savingsreliefs.co
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Submission Tags: @phish_report
Submission: On March 11 via api from FI — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on March 6th 2024. Valid for: 3 months.
This is the only time savingsreliefs.co was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:80e::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 18.184.38.55 18.184.38.55 | 16509 (AMAZON-02) (AMAZON-02) | |
10 | 5 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
tracking.savingsreliefs.co |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
savingsreliefs.co
savingsreliefs.co tracking.savingsreliefs.co |
418 KB |
2 |
gstatic.com
fonts.gstatic.com |
16 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30 |
863 B |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 228 |
28 KB |
10 | 4 |
Domain | Requested by | |
---|---|---|
5 | savingsreliefs.co |
savingsreliefs.co
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | tracking.savingsreliefs.co |
savingsreliefs.co
|
1 | fonts.googleapis.com |
savingsreliefs.co
|
1 | cdnjs.cloudflare.com |
savingsreliefs.co
|
10 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
tracking.savingsreliefs.co |
Subject Issuer | Validity | Valid | |
---|---|---|---|
savingsreliefs.co GTS CA 1P5 |
2024-03-06 - 2024-06-04 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
tracking.savingsreliefs.co R3 |
2024-01-16 - 2024-04-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://savingsreliefs.co/savings/?gclid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&campaignid=21035946195&adgroupid=159295990019&loc_physicall_ms=9007925&wbraid=&matchtype=&tckid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&creative=691602209657&keyword=&placement=youtube.com&s2s=hello&cpid=4f16b24e-4d9e-41a0-a17d-58d862b17704&lpid=b9317dda-d2fa-4901-b482-2035175414fb
Frame ID: EEAE353B2CEFE26E81959699982A05DC
Requests: 10 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: YES
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
savingsreliefs.co/savings/ |
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
savingsreliefs.co/savings/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home-logo.png
savingsreliefs.co/savings/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usmap.png
savingsreliefs.co/savings/images/ |
46 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
6 KB 863 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
banner-2.png
savingsreliefs.co/savings/images/ |
353 KB 354 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4f16b24e-4d9e-41a0-a17d-58d862b17704.js
tracking.savingsreliefs.co/d/ |
4 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| d object| months number| date string| month number| year object| $yesterday function| dtpCallback undefined| link3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.tracking.savingsreliefs.co/ | Name: 4f16b24e-4d9e-41a0-a17d-58d862b17704-v4 Value: 4Qe2aVRjnBtvSyLDDXdKzkTvE1qvS0b-lDURT5qNDvA |
|
.tracking.savingsreliefs.co/ | Name: cep-v4 Value: a04gXR2JaaGmkzsm301BDymgDAnNOpLqiKO1KIwfpjF_m_Uz5dmgIQzHUwFBvM0lTJuwB9YRXQrbI7wjt3LFWmHbUl-gr7zagR2V-1mFhbOIGrurA701EihWXHMRgz3YCZJQUfaAWt9UEnRXfXnmsW_ycIIGoJP75K_uED_7YoM95H0taoB6URodqqesOdnJWFvWrWunZPAl08EotpL1i65dZz07Cy4h2obe3lPRYytLPYI-8V6bVyiZxUB4uwxr2nkmtWI-wQ79S2pgyA3GXOihPwAcEgyG5X2fbSaSia0xgk3CNQ-PQ7tbS_6PG6RVZU0ayqMHNqX8AGUZ0PuW5rB1vN-ataSX1HlQqYYR7byeuyb89oRqoLw-MDzIpHtgZZEGgvRD5D7Lb7ETVBqU1obIINQ_PjvsTR_eZYBzVr3LJYNSyUcfqOny_6K4UEmfAxA0W4kTUAvgkZXGiVm6yVGW2NaSike7FVCtbSH5cwKg0kRsvRlvXz3fFNph2RYVx7OTq23j11HZI95WddvTEU2lnK_wvS82pzn2d5mb90NQ7KiyHxalbtRswowtv3th3LzQyD1PpQt-2MhVlo-mLbSb3eLHU7VkjvV0CZC3HL5mPOyASCqTNZRdo6Sz8IgrMBT0nwi_IWqlgteBd-iQca5C_NJKZGTEw1S13WuVAjWNMrpTQNPuFNSE_yFgGdF7PL0lyBWNAT2y5bApATRegYR_OeLasyeaLDsQJE0O_93h7Voplp8knq_oshf4qgc0tJvWxMIvBVMypWhhD28-hg |
|
savingsreliefs.co/ | Name: vl-cep Value: cep=a04gXR2JaaGmkzsm301BDymgDAnNOpLqiKO1KIwfpjF_m_Uz5dmgIQzHUwFBvM0lTJuwB9YRXQrbI7wjt3LFWmHbUl-gr7zagR2V-1mFhbOIGrurA701EihWXHMRgz3YCZJQUfaAWt9UEnRXfXnmsW_ycIIGoJP75K_uED_7YoM95H0taoB6URodqqesOdnJWFvWrWunZPAl08EotpL1i65dZz07Cy4h2obe3lPRYytLPYI-8V6bVyiZxUB4uwxr2nkmtWI-wQ79S2pgyA3GXOihPwAcEgyG5X2fbSaSia0xgk3CNQ-PQ7tbS_6PG6RVZU0ayqMHNqX8AGUZ0PuW5rB1vN-ataSX1HlQqYYR7byeuyb89oRqoLw-MDzIpHtgZZEGgvRD5D7Lb7ETVBqU1obIINQ_PjvsTR_eZYBzVr3LJYNSyUcfqOny_6K4UEmfAxA0W4kTUAvgkZXGiVm6yVGW2NaSike7FVCtbSH5cwKg0kRsvRlvXz3fFNph2RYVx7OTq23j11HZI95WddvTEU2lnK_wvS82pzn2d5mb90NQ7KiyHxalbtRswowtv3th3LzQyD1PpQt-2MhVlo-mLbSb3eLHU7VkjvV0CZC3HL5mPOyASCqTNZRdo6Sz8IgrMBT0nwi_IWqlgteBd-iQca5C_NJKZGTEw1S13WuVAjWNMrpTQNPuFNSE_yFgGdF7PL0lyBWNAT2y5bApATRegYR_OeLasyeaLDsQJE0O_93h7Voplp8knq_oshf4qgc0tJvWxMIvBVMypWhhD28-hg |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
savingsreliefs.co
tracking.savingsreliefs.co
18.184.38.55
2606:4700::6811:190e
2a00:1450:4001:80e::2003
2a00:1450:4001:82b::200a
2a06:98c1:3120::3
12c9c643b33c941061e08b2075f53468779d969f120f6c3ab0aa81b001b48eae
1c93b80d7e63539ab2e2340ffdaa077bcfd09498db4dc71b657d51cd85a0045b
29b2d05aa54e504e810260964b259f4c80ae37c7137ada1cace26e27bdfee25e
2ba4750bc8b62f4e9fb6f8aabdcc3d0d92a883f394def0ee6150ab05d213890c
4a49c2f1ab2486669fc88c904f642fe510ffa39a120c80e6bbe8650a2ce04bba
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81af89aa4add098d6c861229af9b2fc0050baa817843cab60012a23da2acf836
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
c1d5e77eb6f9b4300b4e998ff733cc4aff61fe4f14a22f941d8cd996d2fb8aef
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e