000 cf-ray 7a4ca53b3808bb8c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	logo.png savingsrelief.com/images/	11 KB 11 KB	108ms 106ms	Image image/png	2606:4700:3031::6815:4781 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://savingsrelief.com/images/logo.png?v=f369c8 Requested by Host: savingsrelief.com URL: https://savingsrelief.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4781 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce0c7f3215ef1b145297431bfb8436dcd62a923b71f75bc937463894bfae88b9 Request headers accept-language de-DE,de;q=0.9 Referer https://savingsrelief.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 17:02:22 GMT cf-cache-status HIT last-modified Thu, 23 Sep 2021 12:37:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "614c7527-2b07" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FXUSzW7MTlFX%2FOmmQvqlOUE7gEBzXFniru%2FDAGQy1bS5P2Ma0gu9aWSMCqGwU0ttv3oSlw9ynXV2PEzBVOVREDw1NAImCxqyncwCrdHDZGvKfD5Uf%2B6VlnmCLYZiiMwqgYUkTvIzZWkuq48a02gGQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7a4ca53bfe995c20-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 11015
GET H3	200	usa_flag.png savingsrelief.com/images/	5 KB 5 KB	115ms 113ms	Image image/png	2606:4700:3031::6815:4781 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://savingsrelief.com/images/usa_flag.png Requested by Host: savingsrelief.com URL: https://savingsrelief.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4781 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5dd422f594b44df82374f32bc10838eb869fb9bfba63570934406da5910c9288 Request headers accept-language de-DE,de;q=0.9 Referer https://savingsrelief.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 17:02:22 GMT cf-cache-status HIT last-modified Thu, 23 Sep 2021 11:59:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "614c6c21-13bf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EU1Y2gWFC1%2FJqe389cSWQ52GEs4YU3ge8Ab4exxqqSOtEWsHkTlgFj7rLwOzWknRr0og3QCjmpisvvCYCb6tfILxYzmbHcVXcBRVyo8SNnV6LV3TIwCKTiHnfwsD5lnC8%2BYE6UvawiYSKzMvBoDdUQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7a4ca53bfe9b5c20-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5055
GET H3	200	1547189564951_fran.png savingsrelief.com/images/	9 KB 9 KB	115ms 114ms	Image image/png	2606:4700:3031::6815:4781 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://savingsrelief.com/images/1547189564951_fran.png Requested by Host: savingsrelief.com URL: https://savingsrelief.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4781 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7896837d123bc4788467c73cb4cf5cbf463f89ba3772b98debb072a2cd38b423 Request headers accept-language de-DE,de;q=0.9 Referer https://savingsrelief.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 17:02:22 GMT cf-cache-status HIT last-modified Thu, 23 Sep 2021 11:59:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "614c6c1e-22ea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0kpwlZExtX4C%2Bi3PeQgn3IPhsDWgLgl59nJUYMi8lprBvBdhLWEAvWoJDUTVmgDz%2B%2B0jEQEkqT%2B3R1BMGfuVtUaAsEBcjNu4Y7hNcgfxIzuoCUM9xPicAhbdeUODvbfzwIk7ulF1awICNMEcpE8yQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7a4ca53bfe9c5c20-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8938
GET H3	200	1594223353489_open.jpg savingsrelief.com/images/	35 KB 35 KB	136ms 135ms	Image image/jpeg	2606:4700:3031::6815:4781 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://savingsrelief.com/images/1594223353489_open.jpg Requested by Host: savingsrelief.com URL: https://savingsrelief.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4781 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38be2326f62d65e1f8788cf349eb69c64ed5681d4f11c64c8b300c9358261973 Request headers accept-language de-DE,de;q=0.9 Referer https://savingsrelief.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 17:02:22 GMT cf-cache-status HIT last-modified Thu, 23 Sep 2021 11:59:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "614c6c1e-8b8e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nn0mb5nRIVjAaFxf8QZz15Eb7OV1ph618h2P4oBRZx9JGg7pkCE2Tb2%2FUPJD5yT8ZbZd726kWm2SOG5QPzinpbfNUitbNt5OCcwbqTGF%2BklsuG5h4T5dODPvQQ8%2BIfXxAvP%2FCDQB%2BETfn5HyBNt1hg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7a4ca53bfe9e5c20-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 35726
GET H3	200	blink.js Show response savingsrelief.com/js/	2 KB 1 KB	111ms 110ms	Script application/javascript	2606:4700:3031::6815:4781 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savingsrelief.com/js/blink.js Requested by Host: savingsrelief.com URL: https://savingsrelief.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4781 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57301cbb2c003750c5fe3991020d85e03d15fe8b98d5485d68449f990a402cd4 Request headers accept-language de-DE,de;q=0.9 Referer https://savingsrelief.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 17:02:22 GMT content-encoding br cf-cache-status HIT last-modified Thu, 23 Sep 2021 11:59:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"614c6c14-71d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfvmfmWvNmgGeD5Kboo%2BORuSx%2BnnEL3ZxRQ7mbQunfp7uPPrY5JX5k%2B04pXl5kkbWbh98Ug8TCgRbiRSFXvdixipFeEQgxLhKjs21V6lYet117qPp9B3hhZBhNi16Ezcjdz0Xdl1K0YbzHfD3EoAZw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000 cf-ray 7a4ca53bfe855c20-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jquery.min.js Show response savingsrelief.com/js/	94 KB 34 KB	121ms 121ms	Script application/javascript	2606:4700:3031::6815:4781 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savingsrelief.com/js/jquery.min.js Requested by Host: savingsrelief.com URL: https://savingsrelief.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4781 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Request headers accept-language de-DE,de;q=0.9 Referer https://savingsrelief.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 17:02:22 GMT content-encoding br cf-cache-status HIT last-modified Thu, 23 Sep 2021 11:59:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"614c6c16-176f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FENuc2v6n3c%2FW%2FlLMXq%2BS99O8C9RbKGQo%2BNrzR5kR2EtkTMqAN5eGKS2Io%2F2lYmGV%2BbvE5Bk%2FJZSpnwaXctiqOdNsOsOrQIez9Gf2l8Mqwid%2BULjOBkK5E1oDpSot816X2k9FI%2Fl%2FFlscdXLV%2F59A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000 cf-ray 7a4ca53bfe895c20-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	bootstrap.min.js Show response savingsrelief.com/js/	36 KB 10 KB	122ms 121ms	Script application/javascript	2606:4700:3031::6815:4781 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savingsrelief.com/js/bootstrap.min.js Requested by Host: savingsrelief.com URL: https://savingsrelief.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4781 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a Request headers accept-language de-DE,de;q=0.9 Referer https://savingsrelief.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 17:02:22 GMT content-encoding br cf-cache-status HIT last-modified Thu, 23 Sep 2021 11:59:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"614c6c16-9004" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdO3y214uNyW5hiydu26QhjjuJVc7bprfveHQ%2Bpbkcq1rfxR8aQoSEP7uVOlKyd4c6ya0UEniZLuhmAg8QFbjmip7USGKzycX3YPIxswI3QCC8sq89DWWDISlp9KVdNgfwfFdmFe07d1DFQQCqsvhw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000 cf-ray 7a4ca53bfe935c20-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	400	.js track.wenthub.com/d/	0 0	406ms 8ms	Script text/html	18.195.123.247 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.wenthub.com/d/.js?lpref=&lpurl=https%3A%2F%2Fsavingsrelief.com%2F&lpt=Health%20Insurance%20Open%20Enrollment%202020%3A%20You%20May%20Not%20Have%20to%20Wait&t=1678294942073 Requested by Host: savingsrelief.com URL: https://savingsrelief.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.195.123.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-123-247.eu-central-1.compute.amazonaws.com Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://savingsrelief.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers
GET H3	200	RobotoSlab-Bold.ttf savingsrelief.com/fonts/	182 KB 182 KB	140ms 140ms	Font application/octet-stream	2606:4700:3031::6815:4781 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savingsrelief.com/fonts/RobotoSlab-Bold.ttf Requested by Host: savingsrelief.com URL: https://savingsrelief.com/css/style1.css?v=fb8417298 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4781 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f4fd144e50eba9f4d2402db064f719b8c9a16428d2fc77a5cfbf823bb505578 Request headers Referer https://savingsrelief.com/css/style1.css?v=fb8417298 Origin https://savingsrelief.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 17:02:22 GMT cf-cache-status MISS last-modified Thu, 23 Sep 2021 11:59:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "614c6c2f-2d7d0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYZD%2FRfAwzEGmk3O5%2F%2FdjACZPgVtfRiVcSAgpKPwUV4oYlVQI%2BjHPACM1x%2Bv5XfQw%2F3Tc77EVHk%2FjNAqznWHoK6i3tsvi54ZuCNgOoTTX9RND9yzx3IWqUC9kXZcIAmnXoTRqIKS2aUYfC9bUvPjQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7a4ca53c0ea45c20-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 186320
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	86ms 20ms	Font font/woff2	2a00:1450:400d:80d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://savingsrelief.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 02 Mar 2023 19:34:57 GMT x-content-type-options nosniff age 509245 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Mar 2024 19:34:57 GMT
GET H3	200	fontawesome-webfont.woff2 savingsrelief.com/fonts/	63 KB 63 KB	169ms 169ms	Font application/font-woff2	2606:4700:3031::6815:4781 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://savingsrelief.com/fonts/fontawesome-webfont.woff2?v=4.4.0 Requested by Host: savingsrelief.com URL: https://savingsrelief.com/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4781 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019 Request headers Referer https://savingsrelief.com/css/font-awesome.min.css Origin https://savingsrelief.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 17:02:22 GMT cf-cache-status MISS last-modified Thu, 23 Sep 2021 11:59:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "614c6c2a-fbd0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4s19BKBVJRI9DE2vJVnewvgH%2B679y0JTwZtcKAx3%2F3GXrxrgQindcC9pzUvDd34broWutO4Q2iQFqPiYwcUko%2FbgTs6ytTtLrHE0MUsuP0Q%2B1ojWk6ZtxAA5F7%2BOkExA0xo2DmiPziuPQSPGm8EtMA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff2 cache-control public, max-age=2592000 accept-ranges bytes cf-ray 7a4ca53c0ea55c20-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 64464

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| dtpCallback string| flash_title function| startTimer function| flashTitle function| cancelFlashTitle function| $ function| jQuery object| jQuery1113009167373334689177 object| d object| months number| date string| month number| year object| $yesterday

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://track.wenthub.com/d/.js?lpref=&lpurl=https%3A%2F%2Fsavingsrelief.com%2F&lpt=Health%20Insurance%20Open%20Enrollment%202020%3A%20You%20May%20Not%20Have%20to%20Wait&t=1678294942073 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
savingsrelief.com
track.wenthub.com
18.195.123.247
2606:4700:3031::6815:4781
2a00:1450:400d:80d::2003
2a00:1450:400d:80d::200a
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
316a6654a1e38088142995fd94b66dee27f4c21ba65053bf8f647c91a0e17980
382b40894696653c2258b08a376f22727e41e4790b3810d2c4b5d352495d1904
38be2326f62d65e1f8788cf349eb69c64ed5681d4f11c64c8b300c9358261973
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
57301cbb2c003750c5fe3991020d85e03d15fe8b98d5485d68449f990a402cd4
5ca9683422030652586b766a5dcd2486518a3b66ebcae862931242dbe45e8af7
5dd422f594b44df82374f32bc10838eb869fb9bfba63570934406da5910c9288
6f4fd144e50eba9f4d2402db064f719b8c9a16428d2fc77a5cfbf823bb505578
7896837d123bc4788467c73cb4cf5cbf463f89ba3772b98debb072a2cd38b423
7bdaba5e2dd844667d0ff1718e8e7f98f058bb49bbf8420e540612b5cc5e173b
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
98389ace585f0ebd06c5647b190927f04e8fc29722da7dbfaa22600f56d39bca
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
ce0c7f3215ef1b145297431bfb8436dcd62a923b71f75bc937463894bfae88b9