corp-origin.savings-united.com Open in urlscan Pro
2607:f8b0:4006:80a::2013  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response corp-origin.savings-united.com/	35 KB 35 KB	599ms 457ms	Document text/html	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://corp-origin.savings-united.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Craft CMS Resource Hash 2e10ea71d6d483604b27a595fea3dca45aadf8c0ef5ae8ff72a463407d0e1b08 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-type text/html; charset=UTF-8 date Wed, 21 Aug 2024 20:35:04 GMT link <http://savings-united.pj.local/>; rel="canonical" server Google Frontend x-powered-by Craft CMS
GET H2	200	main.css corp-origin.savings-united.com/static/	45 KB 45 KB	123ms 122ms	Stylesheet text/css	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://corp-origin.savings-united.com/static/main.css?v=1723108470 Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 3465f02e39ffefec6b08fb85481602651c4c5580a355a5b0cf108f4e8735fd46 Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 20:35:05 GMT last-modified Thu, 08 Aug 2024 09:14:30 GMT server Google Frontend etag "66b48c76-b2e3" content-type text/css x-cloud-trace-context 8c13477c7f95b196ddeaf385584ea322 accept-ranges bytes content-length 45795
GET H2	200	logo_wordmark.svg corp-origin.savings-united.com/graphics/	3 KB 3 KB	130ms 130ms	Image image/svg+xml	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://corp-origin.savings-united.com/graphics/logo_wordmark.svg Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 9904fa61f42daa5c7c1fd3e715f5fed26a0aceef758bb0ebe8f30427cf76db29 Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 20:35:05 GMT last-modified Wed, 17 Apr 2024 09:59:03 GMT server Google Frontend etag "661f9d67-ac4" content-type image/svg+xml x-cloud-trace-context 70b63951dc16fd7c2b4ffbcb99332239 accept-ranges bytes content-length 2756
GET H2	200	main_126_HIGH_01_XXX_PS_Paul-Spengemann.jpg corp-origin.savings-united.com/assets/images/	2 MB 2 MB	237ms 237ms	Image image/jpeg	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://corp-origin.savings-united.com/assets/images/main_126_HIGH_01_XXX_PS_Paul-Spengemann.jpg Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 3de003bf2dad6f6f29138576130ac8592442cde476ac9f11988aaeccb79569db Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 20:35:05 GMT last-modified Fri, 26 Apr 2024 13:51:51 GMT server Google Frontend etag "662bb177-22e806" content-type image/jpeg x-cloud-trace-context b6ad3505bd77c6324083d25df8a2b6e6 accept-ranges bytes content-length 2287622
GET H2	200	main.js Show response corp-origin.savings-united.com/static/	392 KB 393 KB	151ms 150ms	Script application/javascript	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://corp-origin.savings-united.com/static/main.js?v=1723108470 Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 2b22cacf6a420bd5a63cce968bbacc9b49ebdde5814e144f1bfbfde0af7d8136 Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 20:35:05 GMT last-modified Thu, 08 Aug 2024 09:14:30 GMT server Google Frontend etag "66b48c76-620fa" content-type application/javascript; charset=utf-8 x-cloud-trace-context 81e294b5d6d39dd62fe0b34c15afbde0 accept-ranges bytes content-length 401658
GET H2	200	cmp.php Show response a.delivery.consentmanager.net/delivery/	1 KB 1003 B	540ms 230ms	Script text/javascript	87.230.98.78 PLUSSERVER-ASN1
General Check archive.org Show headers Download Go to Full URL https://a.delivery.consentmanager.net/delivery/cmp.php?&cdid=35fcab3ba17a4&h=https%3A%2F%2Fcorp-origin.savings-united.com%2F&&l=en&ls=EN_EN_EN&lp=DE-DE&o=1724272505135 Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 87.230.98.78 , Germany, ASN61157 (PLUSSERVER-ASN1, DE), Reverse DNS ds87-230-98-78.dedicated.psmanaged.com Software / Resource Hash 83dccf3d6b5a568c91ebb911e83ba25e2f69de90915889f7f62fb31225c1fa9d Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 21 Aug 2024 20:35:05 GMT content-encoding gzip last-modified Wed, 21 Aug 2024 20:35:05 GMT vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * edge-control no-store, no-cache, must-revalidate cache-control no-store, no-cache, must-revalidate x-xss-protection 0 expires Thu, 01 Dec 1994 16:00:00 GMT
GET H2	200	cmp_final.min.js Show response cdn.consentmanager.net/delivery/js/	435 KB 94 KB	507ms 209ms	Script application/javascript	2a02:6ea0:c000::23 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.consentmanager.net/delivery/js/cmp_final.min.js Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c000::23 Amsterdam, Netherlands, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 91f278070d0a5582bec4ac85682beb412edc45f70d5a7c2a1d59bced36c49f20 Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-77-pop amsterdamNL date Wed, 21 Aug 2024 20:35:05 GMT content-encoding gzip x-accel-date-max 1724268451 x-77-cache HIT x-cache HIT edge-control max-age=86400 x-age 4054 x-accel-date 1724268451 x-77-nzt EwwBw7WsAQH31g8AAAgBuUwKAQFhCAElE8I0AWE x-accel-expires @1724354851 x-77-age 4054 last-modified Wed, 21 Aug 2024 19:25:25 GMT server CDN77-Turbo etag W/"6ccdb-6203681025340" x-77-nzt-ray 47824138c85366889e4fc66611aca122 vary Accept-Encoding content-type application/javascript cache-control max-age=86400 expires Thu, 22 Aug 2024 19:27:31 GMT
GET H2	200	9c1163dc5cc2a1c9b55b.woff2 corp-origin.savings-united.com/static/	109 KB 109 KB	125ms 124ms	Font application/octet-stream	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://corp-origin.savings-united.com/static/9c1163dc5cc2a1c9b55b.woff2 Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/static/main.css?v=1723108470 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 8458f8afa67b5691c1fcbe51607a2dafb53a9839e48131c608a186b65415d96d Request headers Referer https://corp-origin.savings-united.com/static/main.css?v=1723108470 Origin https://corp-origin.savings-united.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 20:35:05 GMT last-modified Wed, 17 Apr 2024 10:00:49 GMT server Google Frontend etag "661f9dd1-1b314" content-type text/plain; charset=utf-8 x-cloud-trace-context 2c7bf0f60f340a8c01ca2eb9ef5d50f1 accept-ranges bytes content-length 111380
GET H2	200	43b6ebd197b439f23527.woff2 corp-origin.savings-united.com/static/	66 KB 67 KB	128ms 127ms	Font application/octet-stream	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://corp-origin.savings-united.com/static/43b6ebd197b439f23527.woff2 Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/static/main.css?v=1723108470 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash e3a5bf65d525a2ca36dbbcfe649ec135266cf7559c871ad07521e908aaf7b088 Request headers Referer https://corp-origin.savings-united.com/static/main.css?v=1723108470 Origin https://corp-origin.savings-united.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 20:35:05 GMT last-modified Wed, 17 Apr 2024 10:00:49 GMT server Google Frontend etag "661f9dd1-109d8" content-type text/plain; charset=utf-8 x-cloud-trace-context 14821682c255401d91fe903926c6c7c2 accept-ranges bytes content-length 68056
GET H2	200	d6125db9dd20399de932.woff2 corp-origin.savings-united.com/static/	107 KB 108 KB	128ms 128ms	Font application/octet-stream	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://corp-origin.savings-united.com/static/d6125db9dd20399de932.woff2 Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/static/main.css?v=1723108470 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash d12f464576228dc3879b30775fafe389472bdf021d2d11cea365ccb997ca6c51 Request headers Referer https://corp-origin.savings-united.com/static/main.css?v=1723108470 Origin https://corp-origin.savings-united.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 20:35:05 GMT last-modified Wed, 17 Apr 2024 10:00:49 GMT server Google Frontend etag "661f9dd1-1ada8" content-type text/plain; charset=utf-8 x-cloud-trace-context 98b5715e7d04028cf5d41d30b8db9a6c accept-ranges bytes content-length 109992
GET H2	200	76224c7fa303861462e7.woff2 corp-origin.savings-united.com/static/	106 KB 106 KB	131ms 130ms	Font application/octet-stream	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://corp-origin.savings-united.com/static/76224c7fa303861462e7.woff2 Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/static/main.css?v=1723108470 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a Request headers Referer https://corp-origin.savings-united.com/static/main.css?v=1723108470 Origin https://corp-origin.savings-united.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 20:35:05 GMT last-modified Wed, 17 Apr 2024 10:00:49 GMT server Google Frontend etag "661f9dd1-1a7c8" content-type text/plain; charset=utf-8 x-cloud-trace-context 056a7a7a90703e971065acfd892cf475 accept-ranges bytes content-length 108488
GET H2	200	newspaper.json Show response corp-origin.savings-united.com/animations/	11 KB 12 KB	326ms 325ms	XHR application/json	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://corp-origin.savings-united.com/animations/newspaper.json Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/static/main.js?v=1723108470 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 0ab1391490163ac396e1b7ef821853b49fa14535f829d5ae0012689d5e61ca58 Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 20:35:05 GMT last-modified Wed, 17 Apr 2024 09:59:03 GMT server Google Frontend etag "661f9d67-2de5" content-type application/json x-cloud-trace-context f61b9c8ba823843d7ae6675519f4d350 accept-ranges bytes content-length 11749
GET H2	200	newspaper.json Show response corp-origin.savings-united.com/animations/	11 KB 0	327ms 326ms	Fetch application/json	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://corp-origin.savings-united.com/animations/newspaper.json Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/static/main.js?v=1723108470 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 0ab1391490163ac396e1b7ef821853b49fa14535f829d5ae0012689d5e61ca58 Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 20:35:05 GMT last-modified Wed, 17 Apr 2024 09:59:03 GMT server Google Frontend etag "661f9d67-2de5" content-type application/json x-cloud-trace-context f61b9c8ba823843d7ae6675519f4d350 accept-ranges bytes content-length 11749
GET H2	200	eye.json Show response corp-origin.savings-united.com/animations/	5 KB 5 KB	327ms 327ms	XHR application/json	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://corp-origin.savings-united.com/animations/eye.json Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/static/main.js?v=1723108470 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 8a6b76fe8be2e0ff197e3ffd1e56f0ca9bfdfa1916dee7cb9d1274b7ff26e35b Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 20:35:05 GMT last-modified Wed, 17 Apr 2024 09:59:03 GMT server Google Frontend etag "661f9d67-1322" content-type application/json x-cloud-trace-context a96e46ca4b2fd735c9850bd1689e702c accept-ranges bytes content-length 4898
GET H2	200	eye.json Show response corp-origin.savings-united.com/animations/	5 KB 0	328ms 328ms	Fetch application/json	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://corp-origin.savings-united.com/animations/eye.json Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/static/main.js?v=1723108470 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 8a6b76fe8be2e0ff197e3ffd1e56f0ca9bfdfa1916dee7cb9d1274b7ff26e35b Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 20:35:05 GMT last-modified Wed, 17 Apr 2024 09:59:03 GMT server Google Frontend etag "661f9d67-1322" content-type application/json x-cloud-trace-context a96e46ca4b2fd735c9850bd1689e702c accept-ranges bytes content-length 4898
GET H2	200	yingyang.json Show response corp-origin.savings-united.com/animations/	4 KB 4 KB	328ms 327ms	XHR application/json	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://corp-origin.savings-united.com/animations/yingyang.json Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/static/main.js?v=1723108470 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash f18cd1b03520f6be611d16a73e2af6b36bd6413b2a229a89af45a055b8e0007a Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 20:35:05 GMT last-modified Wed, 17 Apr 2024 09:59:03 GMT server Google Frontend etag "661f9d67-118d" content-type application/json x-cloud-trace-context 3f2ec2a9c6485065b790f4348897601f accept-ranges bytes content-length 4493
GET H2	200	yingyang.json Show response corp-origin.savings-united.com/animations/	4 KB 0	330ms 329ms	Fetch application/json	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://corp-origin.savings-united.com/animations/yingyang.json Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/static/main.js?v=1723108470 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash f18cd1b03520f6be611d16a73e2af6b36bd6413b2a229a89af45a055b8e0007a Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 20:35:05 GMT last-modified Wed, 17 Apr 2024 09:59:03 GMT server Google Frontend etag "661f9d67-118d" content-type application/json x-cloud-trace-context 3f2ec2a9c6485065b790f4348897601f accept-ranges bytes content-length 4493
GET H2	200	cmp.php Show response a.delivery.consentmanager.net/delivery/	5 KB 3 KB	261ms 260ms	Script text/javascript	87.230.98.78 PLUSSERVER-ASN1
General Check archive.org Show headers Download Go to Full URL https://a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=1&id=105992&o=1724272505&h=https%3A%2F%2Fcorp-origin.savings-united.com%2F&&l=en&odw=0&dlt=1&l=en&lp=DE-DE Requested by Host: a.delivery.consentmanager.net URL: https://a.delivery.consentmanager.net/delivery/cmp.php?&cdid=35fcab3ba17a4&h=https%3A%2F%2Fcorp-origin.savings-united.com%2F&&l=en&ls=EN_EN_EN&lp=DE-DE&o=1724272505135 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 87.230.98.78 , Germany, ASN61157 (PLUSSERVER-ASN1, DE), Reverse DNS ds87-230-98-78.dedicated.psmanaged.com Software / Resource Hash 55a5762fee8e10b6f6120149e8f2f6d1ec9381e4f43ff70d95c98be903b6802d Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 21 Aug 2024 20:35:05 GMT content-encoding gzip last-modified Wed, 21 Aug 2024 20:35:05 GMT vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * edge-control no-store, no-cache, must-revalidate cache-control no-store, no-cache, must-revalidate x-xss-protection 0 expires Thu, 01 Dec 1994 16:00:00 GMT
GET H2	200	bV8xLndfMTA1OTkyLnJfQ0NQQS5sX2VuLmRfMzc0NjgueF80MC52LnAudF8zNzQ2OC54dF8zMQ.js Show response cdn.consentmanager.net/delivery/customdata/	67 KB 18 KB	265ms 264ms	Script text/javascript	2a02:6ea0:c000::23 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://cdn.consentmanager.net/delivery/customdata/bV8xLndfMTA1OTkyLnJfQ0NQQS5sX2VuLmRfMzc0NjgueF80MC52LnAudF8zNzQ2OC54dF8zMQ.js Requested by Host: a.delivery.consentmanager.net URL: https://a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=1&id=105992&o=1724272505&h=https%3A%2F%2Fcorp-origin.savings-united.com%2F&&l=en&odw=0&dlt=1&l=en&lp=DE-DE Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c000::23 Amsterdam, Netherlands, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 95378ed1cc71fd1f8187a0c38d45e16482e7491feee1bd338017504bec2b3f03 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-77-pop amsterdamNL date Wed, 21 Aug 2024 20:35:06 GMT content-encoding gzip x-77-cache MISS x-cache MISS edge-control public, max-age=1800 x-accel-date 1724267124 x-xss-protection 0 x-77-nzt EwgBw7WsAQFBDAG5TAoMAbMGFQAADAGckiEfAbMGFQAA x-accel-expires @1724274306 x-77-age 5382 last-modified Wed, 21 Aug 2024 20:35:06 GMT server CDN77-Turbo x-77-nzt-ray 47824138c85366889f4fc666b3db2004 vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=1800 expires Wed, 21 Aug 2024 21:05:06 GMT
GET H2	200	recall_cookie.svg cdn.consentmanager.net/delivery/recall/	869 B 831 B	106ms 105ms	Image image/svg+xml	2a02:6ea0:c000::23 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.consentmanager.net/delivery/recall/recall_cookie.svg Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c000::23 Amsterdam, Netherlands, ASN60068 (CDN77 _, GB), Reverse DNS Software CDN77-Turbo / Resource Hash a701cd4a9cfc02344ae90ef4adacb3ffb69feb8d5922e324df6383a03b1a9921 Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-77-pop amsterdamNL date Wed, 21 Aug 2024 20:35:06 GMT content-encoding gzip x-accel-date-max 1723461321 x-77-cache HIT x-cache HIT edge-control max-age=2592000 x-age 811185 x-accel-date 1723461321 x-77-nzt EwwBw7WsAQH3sWAMAAwBuUwKAQH3HonqAAwBJRPCLgH3BgAAAA x-accel-expires @1739626789 x-77-age 811185 last-modified Tue, 08 Feb 2022 14:38:47 GMT server CDN77-Turbo etag W/"365-5d782acc3a098" x-77-nzt-ray 47824138c85366889f4fc6664ab0f321 vary Accept-Encoding content-type image/svg+xml cache-control max-age=31536000 expires Sat, 15 Feb 2025 13:39:49 GMT
GET H2	200	/ a.delivery.consentmanager.net/delivery/info/	43 B 297 B	122ms 122ms	Image image/gif	87.230.98.78 PLUSSERVER-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://a.delivery.consentmanager.net/delivery/info/?id=105992&did=1&cfdid=1&t=pv.cn.d_reg0.oonv.d_dnsx&h=https%3A%2F%2Fcorp-origin.savings-united.com%2F&o=1724272506512&l=EN&lv=112316&d=1&ct=14&e=&e2=&e3=&i=&sv=31&dv=40& Requested by Host: corp-origin.savings-united.com URL: https://corp-origin.savings-united.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 87.230.98.78 , Germany, ASN61157 (PLUSSERVER-ASN1, DE), Reverse DNS ds87-230-98-78.dedicated.psmanaged.com Software / Resource Hash 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 21 Aug 2024 20:35:06 GMT last-modified Wed, 21 Aug 2024 20:35:06 GMT content-type image/gif access-control-allow-origin * edge-control no-store, no-cache, must-revalidate cache-control no-store, no-cache, must-revalidate content-length 43 x-xss-protection 0 expires Thu, 01 Dec 1994 16:00:00 GMT
GET H2	200	favicon.ico corp-origin.savings-united.com/favicon/	15 KB 15 KB	120ms 120ms	Other image/x-icon	2607:f8b0:4006:80a::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://corp-origin.savings-united.com/favicon/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2013 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash cf6fe3d59169d42b6581f20bd6b3749eeb146de514c47f6f76101d3f9a80c2cb Request headers Referer https://corp-origin.savings-united.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 20:35:06 GMT last-modified Wed, 17 Apr 2024 09:59:03 GMT server Google Frontend etag "661f9d67-3aee" content-type image/x-icon x-cloud-trace-context 6e699f4471410d81721cb7c483d81844 accept-ranges bytes content-length 15086

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| gdprAppliesGlobally string| cmp_cdid string| cmp_host string| cmp_cdn string| cmp_proto string| cmp_codesrc function| cmp_getsupportedLangs function| cmp_getRTLLangs function| cmp_getlang function| cmp_extractlang function| cmp_getlangs function| cmp_getPageLangs function| cmp_getPageLang function| cmp_getLangsFromURL function| cmp_getXMLLang function| cmp_rc function| cmp_stub function| cmp_dsastub function| cmp_gppstub function| cmp_gpp_ping function| cmp_addFrame function| cmp_msghandler function| cmp_setStub function| cmp_setGppStub function| __cmp function| __tcfapi function| __uspapi function| __gpp function| __dsa object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| cmp_gppmanifest function| cmp_fibo function| cmp_reader function| cmp_writer function| cmp_cs function| cmp_lang function| cmp_purpose function| cmp_stack function| cmp_vendor function| cmp_utils function| cmp_snapshot function| cmp_storage function| cmp_gpp_helper function| cmp_api function| cmp_contentblocking function| cmp_behavior function| cmp_amp function| cmp_eventwrapper function| cmp_html function| cmp_wcagdialog function| cmp_display function| cmp_display_age function| cmp_display_background function| cmp_display_images function| cmp_display_langchoice function| cmp_display_policy function| cmp_display_qr function| cmp_display_welect function| cmpsource function| cmpmngr_queryfile string| cmpccsversionbuild function| cmp_unq function| cmp_fnd number| cmpccsversion function| btoa2 function| atob2 function| cmp_loadconsole object| cmp_dataLayer function| cmp_gtag function| cmp_getGPPManifests function| cmp_regulations function| cmp_getregulation function| cmp_affiliatedomains function| cmp_awindomains function| cmp_getcss object| cmpmngr function| cmp_gc function| cmp_hc function| __cmapi object| __cmp_langs_loaded object| cmp_config_data object| cmp_scripts function| cmp_loadCS function| cmp_append_script function| cmp_append_script2 function| cmp_script_loaded object| cmp_timer object| cmp_timer2 function| cmp_svg_no function| cmp_svg_yes function| cmp_svg_yesorange function| cmp_svg_noorange function| cmp_svg_multi function| cmp_svg_nodisabled function| cmp_svg_yesdisabled function| cmp_svg_icologoiablogo function| cmp_svg_icomatexternal_link function| cmp_svg_icoprv58 function| cmp_svg_icoprv35 function| cmp_svg_icoprv46 function| cmp_svg_icoprv47 function| cmp_svg_icoprv30 function| cmp_svg_icoprv32 function| cmp_svg_icoprv34 object| cmp_loadedLangs object| dataLayer function| gtag number| cmpCCPA string| cmpRegulation string| cmpConsentString string| cmpCurrentStatus string| cmpLastStatus string| cmpLastTCFStatus string| cmpLoadingStatus string| cmpDisplayStatus string| cmpVendorsConsent string| cmpCustomVendorsConsent string| cmpGoogleVendorsConsent string| cmpPurposesConsent string| cmpCustomPurposeConsent string| cmpConsentVendors string| cmpConsentPurposes string| cmpLIVendors string| cmpLIPurposes string| cmpIABUSP number| cmpDesignId boolean| consentExists boolean| userChoiceExists string| userChoiceType string| userChoiceStatus object| utag_data function| cmp_spachange

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			corp-origin.savings-united.com/	1970-01-21 08:26:40	Name: __cmpcc Value: 1
			a.delivery.consentmanager.net/	1970-01-20 22:57:52	Name: __cmpcc Value: 2
			.savings-united.com/	1970-01-21 07:43:28	Name: __cmpconsentx105992 Value: CQDuUpAQDuUpAAffIBENBCFgAINAAANAAAigAAAAAAAA
			.savings-united.com/	1970-01-21 07:43:28	Name: __cmpcccx105992 Value: aBQDvxrJAAACAAXACCAE0AQ4AAA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.delivery.consentmanager.net
cdn.consentmanager.net
corp-origin.savings-united.com
2607:f8b0:4006:80a::2013
2a02:6ea0:c000::23
87.230.98.78
0ab1391490163ac396e1b7ef821853b49fa14535f829d5ae0012689d5e61ca58
2b22cacf6a420bd5a63cce968bbacc9b49ebdde5814e144f1bfbfde0af7d8136
2e10ea71d6d483604b27a595fea3dca45aadf8c0ef5ae8ff72a463407d0e1b08
3465f02e39ffefec6b08fb85481602651c4c5580a355a5b0cf108f4e8735fd46
3de003bf2dad6f6f29138576130ac8592442cde476ac9f11988aaeccb79569db
55a5762fee8e10b6f6120149e8f2f6d1ec9381e4f43ff70d95c98be903b6802d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
83dccf3d6b5a568c91ebb911e83ba25e2f69de90915889f7f62fb31225c1fa9d
8458f8afa67b5691c1fcbe51607a2dafb53a9839e48131c608a186b65415d96d
8a6b76fe8be2e0ff197e3ffd1e56f0ca9bfdfa1916dee7cb9d1274b7ff26e35b
91f278070d0a5582bec4ac85682beb412edc45f70d5a7c2a1d59bced36c49f20
95378ed1cc71fd1f8187a0c38d45e16482e7491feee1bd338017504bec2b3f03
9904fa61f42daa5c7c1fd3e715f5fed26a0aceef758bb0ebe8f30427cf76db29
a701cd4a9cfc02344ae90ef4adacb3ffb69feb8d5922e324df6383a03b1a9921
b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a
cf6fe3d59169d42b6581f20bd6b3749eeb146de514c47f6f76101d3f9a80c2cb
d12f464576228dc3879b30775fafe389472bdf021d2d11cea365ccb997ca6c51
e3a5bf65d525a2ca36dbbcfe649ec135266cf7559c871ad07521e908aaf7b088
f18cd1b03520f6be611d16a73e2af6b36bd6413b2a229a89af45a055b8e0007a