urlscan.io logo urlscan.io
SecurityTrails logo

saberpension.com Open in urlscan Pro
104.196.249.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://saberpension.com/
Effective URL: https://saberpension.com/
Submission: On October 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 30 HTTP transactions. The main IP is 104.196.249.35, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is saberpension.com.
TLS certificate: Issued by R3 on September 18th 2023. Valid for: 3 months.
This is the only time saberpension.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    104.196.249.35 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 35.249.196.104.bc.googleusercontent.com
saberpension.com
7    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    143.204.98.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-90.fra50.r.cloudfront.net
lib.showit.co
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.google.bg
6    65.9.66.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-124.fra56.r.cloudfront.net
static.showit.co
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 showit.co
lib.showit.co — Cisco Umbrella Rank: 81314
static.showit.co — Cisco Umbrella Rank: 66939
348 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
535 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 gstatic.com
fonts.gstatic.com
43 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
ajax.googleapis.com — Cisco Umbrella Rank: 364
32 KB
2 saberpension.com
saberpension.com
16 KB
1 google.bg
www.google.bg — Cisco Umbrella Rank: 32521
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
455 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
4 KB
30 10
Domain Requested by
7 www.googletagmanager.com saberpension.com
www.googletagmanager.com
6 static.showit.co saberpension.com
3 lib.showit.co saberpension.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 region1.google-analytics.com www.googletagmanager.com
2 saberpension.com 1 redirects
1 www.google.bg saberpension.com
1 www.google.com saberpension.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 ajax.googleapis.com saberpension.com
1 cdnjs.cloudflare.com saberpension.com
1 fonts.googleapis.com saberpension.com
30 13

This site contains no links.

Subject Issuer Validity Valid
saberpension.com
R3		 2023-09-18 -
2023-12-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.showit.com
Amazon RSA 2048 M02		 2023-07-11 -
2024-08-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.google.bg
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://saberpension.com/
Frame ID: E5636B9B5B5D46EFC0FFFD8369F3B665
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Saber Pension & Actuarial Services

Page URL History Show full URLs

  1. http://saberpension.com/ HTTP 301
    https://saberpension.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

97 %
HTTPS

75 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

1001 kB
Transfer

2428 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://saberpension.com/ HTTP 301
    https://saberpension.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
saberpension.com/
Redirect Chain
  • http://saberpension.com/
  • https://saberpension.com/
214 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.249.35 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
35.249.196.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
8389c5ee1ee6fd73ed3a0cfdb24fd2c4f05d1a77bc2fac6bec0f0d1ccb60964d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 28 Oct 2023 16:38:21 GMT
link
<https://saberpension.com/wp-json/>; rel="https://api.w.org/"
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 4
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sat, 28 Oct 2023 16:38:20 GMT
Keep-Alive
timeout=20
Location
https://saberpension.com/
Server
nginx
js
www.googletagmanager.com/gtag/ 		294 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SNW6RLP26D
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
05c9b7a03674f6d0f31936f8ee84d37d9c36d58828dcbe6756c489146722229c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 16:38:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96875
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 28 Oct 2023 16:38:21 GMT
js
www.googletagmanager.com/gtag/ 		200 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-802457412
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0917879e99b0635e275634fedc11d350969353bc1cd034c37a34fdc264dde48d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 16:38:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73644
x-xss-protection
0
last-modified
Sat, 28 Oct 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 28 Oct 2023 16:38:21 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Franklin:500|Lato:300|Quicksand:regular|Libre+Franklin:600|Libre+Franklin:700|Montserrat:400
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
93576bccf64cee775618d97992b3e10382aa30e34774239460826d659521af15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 28 Oct 2023 16:38:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 28 Oct 2023 16:38:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 28 Oct 2023 16:38:21 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/ 		54 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/animate.min.css
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 16:38:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4383652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3197
last-modified
Thu, 22 Jun 2023 10:45:16 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"6494263c-c7d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWdnwM7XfLcbsajf7QjGb8T28EleHS5JRB4BeZsmw7eXy7ZPkbHeAb1hzuJxP2P%2BCANZfZEF5bkeY5oqdZcrsP%2BSKna7ADinyswwQswCFW95pxWuWeSKwuKNdVTVZP2tPL%2B21Cif8q6M2NsE6WrEpHAB"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81d49bd2388137da-FRA
expires
Thu, 17 Oct 2024 16:38:21 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 22:19:12 GMT
showit-lib.min.js
lib.showit.co/engine/2.0.0/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.showit.co/engine/2.0.0/showit-lib.min.js
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-90.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
057e87bdcfd060b16b332a2aee0b18f4ac87c426a34c02f46c38db16f605ee6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 17:39:26 GMT
content-encoding
gzip
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 22:23:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
514735
x-amz-server-side-encryption
AES256
etag
W/"f77d82fb898b736c95c58c9c2f8ce259"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
k1yUiebFHB6GYSe76-lQqraTnaA1DQOfvwoo4Uvegxwp2TUyp9qRYQ==
showit.min.js
lib.showit.co/engine/2.0.0/ 		60 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.showit.co/engine/2.0.0/showit.min.js
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-90.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
902665e5de2e69c3e9d876a9477b97c5a364abb66940fdb193ed977d27590b41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 18:32:47 GMT
content-encoding
gzip
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 22:23:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
252335
x-amz-server-side-encryption
AES256
etag
W/"90881c68c20d2a097a59b2094ad7469f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
lf1YoyjbdPfuVsVl8kcxOGIw3nGyr9r0dL4kksWk_AEHvZDZln9iMw==
showit.css
lib.showit.co/engine/2.0.0/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lib.showit.co/engine/2.0.0/showit.css
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-90.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
837f8b46e17fedf595bc8784a22d87aa835ff52d20d931184ddc854c09fbfb73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 06:07:58 GMT
content-encoding
gzip
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 22:23:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
297024
etag
W/"8e74b817a46d3ed438a34b919f7bd280"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
GrTcv1EnqthvpAgHInZpC6syBtAh2hmfDwxhdkpf0FkHfAL6bREffw==
js
www.googletagmanager.com/gtag/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-119764677-1
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d0bb07cdf8eab0d0ee2e29063479937f2d46d928b1e3efa173424d505f79309d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 16:38:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68645
x-xss-protection
0
last-modified
Sat, 28 Oct 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 28 Oct 2023 16:38:21 GMT
gtm.js
www.googletagmanager.com/ 		151 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSFRRX5
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b3a2f2e2676343a1f0108e3097c4d45f751bd254d2656456ee2639d8d0be43d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 16:38:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58478
x-xss-protection
0
last-modified
Sat, 28 Oct 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 28 Oct 2023 16:38:21 GMT
js
www.googletagmanager.com/gtag/ 		294 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SNW6RLP26D&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-802457412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0726243e4c1f4138542e35af17a0b89a5194aa595dd74353b27c3d0bd76d90ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 16:38:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97026
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 28 Oct 2023 16:38:21 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/802457412/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/802457412/?random=1698511101897&cv=11&fst=1698511101897&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9100283876&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsaberpension.com%2F&hn=www.googleadservices.com&frm=0&tiba=Saber%20Pension%20%26%20Actuarial%20Services&auid=1304235796.1698511102&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-802457412
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71a93848751fddf17b184d270ec58cc5c39a0bf835a007c800b5b86b1e62bba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Oct 2023 16:38:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SNW6RLP26D&gtm=45je3ap0v897059911&_p=987029332&gcd=11l1l1l1l1&cid=1718625130.1698511102&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1698511101&sct=1&seg=0&dl=https%3A%2F%2Fsaberpension.com%2F&dt=Saber%20Pension%20%26%20Actuarial%20Services&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SNW6RLP26D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Oct 2023 16:38:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saberpension.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-119764677-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-802457412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba14a9d8f2899bdfe225163a8105b36352bd6a84e935e2359fcb5ac3915d7ec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 16:38:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68674
x-xss-protection
0
last-modified
Sat, 28 Oct 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 28 Oct 2023 16:38:21 GMT
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v14/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin:500|Lato:300|Quicksand:regular|Libre+Franklin:600|Libre+Franklin:700|Montserrat:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saberpension.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 02:26:09 GMT
x-content-type-options
nosniff
age
396733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28224
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:23:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Oct 2024 02:26:09 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin:500|Lato:300|Quicksand:regular|Libre+Franklin:600|Libre+Franklin:700|Montserrat:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saberpension.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 18:24:28 GMT
x-content-type-options
nosniff
age
166434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14940
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:46:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 18:24:28 GMT
saber_pension_and_actuarial_services-01_website_trademark.png
static.showit.co/800/64ey6cKLQXm_T8lM5-urVQ/72348/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.showit.co/800/64ey6cKLQXm_T8lM5-urVQ/72348/saber_pension_and_actuarial_services-01_website_trademark.png
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-124.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7a519573708a6e9330d18b80842f11bd74d070c7606a72999176472fcbf0756b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 04:47:45 GMT
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Fri, 26 Apr 2019 22:51:15 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
1252237
etag
e3d6f0a676360862ebb1fd3a9ecd6e48
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
cache-control
max-age=86400
content-length
23735
media-server
node
x-amz-cf-id
7xL3cG6P8lbNOaQWKsummcEGDDsunByu_iCMoILzEJqEoxO4MlItYQ==
saber_pension_and_actuarial_services-01_website_trademark.png
static.showit.co/400/64ey6cKLQXm_T8lM5-urVQ/72348/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.showit.co/400/64ey6cKLQXm_T8lM5-urVQ/72348/saber_pension_and_actuarial_services-01_website_trademark.png
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-124.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
044542c81f6fb82787f4c461a60263b6752079fdfecf8a371aa1d1174e46afc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:20:27 GMT
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Fri, 26 Apr 2019 22:56:16 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
425875
etag
b44f6ad7058dac8f7c4d6a0133dfeaec
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
cache-control
max-age=86400
content-length
10507
media-server
node
x-amz-cf-id
su-rGrNIbIkHCskVRIkWbaPgT1QMhbmno7B4o-5ldirCa0HxCjP7dA==
saber_pension_and_actuarial_services-01_website_trademark.png
static.showit.co/1200/64ey6cKLQXm_T8lM5-urVQ/72348/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.showit.co/1200/64ey6cKLQXm_T8lM5-urVQ/72348/saber_pension_and_actuarial_services-01_website_trademark.png
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-124.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
5cc35475de1b954350fcfe9df35b9398cac5133a88b6cc5b9f0e7b11550d91c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:20:27 GMT
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Fri, 26 Apr 2019 23:02:38 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
425875
etag
6db11ebddc6300fc40ffdc25429cb449
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
cache-control
max-age=86400
content-length
38105
media-server
node
x-amz-cf-id
Om4ZPtUefXUHqOBjChd77clBQwbexOfr6zCfqadCpcOIIbg6GvKf4A==
businessman_explaining_-_resized.jpg
static.showit.co/1600/qTrtbOwGRVuSUD14ndHzbg/72348/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.showit.co/1600/qTrtbOwGRVuSUD14ndHzbg/72348/businessman_explaining_-_resized.jpg
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-124.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
3b24d65aefdc0a871c6b8feb32f16f1ea9b97e5284c492a37dbbaf18a06a5dd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 16:38:22 GMT
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Wed, 22 May 2019 15:06:41 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
etag
62c7b7c660464c05aa1f6b207d4c939f
vary
Origin
x-cache
Miss from cloudfront
content-type
image/jpeg
access-control-allow-origin
cache-control
max-age=86400
content-length
132625
media-server
node
x-amz-cf-id
mbMl1f4RZoGXhXLp7WpEZwvJATjJ_AEX432Pr8B5EwMrL-Zos2-T0g==
young_business_woman_2_-_resized.jpg
static.showit.co/800/xSiqyoKBTquaeR7T2TARKQ/72348/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.showit.co/800/xSiqyoKBTquaeR7T2TARKQ/72348/young_business_woman_2_-_resized.jpg
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-124.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9830cb621e4f3338f1f93ea42afa54c2e8b2fae24344a3bdd2f3d9e7fd6c9d37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 17:00:10 GMT
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Tue, 21 May 2019 19:51:26 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
517092
etag
40cffd11c60a08a248579b6e18ffab68
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
cache-control
max-age=86400
content-length
52019
media-server
node
x-amz-cf-id
5DpJhiqU42GchYQQYdDppgRrQUyyBeEfFabKJ00yhqgudGLCre7Ilw==
paper_and_pen_-_resized.jpg
static.showit.co/800/F5rJocY1TaiqsKRIHcIXKA/72348/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.showit.co/800/F5rJocY1TaiqsKRIHcIXKA/72348/paper_and_pen_-_resized.jpg
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-124.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
35e50a79f755745d85d51bc3f21ab246a1f41279b2a18f32cf87c2c3c1af3885

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 02:14:36 GMT
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Tue, 21 May 2019 20:04:14 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
311026
etag
2ddbf9c82a5e54ac6435c5d2ac28fee1
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
cache-control
max-age=86400
content-length
56757
media-server
node
x-amz-cf-id
FBUi07JeXPl0DvzDhQyJ7hCPfiU7JuiOCbPZc7WX_I1-jK4bYUYZNw==
js
www.googletagmanager.com/gtag/ 		238 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VMW41XY6KC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119764677-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ab4a3a0b6a7e2a7d8ff767836071b9c688b87576e81bf563251250a354c5c01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 16:38:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83622
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 28 Oct 2023 16:38:22 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119764677-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 28 Oct 2023 15:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2920
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 28 Oct 2023 17:49:42 GMT
/
www.google.com/pagead/1p-user-list/802457412/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/802457412/?random=1698511101897&cv=11&fst=1698508800000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9100283876&u_w=1600&u_h=1200&url=https%3A%2F%2Fsaberpension.com%2F&frm=0&tiba=Saber%20Pension%20%26%20Actuarial%20Services&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4102745694&rmt_tld=0&ipr=y
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Oct 2023 16:38:22 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.bg/pagead/1p-user-list/802457412/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.bg/pagead/1p-user-list/802457412/?random=1698511101897&cv=11&fst=1698508800000&bg=ffffff&guid=ON&async=1&gtm=45be3ap0v9100283876&u_w=1600&u_h=1200&url=https%3A%2F%2Fsaberpension.com%2F&frm=0&tiba=Saber%20Pension%20%26%20Actuarial%20Services&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4102745694&rmt_tld=1&ipr=y
Requested by
Host: saberpension.com
URL: https://saberpension.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Oct 2023 16:38:22 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VMW41XY6KC&gtm=45je3ap0v9138341689&_p=987029332&gcd=11l1l1l1l1&cid=1718625130.1698511102&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&ngs=1&_s=1&sid=1698511102&sct=1&seg=0&dl=https%3A%2F%2Fsaberpension.com%2F&dt=Saber%20Pension%20%26%20Actuarial%20Services&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VMW41XY6KC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://saberpension.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Oct 2023 16:38:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saberpension.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=987029332&t=pageview&_s=1&dl=https%3A%2F%2Fsaberpension.com%2F&ul=en-us&de=UTF-8&dt=Saber%20Pension%20%26%20Actuarial%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1487343228&gjid=479222659&cid=1718625130.1698511102&tid=UA-119764677-1&_gid=161693745.1698511102&_r=1&gtm=457e3ap0&gcd=11l1l1l1l1&jsscut=1&z=155441887
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://saberpension.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 28 Oct 2023 16:38:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://saberpension.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SNW6RLP26D&gtm=45je3ap0v897059911&_p=987029332&gcd=11l1l1l1l1&cid=1718625130.1698511102&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=2&sid=1698511101&sct=1&seg=0&dl=https%3A%2F%2Fsaberpension.com%2F&dt=Saber%20Pension%20%26%20Actuarial%20Services&en=scroll&epn.percent_scrolled=90&_et=16

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| $ function| jQuery object| device function| Waypoint function| lazyload function| showit-lib object| showit function| initPage function| onYouTubeIframeAPIReady object| gaGlobal object| S5 string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData

7 Cookies

Domain/Path Name / Value
.saberpension.com/ Name: _gcl_au
Value: 1.1.1304235796.1698511102
.saberpension.com/ Name: _ga_SNW6RLP26D
Value: GS1.1.1698511101.1.0.1698511101.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.saberpension.com/ Name: _ga_VMW41XY6KC
Value: GS1.1.1698511102.1.0.1698511102.0.0.0
.saberpension.com/ Name: _ga
Value: GA1.2.1718625130.1698511102
.saberpension.com/ Name: _gid
Value: GA1.2.161693745.1698511102
.saberpension.com/ Name: _gat_gtag_UA_119764677_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
lib.showit.co
region1.google-analytics.com
saberpension.com
static.showit.co
www.google-analytics.com
www.google.bg
www.google.com
www.googletagmanager.com
region1.google-analytics.com
104.196.249.35
143.204.98.90
2001:4860:4802:34::36
2606:4700::6811:190e
2a00:1450:4001:802::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::200a
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2003
65.9.66.124
044542c81f6fb82787f4c461a60263b6752079fdfecf8a371aa1d1174e46afc9
057e87bdcfd060b16b332a2aee0b18f4ac87c426a34c02f46c38db16f605ee6a
05c9b7a03674f6d0f31936f8ee84d37d9c36d58828dcbe6756c489146722229c
0726243e4c1f4138542e35af17a0b89a5194aa595dd74353b27c3d0bd76d90ef
0917879e99b0635e275634fedc11d350969353bc1cd034c37a34fdc264dde48d
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5
35e50a79f755745d85d51bc3f21ab246a1f41279b2a18f32cf87c2c3c1af3885
3b24d65aefdc0a871c6b8feb32f16f1ea9b97e5284c492a37dbbaf18a06a5dd8
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
5ab4a3a0b6a7e2a7d8ff767836071b9c688b87576e81bf563251250a354c5c01
5cc35475de1b954350fcfe9df35b9398cac5133a88b6cc5b9f0e7b11550d91c5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71a93848751fddf17b184d270ec58cc5c39a0bf835a007c800b5b86b1e62bba5
7a519573708a6e9330d18b80842f11bd74d070c7606a72999176472fcbf0756b
837f8b46e17fedf595bc8784a22d87aa835ff52d20d931184ddc854c09fbfb73
8389c5ee1ee6fd73ed3a0cfdb24fd2c4f05d1a77bc2fac6bec0f0d1ccb60964d
902665e5de2e69c3e9d876a9477b97c5a364abb66940fdb193ed977d27590b41
93576bccf64cee775618d97992b3e10382aa30e34774239460826d659521af15
9830cb621e4f3338f1f93ea42afa54c2e8b2fae24344a3bdd2f3d9e7fd6c9d37
b3a2f2e2676343a1f0108e3097c4d45f751bd254d2656456ee2639d8d0be43d6
ba14a9d8f2899bdfe225163a8105b36352bd6a84e935e2359fcb5ac3915d7ec2
d0bb07cdf8eab0d0ee2e29063479937f2d46d928b1e3efa173424d505f79309d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d