savingsreliefs.co Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://savingsreliefs.co/savings/?gclid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1...
Submission Tags: @phish_report
Submission: On March 11 via api (March 11th 2024, 6:30:18 pm UTC) from FI — Scanned from NL

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is savingsreliefs.co.
TLS certificate: Issued by GTS CA 1P5 on March 6th 2024. Valid for: 3 months.

This is the only time savingsreliefs.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	18.184.38.55 18.184.38.55	16509 (AMAZON-02) (AMAZON-02)
10	5

5 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

savingsreliefs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.38.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com

tracking.savingsreliefs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	savingsreliefs.co savingsreliefs.co tracking.savingsreliefs.co	418 KB
2	gstatic.com fonts.gstatic.com	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	863 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	28 KB
10	4

	Domain	Requested by
5	savingsreliefs.co	savingsreliefs.co
2	fonts.gstatic.com	fonts.googleapis.com
1	tracking.savingsreliefs.co	savingsreliefs.co
1	fonts.googleapis.com	savingsreliefs.co
1	cdnjs.cloudflare.com	savingsreliefs.co
10	5

This site contains links to these domains. Also see Links.

Domain
tracking.savingsreliefs.co

Subject Issuer	Validity	Valid
savingsreliefs.co GTS CA 1P5	`2024-03-06` - `2024-06-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tracking.savingsreliefs.co R3	`2024-01-16` - `2024-04-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://savingsreliefs.co/savings/?gclid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&campaignid=21035946195&adgroupid=159295990019&loc_physicall_ms=9007925&wbraid=&matchtype=&tckid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&creative=691602209657&keyword=&placement=youtube.com&s2s=hello&cpid=4f16b24e-4d9e-41a0-a17d-58d862b17704&lpid=b9317dda-d2fa-4901-b482-2035175414fb
Frame ID: EEAE353B2CEFE26E81959699982A05DC
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New 2024 Window Replacement Service

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

462 kB
Transfer

542 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tracking.savingsreliefs.co/click?aff_click_id=171018179034467116&s5=171018179034467116&sub5=171018179034467116&sid4=171018179034467116&uid=171018179034467116&subaff5=171018179034467116&subid5=171018179034467116&c3=171018179034467116&vs=1&cep=a04gXR2JaaGmkzsm301BDymgDAnNOpLqiKO1KIwfpjF_m_Uz5dmgIQzHUwFBvM0lTJuwB9YRXQrbI7wjt3LFWmHbUl-gr7zagR2V-1mFhbOIGrurA701EihWXHMRgz3YCZJQUfaAWt9UEnRXfXnmsW_ycIIGoJP75K_uED_7YoM95H0taoB6URodqqesOdnJWFvWrWunZPAl08EotpL1i65dZz07Cy4h2obe3lPRYytLPYI-8V6bVyiZxUB4uwxr2nkmtWI-wQ79S2pgyA3GXOihPwAcEgyG5X2fbSaSia0xgk3CNQ-PQ7tbS_6PG6RVZU0ayqMHNqX8AGUZ0PuW5rB1vN-ataSX1HlQqYYR7byeuyb89oRqoLw-MDzIpHtgZZEGgvRD5D7Lb7ETVBqU1obIINQ_PjvsTR_eZYBzVr3LJYNSyUcfqOny_6K4UEmfAxA0W4kTUAvgkZXGiVm6yVGW2NaSike7FVCtbSH5cwKg0kRsvRlvXz3fFNph2RYVx7OTq23j11HZI95WddvTEU2lnK_wvS82pzn2d5mb90NQ7KiyHxalbtRswowtv3th3LzQyD1PpQt-2MhVlo-mLbSb3eLHU7VkjvV0CZC3HL5mPOyASCqTNZRdo6Sz8IgrMBT0nwi_IWqlgteBd-iQca5C_NJKZGTEw1S13WuVAjWNMrpTQNPuFNSE_yFgGdF7PL0lyBWNAT2y5bApATRegYR_OeLasyeaLDsQJE0O_93h7Voplp8knq_oshf4qgc0tJvWxMIvBVMypWhhD28-hg
Title: YES

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
savingsreliefs.co/savings/ 11 KB
3 KB 425ms
116ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://savingsreliefs.co/savings/?gclid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&campaignid=21035946195&adgroupid=159295990019&loc_physicall_ms=9007925&wbraid=&matchtype=&tckid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&creative=691602209657&keyword=&placement=youtube.com&s2s=hello&cpid=4f16b24e-4d9e-41a0-a17d-58d862b17704&lpid=b9317dda-d2fa-4901-b482-2035175414fb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29b2d05aa54e504e810260964b259f4c80ae37c7137ada1cace26e27bdfee25e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: nl-NL,nl;q=0.9

Response headers

age: 22
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 862d9d4d1de70ae0-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 11 Mar 2024 18:30:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxMy3cw%2BGGNqeW9Zac56zAEoyU%2FUb6g%2BGA6VbdxPALuAuP7WOY0vsZMN9DV%2FD6mhfyULl48uZvnDb49lHQVaVce6T1na0a%2ByuK2Tcil%2Bwcd%2FaD3yItGv7BUITYEar91WeUiyF8N%2Ft3tmMZEE2sg2OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 58ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: savingsreliefs.co
URL: https://savingsreliefs.co/savings/?gclid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&campaignid=21035946195&adgroupid=159295990019&loc_physicall_ms=9007925&wbraid=&matchtype=&tckid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&creative=691602209657&keyword=&placement=youtube.com&s2s=hello&cpid=4f16b24e-4d9e-41a0-a17d-58d862b17704&lpid=b9317dda-d2fa-4901-b482-2035175414fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://savingsreliefs.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 11 Mar 2024 18:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 337980
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5yezhqRLlU1L5g9hrVAVJXAe6q06UUoqLRS4kvW6T8o5vRJ0vuxkHwWrL2YZTOfBDZdQTYfNKJjKe%2Bz%2B4E420Lolr%2BFF41Zxg8LA1KMsDjE3RkdFqz0Mp0Ns21mePUGBHz40Op89dtQeTetYXY5r8I%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 862d9d4e0e846710-AMS
expires: Sat, 01 Mar 2025 18:30:13 GMT

GET
H2 200 style.css
savingsreliefs.co/savings/css/ 12 KB
3 KB 115ms
115ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://savingsreliefs.co/savings/css/style.css
Requested by: Host: savingsreliefs.co
URL: https://savingsreliefs.co/savings/?gclid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&campaignid=21035946195&adgroupid=159295990019&loc_physicall_ms=9007925&wbraid=&matchtype=&tckid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&creative=691602209657&keyword=&placement=youtube.com&s2s=hello&cpid=4f16b24e-4d9e-41a0-a17d-58d862b17704&lpid=b9317dda-d2fa-4901-b482-2035175414fb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c93b80d7e63539ab2e2340ffdaa077bcfd09498db4dc71b657d51cd85a0045b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://savingsreliefs.co/savings/?gclid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&campaignid=21035946195&adgroupid=159295990019&loc_physicall_ms=9007925&wbraid=&matchtype=&tckid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&creative=691602209657&keyword=&placement=youtube.com&s2s=hello&cpid=4f16b24e-4d9e-41a0-a17d-58d862b17704&lpid=b9317dda-d2fa-4901-b482-2035175414fb
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 11 Mar 2024 18:30:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Feb 2024 11:58:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ccab02-31ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syQjNO15TUh6yKcJAwudGGPNcDXcRtDCrlXT5zU4IEO6fmbVb8rTEGZktfpNPyWjjlEbRJxSvtsFy4lxV7EuOY0fnKQYCzuQhweONz4n8NImeBhnsUch6lbmBOkUh3hmY8guhw5Ugm1N%2F1VrF1%2BY2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 862d9d4ddef50ae0-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 home-logo.png
savingsreliefs.co/savings/images/ 6 KB
6 KB 119ms
119ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsreliefs.co/savings/images/home-logo.png
Requested by: Host: savingsreliefs.co
URL: https://savingsreliefs.co/savings/?gclid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&campaignid=21035946195&adgroupid=159295990019&loc_physicall_ms=9007925&wbraid=&matchtype=&tckid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&creative=691602209657&keyword=&placement=youtube.com&s2s=hello&cpid=4f16b24e-4d9e-41a0-a17d-58d862b17704&lpid=b9317dda-d2fa-4901-b482-2035175414fb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba4750bc8b62f4e9fb6f8aabdcc3d0d92a883f394def0ee6150ab05d213890c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://savingsreliefs.co/savings/?gclid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&campaignid=21035946195&adgroupid=159295990019&loc_physicall_ms=9007925&wbraid=&matchtype=&tckid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&creative=691602209657&keyword=&placement=youtube.com&s2s=hello&cpid=4f16b24e-4d9e-41a0-a17d-58d862b17704&lpid=b9317dda-d2fa-4901-b482-2035175414fb
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 11 Mar 2024 18:30:13 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Feb 2024 11:59:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ccab08-1871"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g62payA65tua3M8pE36ZyobR%2FBXbiyV6wEFFvq7AK%2BQalVQWoa%2BGBZmmjUHauuXuXIdrfdhFiC4SR3QYQaFCAyOSNwenIj0GIj%2F87XzrLPXYd3meh1aqRB0M7fGijWumMQnQFcm2YYjDFQJENPg%2BkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 862d9d4ddefa0ae0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 6257

GET
H2 200 usmap.png
savingsreliefs.co/savings/images/ 46 KB
46 KB 454ms
454ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsreliefs.co/savings/images/usmap.png
Requested by: Host: savingsreliefs.co
URL: https://savingsreliefs.co/savings/?gclid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&campaignid=21035946195&adgroupid=159295990019&loc_physicall_ms=9007925&wbraid=&matchtype=&tckid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&creative=691602209657&keyword=&placement=youtube.com&s2s=hello&cpid=4f16b24e-4d9e-41a0-a17d-58d862b17704&lpid=b9317dda-d2fa-4901-b482-2035175414fb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1d5e77eb6f9b4300b4e998ff733cc4aff61fe4f14a22f941d8cd996d2fb8aef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://savingsreliefs.co/savings/?gclid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&campaignid=21035946195&adgroupid=159295990019&loc_physicall_ms=9007925&wbraid=&matchtype=&tckid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&creative=691602209657&keyword=&placement=youtube.com&s2s=hello&cpid=4f16b24e-4d9e-41a0-a17d-58d862b17704&lpid=b9317dda-d2fa-4901-b482-2035175414fb
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 11 Mar 2024 18:30:13 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Feb 2024 11:59:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ccab09-b809"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeBMvmYGudJnDJ29DAhr4%2FJNA3rIZ5kg2AH%2FlTu8Wev4s7g5ImvPZLKvIfxrDhtlIYx6eJXZw%2FsE%2FeyyUn4i2PMvjAtitjsM3Se%2FwRPSq38TEgMN1FfiTv6hwu%2FHLQtIDWG9xWyoFmgcJQNUnZe1uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 862d9d4ddf000ae0-AMS
alt-svc: h3=":443"; ma=86400
content-length: 47113

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
863 B 76ms
30ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;600;700&display=swap

Requested by

Host: savingsreliefs.co
URL: https://savingsreliefs.co/savings/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12c9c643b33c941061e08b2075f53468779d969f120f6c3ab0aa81b001b48eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://savingsreliefs.co/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Mar 2024 18:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 11 Mar 2024 18:30:13 GMT

GET
H3 200 banner-2.png
savingsreliefs.co/savings/images/ 353 KB
354 KB 141ms
140ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsreliefs.co/savings/images/banner-2.png
Requested by: Host: savingsreliefs.co
URL: https://savingsreliefs.co/savings/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a49c2f1ab2486669fc88c904f642fe510ffa39a120c80e6bbe8650a2ce04bba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://savingsreliefs.co/savings/css/style.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 11 Mar 2024 18:30:13 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Feb 2024 11:59:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ccab08-584ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZObS7kwequ9AYg52i8Uxh7mVnP%2F8pV9sDyRHxlzaU%2BA1J5dZJ9%2B96w48k2YrCmA9%2F2Y%2BFAgVhbyNbfZe6dTYmHfAqNYKIard%2FIX1BYrlEt2KzkCXOiFpmVwJjqlZ1HUx15DQTSz1PMndEZhl4MIrRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 862d9d4f1e381c7b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 361674

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 68ms
22ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://savingsreliefs.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 05 Mar 2024 08:57:49 GMT
x-content-type-options: nosniff
age: 552744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 08:57:49 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 66ms
20ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://savingsreliefs.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 07 Mar 2024 11:50:12 GMT
x-content-type-options: nosniff
age: 369601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Mar 2025 11:50:12 GMT

GET
H2 200 4f16b24e-4d9e-41a0-a17d-58d862b17704.js Show response
tracking.savingsreliefs.co/d/ 4 KB
5 KB 532ms
422ms Script
application/javascript 18.184.38.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.savingsreliefs.co/d/4f16b24e-4d9e-41a0-a17d-58d862b17704.js?lpref=&lpurl=https%3A%2F%2Fsavingsreliefs.co%2Fsavings%2F%3Fgclid%3DCjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE%26campaignid%3D21035946195%26adgroupid%3D159295990019%26loc_physicall_ms%3D9007925%26wbraid%3D%26matchtype%3D%26tckid%3DCjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE%26creative%3D691602209657%26keyword%3D%26placement%3Dyoutube.com%26s2s%3Dhello%26cpid%3D4f16b24e-4d9e-41a0-a17d-58d862b17704%26lpid%3Db9317dda-d2fa-4901-b482-2035175414fb&lpt=New%202024%20Window%20Replacement%20Service&t=1710181813614
Requested by: Host: savingsreliefs.co
URL: https://savingsreliefs.co/savings/?gclid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&campaignid=21035946195&adgroupid=159295990019&loc_physicall_ms=9007925&wbraid=&matchtype=&tckid=CjwKCAjw17qvBhBrEiwA1rU9wxGFWEgIT-caFnXh_kggY5cDqupFzXsZaLXo6aZUK1jpczj3S0VNpBoC1I8QAvD_BwE&creative=691602209657&keyword=&placement=youtube.com&s2s=hello&cpid=4f16b24e-4d9e-41a0-a17d-58d862b17704&lpid=b9317dda-d2fa-4901-b482-2035175414fb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.184.38.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 81af89aa4add098d6c861229af9b2fc0050baa817843cab60012a23da2acf836

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://savingsreliefs.co/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 18:30:14 GMT
server: nginx
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 4307
expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tracking.savingsreliefs.co/	1970-01-20 19:04:28	Name: 4f16b24e-4d9e-41a0-a17d-58d862b17704-v4 Value: 4Qe2aVRjnBtvSyLDDXdKzkTvE1qvS0b-lDURT5qNDvA
.tracking.savingsreliefs.co/	1970-01-20 19:04:28	Name: cep-v4 Value: a04gXR2JaaGmkzsm301BDymgDAnNOpLqiKO1KIwfpjF_m_Uz5dmgIQzHUwFBvM0lTJuwB9YRXQrbI7wjt3LFWmHbUl-gr7zagR2V-1mFhbOIGrurA701EihWXHMRgz3YCZJQUfaAWt9UEnRXfXnmsW_ycIIGoJP75K_uED_7YoM95H0taoB6URodqqesOdnJWFvWrWunZPAl08EotpL1i65dZz07Cy4h2obe3lPRYytLPYI-8V6bVyiZxUB4uwxr2nkmtWI-wQ79S2pgyA3GXOihPwAcEgyG5X2fbSaSia0xgk3CNQ-PQ7tbS_6PG6RVZU0ayqMHNqX8AGUZ0PuW5rB1vN-ataSX1HlQqYYR7byeuyb89oRqoLw-MDzIpHtgZZEGgvRD5D7Lb7ETVBqU1obIINQ_PjvsTR_eZYBzVr3LJYNSyUcfqOny_6K4UEmfAxA0W4kTUAvgkZXGiVm6yVGW2NaSike7FVCtbSH5cwKg0kRsvRlvXz3fFNph2RYVx7OTq23j11HZI95WddvTEU2lnK_wvS82pzn2d5mb90NQ7KiyHxalbtRswowtv3th3LzQyD1PpQt-2MhVlo-mLbSb3eLHU7VkjvV0CZC3HL5mPOyASCqTNZRdo6Sz8IgrMBT0nwi_IWqlgteBd-iQca5C_NJKZGTEw1S13WuVAjWNMrpTQNPuFNSE_yFgGdF7PL0lyBWNAT2y5bApATRegYR_OeLasyeaLDsQJE0O_93h7Voplp8knq_oshf4qgc0tJvWxMIvBVMypWhhD28-hg
savingsreliefs.co/	1970-01-20 19:04:28	Name: vl-cep Value: cep=a04gXR2JaaGmkzsm301BDymgDAnNOpLqiKO1KIwfpjF_m_Uz5dmgIQzHUwFBvM0lTJuwB9YRXQrbI7wjt3LFWmHbUl-gr7zagR2V-1mFhbOIGrurA701EihWXHMRgz3YCZJQUfaAWt9UEnRXfXnmsW_ycIIGoJP75K_uED_7YoM95H0taoB6URodqqesOdnJWFvWrWunZPAl08EotpL1i65dZz07Cy4h2obe3lPRYytLPYI-8V6bVyiZxUB4uwxr2nkmtWI-wQ79S2pgyA3GXOihPwAcEgyG5X2fbSaSia0xgk3CNQ-PQ7tbS_6PG6RVZU0ayqMHNqX8AGUZ0PuW5rB1vN-ataSX1HlQqYYR7byeuyb89oRqoLw-MDzIpHtgZZEGgvRD5D7Lb7ETVBqU1obIINQ_PjvsTR_eZYBzVr3LJYNSyUcfqOny_6K4UEmfAxA0W4kTUAvgkZXGiVm6yVGW2NaSike7FVCtbSH5cwKg0kRsvRlvXz3fFNph2RYVx7OTq23j11HZI95WddvTEU2lnK_wvS82pzn2d5mb90NQ7KiyHxalbtRswowtv3th3LzQyD1PpQt-2MhVlo-mLbSb3eLHU7VkjvV0CZC3HL5mPOyASCqTNZRdo6Sz8IgrMBT0nwi_IWqlgteBd-iQca5C_NJKZGTEw1S13WuVAjWNMrpTQNPuFNSE_yFgGdF7PL0lyBWNAT2y5bApATRegYR_OeLasyeaLDsQJE0O_93h7Voplp8knq_oshf4qgc0tJvWxMIvBVMypWhhD28-hg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
savingsreliefs.co
tracking.savingsreliefs.co
18.184.38.55
2606:4700::6811:190e
2a00:1450:4001:80e::2003
2a00:1450:4001:82b::200a
2a06:98c1:3120::3
12c9c643b33c941061e08b2075f53468779d969f120f6c3ab0aa81b001b48eae
1c93b80d7e63539ab2e2340ffdaa077bcfd09498db4dc71b657d51cd85a0045b
29b2d05aa54e504e810260964b259f4c80ae37c7137ada1cace26e27bdfee25e
2ba4750bc8b62f4e9fb6f8aabdcc3d0d92a883f394def0ee6150ab05d213890c
4a49c2f1ab2486669fc88c904f642fe510ffa39a120c80e6bbe8650a2ce04bba
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81af89aa4add098d6c861229af9b2fc0050baa817843cab60012a23da2acf836
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
c1d5e77eb6f9b4300b4e998ff733cc4aff61fe4f14a22f941d8cd996d2fb8aef
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

savingsreliefs.co Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

80 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

462 kBTransfer

542 kBSize

3 Cookies

1 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

3 Cookies

Indicators

savingsreliefs.co Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

462 kB
Transfer

542 kB
Size

3
Cookies

10 HTTP transactions
0 data transactions