URL: https://www.savingscabin.com/
Submission: On December 12 via automatic, source certstream-suspicious

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 39 HTTP transactions. The main IP is 45.93.101.73, located in Germany and belongs to AS-HOSTINGER, LT. The main domain is www.savingscabin.com.
TLS certificate: Issued by R3 on December 12th 2020. Valid for: 3 months.
This is the only time www.savingscabin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45.93.101.73 47583 (AS-HOSTINGER)
14 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 151.139.128.8 20446 (HIGHWINDS3)
3 185.199.110.153 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.68.9 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
39 11
Domain Requested by
14 affiliateplatform.itworld.com.pk www.savingscabin.com
affiliateplatform.itworld.com.pk
6 fonts.gstatic.com fonts.googleapis.com
3 owlcarousel2.github.io www.savingscabin.com
3 pro.fontawesome.com www.savingscabin.com
pro.fontawesome.com
2 fonts.googleapis.com www.savingscabin.com
affiliateplatform.itworld.com.pk
1 cdn.couponcause.com affiliateplatform.itworld.com.pk
1 maxcdn.bootstrapcdn.com www.savingscabin.com
1 stackpath.bootstrapcdn.com www.savingscabin.com
1 www.savingscabin.com
0 savingscabin.com Failed affiliateplatform.itworld.com.pk
39 10

This site contains links to these domains. Also see Links.

Domain
savingscabin.com
facebook.com
instagram.com
twitter.com
Subject Issuer Validity Valid
savingscabin.com
R3
2020-12-12 -
2021-03-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-15 -
2021-08-15
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-22 -
2021-10-12
a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-12-14
a year crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA
2020-05-06 -
2022-04-14
2 years crt.sh
couponcause.com
Amazon
2020-02-10 -
2021-03-10
a year crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.savingscabin.com/
Frame ID: 1088FA99E52ADC2AAC9E5016A11DC10B
Requests: 39 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i


Overall confidence: 100%
Detected patterns
  • script /(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
  • script /(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js/i

Page Statistics

39
Requests

82 %
HTTPS

60 %
IPv6

8
Domains

10
Subdomains

11
IPs

3
Countries

842 kB
Transfer

2371 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.savingscabin.com/
32 KB
9 KB
Document
General
Full URL
https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.93.101.73 , Germany, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software
LiteSpeed / PHP/7.4.11
Resource Hash
e2c31f7edc7a3cb1b25f84175178ffa9a058135c922648f3f834b62390de97fd

Request headers

:method
GET
:authority
www.savingscabin.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-powered-by
PHP/7.4.11
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
ci_session=76faeea90a8abecc30df8a0df6336cfbea487d1f; expires=Sat, 12-Dec-2020 18:01:25 GMT; Max-Age=7200; path=/; HttpOnly; secure
content-type
text/html; charset=UTF-8
content-length
9154
content-encoding
br
vary
Accept-Encoding
date
Sat, 12 Dec 2020 16:01:25 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
bootstrap.css
affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/
116 KB
18 KB
Stylesheet
General
Full URL
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/bootstrap.css
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aa2f8443640979b737f14dafa491243ab2dbb875124f603f39ad4b15a3fe357

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:26 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
cf-request-id
06f9488db80000c2e50583c000000001
last-modified
Mon, 30 Nov 2020 18:08:34 GMT
server
cloudflare
etag
W/"3f60b49-1d0be-5b556e5fe0c80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=izhhPQ0MhrXoOTtRYfUwvg2UTCac1ZOtDxVDcEfxHN6UH6hWhyxKrK%2BViY2zAe8mHQJVG2RBDcEkJN7FAZYEHf7J7meIjiRpXSTF4a3SqrWFXVAKv1D9wcCJdIWNObO6ow9Wn12M9N5CC5fJWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
6008a9f5fb98c2e5-FRA
expires
Mon, 11 Jan 2021 16:01:26 GMT
style.css
affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/
387 KB
29 KB
Stylesheet
General
Full URL
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/style.css
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9a8816a1c08582bcaa9624635eea06a13972222421bdbc65b1363bd94ceb53

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:26 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
cf-request-id
06f9488dba0000c2e51d1a6000000001
last-modified
Wed, 02 Dec 2020 10:58:44 GMT
server
cloudflare
etag
W/"3f60b4b-60a96-5b5792078a100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=613QgKBv9yMrOrVRUHePEBSyBGeT%2BBPUqwKJrQdd0tPmQPdqj12uVcJ4y%2FNsZ7t6SQo%2BCvO3Nou9z3hlQmSKhX7yh4%2BrSb3LNgbwpVDVUZPJikSqb88vAKBW5MGbi9jrDtfinzTYylF%2FYWyjAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
6008a9f5fba0c2e5-FRA
expires
Mon, 11 Jan 2021 16:01:26 GMT
d-style.css
affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/
251 B
863 B
Stylesheet
General
Full URL
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/d-style.css
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fc0a02164a28a85839379c7a803ad0bf9fbbdb946d4c2e08c302a1673f9b3b6

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:26 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
cf-request-id
06f9488db90000c2e5cea25000000001
last-modified
Thu, 03 Dec 2020 16:56:36 GMT
server
cloudflare
etag
W/"3f60b4a-fb-5b5923e24b900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZXm9JfT%2BsGQ6sBLKqQmK%2FVMsrBtpgK%2BwSbsOq%2FBm226N9KlBosGrRfdDXHGjaIId15Y8gQ8iqCetK69MUeBOu7PjhawbM3WIenWcGRGoXJMiRfWO1Hh5jWgYqwXe3Zp0VvaopD%2BKmraYXTl0pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
6008a9f5fb9bc2e5-FRA
expires
Mon, 11 Jan 2021 16:01:25 GMT
css2
fonts.googleapis.com/
112 KB
30 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+JP&display=swap
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de22fc4c8fb757fb1238d3c3df8bd16b29a059dffc9e322cb47805eeabd2ef62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 12 Dec 2020 16:01:25 GMT
server
ESF
date
Sat, 12 Dec 2020 16:01:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Dec 2020 16:01:25 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
all.css
pro.fontawesome.com/releases/v5.10.0/css/
153 KB
30 KB
Stylesheet
General
Full URL
https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:25 GMT
content-encoding
gzip
last-modified
Mon, 29 Jul 2019 15:21:55 GMT
etag
"aa1272633e7e552395d147a499bad186"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1607788885.cds066.sk1.hn,1607788885.cds053.sk1.c
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
access-control-allow-methods
GET
accept-ranges
bytes
content-length
30107
owl.carousel.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/
3 KB
1 KB
Stylesheet
General
Full URL
https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.carousel.min.css
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
d58c05b9a7ffec944f3c719699fbb94346bc9aaf
date
Sat, 12 Dec 2020 16:01:25 GMT
content-encoding
gzip
age
70
x-cache
HIT
content-length
1068
x-served-by
cache-cph20628-CPH
access-control-allow-origin
*
last-modified
Fri, 20 Apr 2018 13:22:52 GMT
server
GitHub.com
x-github-request-id
472C:B018:6036B9:670786:5FD2FB88
x-timer
S1607788886.530055,VS0,VE1
etag
W/"5ad9e9ac-d17"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Fri, 11 Dec 2020 05:00:44 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
HIT
x-cache-hits
1
owl.theme.default.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/
1013 B
646 B
Stylesheet
General
Full URL
https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.theme.default.min.css
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
9bbbaf8df6795447f8db30d96e1540c0614355a3
date
Sat, 12 Dec 2020 16:01:25 GMT
content-encoding
gzip
age
410
x-cache
HIT
content-length
479
x-served-by
cache-cph20628-CPH
access-control-allow-origin
*
last-modified
Fri, 20 Apr 2018 13:22:52 GMT
server
GitHub.com
x-github-request-id
5CAA:6B8D:1DAABE2:1F9451B:5FD1657B
x-timer
S1607788886.530195,VS0,VE1
etag
W/"5ad9e9ac-3f5"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Thu, 10 Dec 2020 00:08:59 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
HIT
x-cache-hits
1
jquery.js
affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/
87 KB
30 KB
Script
General
Full URL
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/jquery.js
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:26 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
cf-request-id
06f9488dbb0000c2e5cfb83000000001
last-modified
Fri, 27 Nov 2020 05:28:34 GMT
server
cloudflare
etag
W/"3f60b5e-15d83-5b50fee7f2480-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S%2FBHOpwfOcXi6F1lR4oI13kdSu8DLIExK%2BvuKsaMX9HBANpnrEdcZ83sT8ijKsZygVXSgO7wjRYBVpdIlOJImcjpmugIolx1oJ7zjUYhh1zgDhX9CazjscnZvh5sGUnqPDxAppAmVdZtFYD6Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
6008a9f5fba7c2e5-FRA
expires
Mon, 11 Jan 2021 16:01:25 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/
39 KB
11 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Feb 2019 16:41:46 GMT
etag
"1550076106"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
10940
vue3.js
affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/
525 KB
109 KB
Script
General
Full URL
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/vue3.js
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef789fa58d0227c1e78248b9f59e67c1791434c932162455491171edbc278f7b

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:26 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
cf-request-id
06f9488dba0000c2e52e985000000001
last-modified
Thu, 03 Dec 2020 12:17:36 GMT
server
cloudflare
etag
W/"3f60b61-834a5-5b58e585c9800-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CEckMtJ6%2BPvkclJzeWk2ZJuy3tnNcgyyYoFAVH6Ok6r9tG2OeoT9DYDiecJsF8C%2Brvahb%2F95s4JjaHnw5kPKG9b2lf2QBUZgLZPa0%2Ff%2Ba1HB1Lfo1dWvjtcJ0K%2BUJJvxYGXbYiN9peluv5W3Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
6008a9f5fba3c2e5-FRA
expires
Mon, 11 Jan 2021 16:01:26 GMT
typeahead.bundle.js
affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/
94 KB
16 KB
Script
General
Full URL
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/typeahead.bundle.js
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90a11503a70321b2cf5598d3b44591dad09161887a031ee31f6c4e019a0819c2

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:26 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
cf-request-id
06f9488dbb0000c2e5fc0bd000000001
last-modified
Sun, 29 Nov 2020 07:32:50 GMT
server
cloudflare
etag
W/"3f60b5f-177ba-5b539e6976c80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FQzxNAr2Cu5YThO1PwYQqK2pbQ1aSNNPcv0Z51zz8vgu29eU9iFyQdMLUv6128gvDVIIH9Rwi%2BYdi6MycntjkfSx2GzGc2pZQuY34tMukXocnEkrWJI4mjY3kkc5sIZl5bJ08X7rJWyueJjFXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
6008a9f5fba5c2e5-FRA
expires
Mon, 11 Jan 2021 16:01:26 GMT
handlebars.js
affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/
175 KB
37 KB
Script
General
Full URL
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/handlebars.js
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65a7eb3bc65711160eefde13c7584f68071d71735950d997b9f5ce49ed07c63f

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:26 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
cf-request-id
06f9488dbc0000c2e5cfb84000000001
last-modified
Sun, 29 Nov 2020 07:41:20 GMT
server
cloudflare
etag
W/"3f60b5d-2bc42-5b53a04fd6800-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dnMuTFttullxKA8O3eN6V1bLuONyRjSA57yGFm9%2BnFRG%2B7kVzUjgdIYeC2FE9FaRUJV3Sc96lqkxzqRg8HE7FM24gLkoBNnUXo%2FbfrcfAFajds4jqRdNrNrrbp6YS5pLy6zBL6KeS%2Fg0X9S7hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
6008a9f5fba9c2e5-FRA
expires
Mon, 11 Jan 2021 16:01:25 GMT
logo-white.png
affiliateplatform.itworld.com.pk/application/views/theme2/assets/images/
26 KB
27 KB
Image
General
Full URL
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/images/logo-white.png
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0ebe5a70b5f3048e22bbe6097466a5fba6495bc5be4c03f81a16bebfce84bb

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:27 GMT
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
27014
cf-request-id
06f94892d20000c2e57f99e000000001
last-modified
Mon, 30 Nov 2020 20:21:28 GMT
server
cloudflare
etag
"3f60b4d-6986-5b558c147a200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f8Z1qxYCutoDyNjLWS6%2Bwv%2FNT2T5qAkx7ujj7WnXy2y%2FZoHl%2BDTH21fOqRCxrVrL%2BpjbLQpacy4NzF8nywG2pH89pQ3mB5MrrAn9d7C8C5V5UDCXE%2FN3sDW%2Ba6p4niLek%2Boq4aeXNU2wITNf6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6008a9fe1c71c2e5-FRA
expires
Sun, 12 Dec 2021 16:01:27 GMT
owl.carousel.js
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/
88 KB
20 KB
Script
General
Full URL
https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/owl.carousel.js
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
db9d6cf3c1c4b047c62f646e7d9991c06a212931c362bf53f9a2406b30f09466

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
8052c4e8913d65539fc058c0c365d36517a222b5
date
Sat, 12 Dec 2020 16:01:26 GMT
content-encoding
gzip
age
9
x-cache
HIT
content-length
20465
x-served-by
cache-cph20628-CPH
access-control-allow-origin
*
last-modified
Fri, 20 Apr 2018 13:22:52 GMT
server
GitHub.com
x-github-request-id
5B82:BBBE:22912:27587:5FD1AEB5
x-timer
S1607788887.601650,VS0,VE1
etag
W/"5ad9e9ac-15f88"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Thu, 10 Dec 2020 05:18:23 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
HIT
x-cache-hits
1
clipboard.min.js
affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/
10 KB
4 KB
Script
General
Full URL
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/clipboard.min.js
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:27 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
cf-request-id
06f94892770000c2e5c78b3000000001
last-modified
Thu, 26 Nov 2020 11:43:44 GMT
server
cloudflare
etag
W/"3f60b4f-28d5-5b5010e5b1c00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pNM2jpoTPKh6V23%2B4MCtq68w6%2BrIirJKJgIiLZJyzv8povtAzzuFQgFGm9p718laecJmKd5ikaFu9KU7cAUHAOIUxEV8sXmpvKloKITVigclWYHOX3ezqCeOjLbqG5n5b%2F4r46xIMvJvkRAKgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
6008a9fd8b65c2e5-FRA
expires
Mon, 11 Jan 2021 16:01:27 GMT
custom_global.js
affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/d_custom/
10 KB
3 KB
Script
General
Full URL
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/d_custom/custom_global.js
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9be3e772c3ea4ab7b45b17021244e3eb32f0fea485dbcfe3e42c66c8acdc190c

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:27 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
cf-request-id
06f94892cb0000c2e51f1b6000000001
last-modified
Thu, 03 Dec 2020 17:12:00 GMT
server
cloudflare
etag
W/"3f60b55-296f-5b5927537d800-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NUdnUmC%2FWTr%2B7l1OG8SbEXH5K87GoyQo%2FO5nxl2UAw18YgLWwgI8MMdPuamHHBtEHXffaTyvrNWYbKsaSZt4U55b3jZPL9RN2RItu%2FKFrbYfK5Ln0gGK3TY9vvD%2BLib0ki3guK1HyZKzSEhamw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
6008a9fe0c49c2e5-FRA
expires
Mon, 11 Jan 2021 16:01:27 GMT
home.js
affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/d_custom/
7 KB
1 KB
Script
General
Full URL
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/d_custom/home.js
Requested by
Host: www.savingscabin.com
URL: https://www.savingscabin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
072f38860251974bc8caf918ff8f018733fab208b27378f03f48987f1c927436

Request headers

Referer
https://www.savingscabin.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:27 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
cf-request-id
06f94892d20000c2e5e4b40000000001
last-modified
Thu, 03 Dec 2020 12:48:34 GMT
server
cloudflare
etag
W/"3f60b58-1ca1-5b58ec71b6c80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GFm1v6LeC%2FHLkcdHkxC2nrE44ajh7%2F08DHdELqLTBsP7y3lcm15wzXGofaraiM6KN4%2FhQGCdkM7jhG2ScYiIdlHb9yj5ZZmmyzEE2qMIlpkOdgFWJeyQIwCuYimZObeT5OMHuYtaiIr9dphRHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
6008a9fe1c6fc2e5-FRA
expires
Mon, 11 Jan 2021 16:01:27 GMT
css
fonts.googleapis.com/
18 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:300,400,500,700,900|Lato:300,400,700
Requested by
Host: affiliateplatform.itworld.com.pk
URL: https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/style.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9ce8814fb382794703200c7966ef52bfe80e8986d69fa3912124abeeb9b21a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 12 Dec 2020 16:01:26 GMT
server
ESF
date
Sat, 12 Dec 2020 16:01:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Dec 2020 16:01:26 GMT
hero-background.jpg
cdn.couponcause.com/images/
54 KB
54 KB
Image
General
Full URL
https://cdn.couponcause.com/images/hero-background.jpg
Requested by
Host: affiliateplatform.itworld.com.pk
URL: https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e5560954515961089749b73c32f5acbe5464a1ecb107c23ea2321c810e145a1

Request headers

Referer
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 04:04:01 GMT
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
last-modified
Thu, 28 Sep 2017 18:55:29 GMT
server
AmazonS3
age
6436646
etag
"630d4cf0e74c180f89638d5d8c7523df"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max_age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
54964
x-amz-cf-id
-VTSfhkkQdafNSOaAblR9Do-6IR8b3pM5AMN4wSsG-gTbIUIdPF3aQ==
expires
Thu, 31 Dec 2020 23:59:59 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:300,400,500,700,900|Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.savingscabin.com
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:300,400,500,700,900|Lato:300,400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 18:04:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:59 GMT
server
sffe
age
251832
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Thu, 09 Dec 2021 18:04:14 GMT
-F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.118.woff2
fonts.gstatic.com/s/notosansjp/v28/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
602a5dcd9d2f9dcfbc4d874ca1cb678980d0bd438f059baf655ec1738407dd44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.savingscabin.com
Referer
https://fonts.googleapis.com/css2?family=Noto+Sans+JP&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Dec 2020 06:23:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:09:57 GMT
server
sffe
age
466658
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13688
x-xss-protection
0
expires
Tue, 07 Dec 2021 06:23:48 GMT
fa-solid-900.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/
120 KB
120 KB
Font
General
Full URL
https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-solid-900.woff2
Requested by
Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37

Request headers

Origin
https://www.savingscabin.com
Referer
https://pro.fontawesome.com/releases/v5.10.0/css/all.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:26 GMT
last-modified
Mon, 29 Jul 2019 15:23:53 GMT
etag
"88fd444847dc842d15e229df26571b03"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
accept-ranges
bytes
content-length
123004
x-hw
1607788886.cds066.sk1.hn,1607788886.cds001.sk1.c
333972_1_0.woff2
affiliateplatform.itworld.com.pk/fonts/
0
0
Font
General
Full URL
https://affiliateplatform.itworld.com.pk/fonts/333972_1_0.woff2
Requested by
Host: affiliateplatform.itworld.com.pk
URL: https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash

Request headers

Origin
https://www.savingscabin.com
Referer
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:27 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.11
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
cf-request-id
06f94893020000bf0579124000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CPZlQ3ffRNcCzxOCA0gWwXtvlZMNiDtWfXv7DbyXpCl8cDtmaF1dbW5tMLhTWHNKB4iS6YC8tzUQpnBsnG2qNGWbn0BlzLoyotzzPE06jqFj5wXjYDmFcsWK8wjI2GVW%2F75knuX9Y2sqfHCSKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
6008a9fe6898bf05-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v12/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v12/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:300,400,500,700,900|Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.savingscabin.com
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:300,400,500,700,900|Lato:300,400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 00:08:53 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:33:54 GMT
server
sffe
age
57153
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30940
x-xss-protection
0
expires
Sun, 12 Dec 2021 00:08:53 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:300,400,500,700,900|Lato:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.savingscabin.com
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700|Roboto:300,400,500,700,900|Lato:300,400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 11 Dec 2020 19:54:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:25 GMT
server
sffe
age
72441
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14176
x-xss-protection
0
expires
Sat, 11 Dec 2021 19:54:05 GMT
fa-regular-400.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/
149 KB
149 KB
Font
General
Full URL
https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-regular-400.woff2
Requested by
Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
e2df22a9c52c1db62b42d30787248f0d66b6f0c4fdcf7eb3b8783d990d85b867

Request headers

Origin
https://www.savingscabin.com
Referer
https://pro.fontawesome.com/releases/v5.10.0/css/all.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:26 GMT
last-modified
Mon, 29 Jul 2019 15:23:08 GMT
etag
"d4e531cbdfed1cd2094595d8779f28a4"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
accept-ranges
bytes
content-length
152164
x-hw
1607788886.cds066.sk1.hn,1607788886.cds021.sk1.c
-F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.119.woff2
fonts.gstatic.com/s/notosansjp/v28/
50 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
839c37491e75f874f27d008facea2ca67a0ee1ac4b4cf08cea849cd867f8a481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.savingscabin.com
Referer
https://fonts.googleapis.com/css2?family=Noto+Sans+JP&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 08:36:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:23:03 GMT
server
sffe
age
285869
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51132
x-xss-protection
0
expires
Thu, 09 Dec 2021 08:36:57 GMT
-F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.113.woff2
fonts.gstatic.com/s/notosansjp/v28/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosansjp/v28/-F62fjtqLzI2JPCgQBnw7HFowwII2lcnk-AFfrgQrvWXpdFg3KXxAMsKMbdN.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a2267d25cd1e6879633a573e90a5cd8f406ded9d15f86af3c090f0f43972466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.savingscabin.com
Referer
https://fonts.googleapis.com/css2?family=Noto+Sans+JP&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Dec 2020 06:23:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:21:06 GMT
server
sffe
age
466654
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12660
x-xss-protection
0
expires
Tue, 07 Dec 2021 06:23:52 GMT
getCommon
savingscabin.com//front_api/
0
0

333972_1_0.woff
affiliateplatform.itworld.com.pk/fonts/
0
0
Font
General
Full URL
https://affiliateplatform.itworld.com.pk/fonts/333972_1_0.woff
Requested by
Host: affiliateplatform.itworld.com.pk
URL: https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash

Request headers

Origin
https://www.savingscabin.com
Referer
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:28 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.11
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
cf-request-id
06f94896010000bf057cb06000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rBnVAmeLtH%2BvJA3UDGjeFT%2FoQqOipDM0ta6POZJC%2B%2BffMCEx%2B5V9K4%2FraUSIg3FZJBP1C7I1zgBhjJMiocV6%2F01csPNSeJhCBzWO48fecUiiTW6EwfzhXF8FY21bz%2BMxAAaYRnnUHdOBABx00Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
6008aa033be9bf05-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
savingscabin.com//front_api/getSlides/
0
0

/
savingscabin.com//front_api/getTopStores/
0
0

/
savingscabin.com//front_api/getRecommendedCoupons/
0
0

/
savingscabin.com//front_api/getRecommendedCoupons/
0
0

/
savingscabin.com//front_api/getPopuplarCategories/
0
0

/
savingscabin.com//front_api/getPopuplarStores/
0
0

333972_1_0.ttf
affiliateplatform.itworld.com.pk/fonts/
0
0
Font
General
Full URL
https://affiliateplatform.itworld.com.pk/fonts/333972_1_0.ttf
Requested by
Host: affiliateplatform.itworld.com.pk
URL: https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash

Request headers

Origin
https://www.savingscabin.com
Referer
https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 16:01:28 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.11
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
cf-request-id
06f94898b90000bf055485b000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fyTaeeMgjvgBfYH%2ByuutBAzzKKjeIOyeA%2FeEbokeLeAgUHSF8b8CdWbQtVY5iXg4MmplASJjf0%2FFZWRWueC9HCr34V6wLzT%2B0FiJlKSIPsEjxII6ueAa9lOQNC6HwkYhgZD8sT1S%2B2KypaccJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
6008aa078ea4bf05-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
savingscabin.com
URL
https://savingscabin.com//front_api/getCommon
Domain
savingscabin.com
URL
https://savingscabin.com//front_api/getSlides/
Domain
savingscabin.com
URL
https://savingscabin.com//front_api/getTopStores/
Domain
savingscabin.com
URL
https://savingscabin.com//front_api/getRecommendedCoupons/
Domain
savingscabin.com
URL
https://savingscabin.com//front_api/getRecommendedCoupons/
Domain
savingscabin.com
URL
https://savingscabin.com//front_api/getPopuplarCategories/
Domain
savingscabin.com
URL
https://savingscabin.com//front_api/getPopuplarStores/

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| Vue object| __VUE_HMR_RUNTIME__ boolean| __VUE__ object| devtoolsFormatters string| base_url string| theme_base_url number| site_id string| token_name string| token_hash string| api_url function| SearchIndex function| Bloodhound object| Handlebars function| ClipboardJS object| configs function| c function| get object| menu_bar object| footer object| coupon_box function| init function| subscribes_email function| visitCoupon function| showCouponBox function| notification_coupon_link_expire object| home function| getAllCoupons function| getTopStores function| getRecommendedCoupons function| getPopularCoupons function| getCoupons function| getPopuplarCategories function| getPopuplarStores function| getSlides

1 Cookies

Domain/Path Name / Value
www.savingscabin.com/ Name: ci_session
Value: 76faeea90a8abecc30df8a0df6336cfbea487d1f

2 Console Messages

Source Level URL
Text
console-api info URL: https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/vue3.js(Line 9279)
Message:
You are running a development build of Vue. Make sure to use the production build (*.prod.js) when deploying for production.
console-api warning URL: https://affiliateplatform.itworld.com.pk/application/views/theme2/assets/js/vue3.js(Line 1243)
Message:
[Vue warn]: Failed to resolve component: center at <App>

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliateplatform.itworld.com.pk
cdn.couponcause.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
owlcarousel2.github.io
pro.fontawesome.com
savingscabin.com
stackpath.bootstrapcdn.com
www.savingscabin.com
savingscabin.com
151.139.128.8
185.199.110.153
2001:4de0:ac19::1:b:3a
2606:4700:3036::ac43:84f6
2a00:1450:4001:801::200a
2a00:1450:4001:809::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:825::2003
45.93.101.73
65.9.68.9
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
072f38860251974bc8caf918ff8f018733fab208b27378f03f48987f1c927436
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
4aa2f8443640979b737f14dafa491243ab2dbb875124f603f39ad4b15a3fe357
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
5b9a8816a1c08582bcaa9624635eea06a13972222421bdbc65b1363bd94ceb53
602a5dcd9d2f9dcfbc4d874ca1cb678980d0bd438f059baf655ec1738407dd44
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
65a7eb3bc65711160eefde13c7584f68071d71735950d997b9f5ce49ed07c63f
6e5560954515961089749b73c32f5acbe5464a1ecb107c23ea2321c810e145a1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e0ebe5a70b5f3048e22bbe6097466a5fba6495bc5be4c03f81a16bebfce84bb
839c37491e75f874f27d008facea2ca67a0ee1ac4b4cf08cea849cd867f8a481
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
8fc0a02164a28a85839379c7a803ad0bf9fbbdb946d4c2e08c302a1673f9b3b6
90a11503a70321b2cf5598d3b44591dad09161887a031ee31f6c4e019a0819c2
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
9a2267d25cd1e6879633a573e90a5cd8f406ded9d15f86af3c090f0f43972466
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9be3e772c3ea4ab7b45b17021244e3eb32f0fea485dbcfe3e42c66c8acdc190c
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37
db9d6cf3c1c4b047c62f646e7d9991c06a212931c362bf53f9a2406b30f09466
de22fc4c8fb757fb1238d3c3df8bd16b29a059dffc9e322cb47805eeabd2ef62
e2c31f7edc7a3cb1b25f84175178ffa9a058135c922648f3f834b62390de97fd
e2df22a9c52c1db62b42d30787248f0d66b6f0c4fdcf7eb3b8783d990d85b867
ef789fa58d0227c1e78248b9f59e67c1791434c932162455491171edbc278f7b
f9ce8814fb382794703200c7966ef52bfe80e8986d69fa3912124abeeb9b21a2