savingsbits.com Open in urlscan Pro
52.54.72.5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://na10t1mpqcs3e152.page.link/E4A7
Effective URL:
https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Submission: On September 27 via manual (September 27th 2021, 9:15:40 am UTC) from DE — Scanned from DE

Summary HTTP 33 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 33 HTTP transactions. The main IP is 52.54.72.5, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is savingsbits.com.
TLS certificate: Issued by R3 on July 29th 2021. Valid for: 3 months.

This is the only time savingsbits.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 1	198.187.29.143 198.187.29.143	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 1	173.255.248.174 173.255.248.174	63949 (LINODE-AP...) (LINODE-AP Linode)
30	52.54.72.5 52.54.72.5	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	52.217.89.246 52.217.89.246	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:d000:10:b308:84c0:93a1	16509 (AMAZON-02) (AMAZON-02)
33	4

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

na10t1mpqcs3e152.page.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.187.29.143 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server127-2.web-hosting.com

barahata.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.255.248.174 (Fremont, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li258-174.members.linode.com

www.incorport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 52.54.72.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-72-5.compute-1.amazonaws.com

savingsbits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.89.246 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:d000:10:b308:84c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.bouncepilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	savingsbits.com savingsbits.com	561 KB
1	bouncepilot.com static.bouncepilot.com	34 KB
1	amazonaws.com s3.amazonaws.com	165 KB
1	googleapis.com ajax.googleapis.com	25 KB
1	incorport.com 1 redirects www.incorport.com	579 B
1	barahata.club 1 redirects barahata.club	244 B
1	page.link 1 redirects na10t1mpqcs3e152.page.link	1 KB
33	7

	Domain	Requested by
30	savingsbits.com	savingsbits.com
1	static.bouncepilot.com	savingsbits.com
1	s3.amazonaws.com	savingsbits.com
1	ajax.googleapis.com	savingsbits.com
1	www.incorport.com	1 redirects
1	barahata.club	1 redirects
1	na10t1mpqcs3e152.page.link	1 redirects
33	7

This site contains links to these domains. Also see Links.

Domain
vkgtrack.com

Subject Issuer	Validity	Valid
savingsbits.com R3	`2021-07-29` - `2021-10-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.bouncepilot.com Amazon	`2021-06-23` - `2022-07-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Frame ID: 5A05CD94A5F93791E9794290FF7805AB
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Behebung von Erektiler Dysfunktion

Page URL History Show full URLs

https://na10t1mpqcs3e152.page.link/E4A7 HTTP 302
https://barahata.club/testonoflter.php HTTP 302
https://www.incorport.com/24L7XJ1Z/N3ZSHW8/?sub1=bahar HTTP 302
https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

4
IPs

2
Countries

785 kB
Transfer

1074 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vkgtrack.com/?a=293015&oc=3201&c=1419&s1=19499&s2=bahar&s3=de82253cac8447149470f56fdc191549
Title: Männer Nachrichten Aktuell

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://na10t1mpqcs3e152.page.link/E4A7 HTTP 302
https://barahata.club/testonoflter.php HTTP 302
https://www.incorport.com/24L7XJ1Z/N3ZSHW8/?sub1=bahar HTTP 302
https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
savingsbits.com/testo-pre/
Redirect Chain

https://na10t1mpqcs3e152.page.link/E4A7
https://barahata.club/testonoflter.php
https://www.incorport.com/24L7XJ1Z/N3ZSHW8/?sub1=bahar
https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549

42 KB
8 KB

565ms
154ms

Document
text/html

52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 3df2f81ce829dca0288cf1424b35ba2e0edf7840b3a177b707c13144001ec048

Request headers

Host: savingsbits.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 27 Sep 2021 09:15:34 GMT
Server: Apache
Set-Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8261
Content-Type: text/html; charset=UTF-8

Redirect headers

Server: nginx
Date: Mon, 27 Sep 2021 09:15:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125
Location: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Set-Cookie: uniqueClick_N3ZSHW8=b3ef0c27-d0d7-41ef-925f-42e2ef378992:1632734133; Path=/; Expires=Wed, 27 Oct 2021 09:15:33 GMT; SameSite=None transaction_id=de82253cac8447149470f56fdc191549; Path=/; Expires=Sun, 26 Dec 2021 09:15:33 GMT; SameSite=None
Vary: Origin
X-Eflow-Request-Id: fa86f86e-b05b-4778-8bfa-5e55de602b87

GET
H/1.1 200
OK bootstrap.min.css
savingsbits.com/testo-pre/lp1files/ 118 KB
19 KB 134ms
133ms Stylesheet
text/css 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://savingsbits.com/testo-pre/lp1files/bootstrap.min.css
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ef50a2352a00f8e07fb146c516b391c7ea3ad2b60e618d6a32de0dd644cff8b9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
ETag: "340304-1d99a-5b4e676133000"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 19591

GET
H/1.1 200
OK blog-post.css
savingsbits.com/testo-pre/lp1files/ 2 KB
982 B 344ms
146ms Stylesheet
text/css 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://savingsbits.com/testo-pre/lp1files/blog-post.css
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 964ef4608c7fc1e6859569579a4e307600a47f9ed4a8effbb203052f946a2146

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
ETag: "340303-60d-5b4e676133000"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 716

GET
H/1.1 200
OK moment-with-locales.min.js Show response
savingsbits.com/testo-pre/ 157 KB
43 KB 362ms
158ms Script
text/javascript 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://savingsbits.com/testo-pre/moment-with-locales.min.js
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 3affa02ffd3250c11807a7b946e0575c5d6abb0d0ba6c8e381e147ab65e7e691

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
ETag: "340309-27492-5b4e676133000"
Vary: Accept-Encoding
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 43384

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
25 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 11:12:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24715
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Tue, 20 Sep 2022 11:12:34 GMT

GET
H/1.1 200
OK family3.jpg
savingsbits.com/testo-pre/lp1files/ 235 KB
236 KB 215ms
215ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/family3.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 7c17dfcbea9291f6bbce3d58b2d4fc22b82cca9291729b226ae9e0962d953032

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:34 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "340306-3adbe-5b4e676133000"
Content-Length: 241086
Content-Type: image/jpeg

GET
H/1.1 200
OK RedBloodCells3.jpg
savingsbits.com/testo-pre/lp1files/ 46 KB
46 KB 127ms
127ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/RedBloodCells3.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 0dae44c119bd4a75b753cfce24f15eada788ec54bdb9205fbd39f9c426d7612a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:34 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "340308-b8c0-5b4e676133000"
Content-Length: 47296
Content-Type: image/jpeg

GET
H/1.1 200
OK offer.jpg
savingsbits.com/testo-pre/lp1files/ 7 KB
7 KB 127ms
126ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/offer.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e49d49fa0edfd20965beabe908ff412f18947cf2983d4c1dbaa904016071cf7c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:34 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "340307-1bf8-5b4e676133000"
Content-Length: 7160
Content-Type: image/jpeg

GET
H/1.1 200
OK testoultra.png
s3.amazonaws.com/platform-image-content/ 165 KB
165 KB 442ms
122ms Image
image/png 52.217.89.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/platform-image-content/testoultra.png
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.246 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b824d023b911240543d7ebcdb49f04fd6c8bb5c829eb26d40dd5ee041d97d543

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:36 GMT
Last-Modified: Tue, 04 Jul 2017 10:04:38 GMT
Server: AmazonS3
x-amz-request-id: RHAE1FES9A21YMZP
ETag: "b981c7f6d3c6e466e5f987658ad5d8be"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 168797
x-amz-id-2: 4Eg09gi/5POwhs1R0BUH2UZTxAc5rrZM8X9K+YV1seat3QIJf63KNmiYoelewDGfFHbq0vDHQKQ=

GET
H/1.1 200
OK button_german.jpg
savingsbits.com/testo-pre/lp1files/ 10 KB
10 KB 305ms
126ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/button_german.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e2f1a90f69ca86b41e6804b533d79117e4a03f1cf4b4879185168caa60b9b137

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:34 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "340305-2819-5b4e676133000"
Content-Length: 10265
Content-Type: image/jpeg

GET
H/1.1 200
OK 16.jpg
savingsbits.com/testo-pre/lp1files/ 3 KB
3 KB 343ms
146ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/16.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 2714176d43bab0725997695caf4850cd589eb67ae44b92e0f59d7e9c39baf297

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402f3-bc8-5b4e676133000"
Content-Length: 3016
Content-Type: image/jpeg

GET
H/1.1 200
OK 17.jpg
savingsbits.com/testo-pre/lp1files/ 3 KB
3 KB 356ms
152ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/17.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: c240d4adbbcf77e5722b5ee4440aeef98b1a3cd91d0ad39845a640a74ee56e6a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402f4-a0b-5b4e676133000"
Content-Length: 2571
Content-Type: image/jpeg

GET
H/1.1 200
OK 18.jpg
savingsbits.com/testo-pre/lp1files/ 3 KB
3 KB 229ms
151ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/18.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 7e7406796a48e54ecb6b7c9c2a56c4e8eaf929972b779cfcdd0f07f2ff44c57d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402f5-b71-5b4e676133000"
Content-Length: 2929
Content-Type: image/jpeg

GET
H/1.1 200
OK 19.jpg
savingsbits.com/testo-pre/lp1files/ 2 KB
2 KB 199ms
125ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/19.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 8967e92030ed0a00a387102752bf579de79417622c50475757e360990096e5c3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402f6-899-5b4e676133000"
Content-Length: 2201
Content-Type: image/jpeg

GET
H/1.1 200
OK 20.jpg
savingsbits.com/testo-pre/lp1files/ 2 KB
2 KB 125ms
125ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/20.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 3c57acc4f147013067ffd7968d84a9091e6dbf62006a07e389eb16873d3f111e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402f8-832-5b4e676133000"
Content-Length: 2098
Content-Type: image/jpeg

GET
H/1.1 200
OK 21.jpg
savingsbits.com/testo-pre/lp1files/ 5 KB
5 KB 123ms
122ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/21.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 3deee6e24f4a7effb4f244606282fa6a1afff9c4af0c816a43c72507ff857fb3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402f9-1290-5b4e676133000"
Content-Length: 4752
Content-Type: image/jpeg

GET
H/1.1 200
OK 22.jpg
savingsbits.com/testo-pre/lp1files/ 2 KB
2 KB 127ms
126ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/22.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402fa-63d-5b4e676133000"
Content-Length: 1597
Content-Type: image/jpeg

GET
H/1.1 200
OK 24.jpg
savingsbits.com/testo-pre/lp1files/ 2 KB
2 KB 127ms
127ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/24.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 6f00141a199798584a7b7cefb9735ed3f94dc3264d90bc45d6e934838d0da877

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402fb-7d2-5b4e676133000"
Content-Length: 2002
Content-Type: image/jpeg

GET
H/1.1 200
OK 25.jpg
savingsbits.com/testo-pre/lp1files/ 1 KB
2 KB 125ms
125ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/25.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 2bba69be095d5007594fcc357cd0b71fb08d759ffaddf26a95059019563b0215

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402fc-549-5b4e676133000"
Content-Length: 1353
Content-Type: image/jpeg

GET
H/1.1 200
OK 1.jpg
savingsbits.com/testo-pre/lp1files/ 5 KB
5 KB 122ms
122ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/1.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 8addec2b825e24811cf7349068289afc7395fc159e516d444f6beac4bb5a4e03

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402ef-13be-5b4e676133000"
Content-Length: 5054
Content-Type: image/jpeg

GET
H/1.1 200
OK 2.jpg
savingsbits.com/testo-pre/lp1files/ 3 KB
3 KB 125ms
125ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/2.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 15586540c6e96c5da2053b81b68f9b9dd5be36c7e676df8fc008d101477e7cbb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402f7-a47-5b4e676133000"
Content-Length: 2631
Content-Type: image/jpeg

GET
H/1.1 200
OK 3.jpg
savingsbits.com/testo-pre/lp1files/ 16 KB
16 KB 222ms
222ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/3.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d72938478ae85283819a7268b6121f15efb9133e05d1d8cb792217e27fde5439

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402fd-4116-5b4e676133000"
Content-Length: 16662
Content-Type: image/jpeg

GET
H/1.1 200
OK 4.jpg
savingsbits.com/testo-pre/lp1files/ 3 KB
3 KB 128ms
126ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/4.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 500204517921aa4828c63a6527b5656e9b608319fe7a6d0a25bb3b0d22e63491

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402fe-af1-5b4e676133000"
Content-Length: 2801
Content-Type: image/jpeg

GET
H/1.1 200
OK 5.jpg
savingsbits.com/testo-pre/lp1files/ 2 KB
2 KB 127ms
127ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/5.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 30dc8c592841162540a6f3de56182236364abfa95cb53a79d8d32b2584b416e3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402ff-81c-5b4e676133000"
Content-Length: 2076
Content-Type: image/jpeg

GET
H/1.1 200
OK 7.jpg
savingsbits.com/testo-pre/lp1files/ 15 KB
16 KB 127ms
127ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/7.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 2a6591359695c30d05d6acaf70135ed64c5c39b0510b1c15679bdd980b019163

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "340300-3d5e-5b4e676133000"
Content-Length: 15710
Content-Type: image/jpeg

GET
H/1.1 200
OK 8.jpg
savingsbits.com/testo-pre/lp1files/ 15 KB
15 KB 123ms
123ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/8.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ce49b5272bd8fa81ee0e7d1dc59bf1fff14e1c88778e994293dbfc6d98a8468b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "340301-3c99-5b4e676133000"
Content-Length: 15513
Content-Type: image/jpeg

GET
H/1.1 200
OK 9.jpg
savingsbits.com/testo-pre/lp1files/ 3 KB
3 KB 126ms
125ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/9.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 63e32593da7fe7f29129d1debf0a8f90d128b0ed98ca4dcd02104bd003d0954c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "340302-aff-5b4e676133000"
Content-Length: 2815
Content-Type: image/jpeg

GET
H/1.1 200
OK 11.jpg
savingsbits.com/testo-pre/lp1files/ 49 KB
49 KB 128ms
127ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/11.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d03426e7e486577ef93965b083f2c1ea1dc30ceb60ed4b8cd4b0c2aba633af62

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402f0-c508-5b4e676133000"
Content-Length: 50440
Content-Type: image/jpeg

GET
H/1.1 200
OK 12.jpg
savingsbits.com/testo-pre/lp1files/ 2 KB
2 KB 127ms
126ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/12.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 6b1619861b1c3286ec1712a83ea5296da19b1fb8b461063ef1c082ac54e77f9f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402f1-613-5b4e676133000"
Content-Length: 1555
Content-Type: image/jpeg

GET
H/1.1 200
OK 14.jpg
savingsbits.com/testo-pre/lp1files/ 3 KB
3 KB 122ms
122ms Image
image/jpeg 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/lp1files/14.jpg
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 1f51926cfac4f128c5d23a09196e74b0ad4ed49cf65c317fdf57c7356f203f90

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "3402f2-acf-5b4e676133000"
Content-Length: 2767
Content-Type: image/jpeg

GET
H/1.1 200
OK rush-me.png
savingsbits.com/testo-pre/ 47 KB
47 KB 127ms
126ms Image
image/png 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsbits.com/testo-pre/rush-me.png
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4faa672e4ac911974ed42e67242c003a62fb79f0a9a8e1b238902ba5beafc6d9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:35 GMT
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "34030a-bcdf-5b4e676133000"
Content-Length: 48351
Content-Type: image/png

GET
H/1.1 200
OK pushinit_main.js Show response
savingsbits.com/ 3 KB
1 KB 123ms
122ms Script
text/javascript 52.54.72.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://savingsbits.com/pushinit_main.js
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.72.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-72-5.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 36485c268aa9aa0d57b6fec967d36a8750d11087532c07cf5de92bb938e62f83

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: savingsbits.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Cookie: PHPSESSID=a8ca3db17ec5d56e45379a37752da442
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 09:15:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2020 04:00:00 GMT
Server: Apache
ETag: "28089f-c12-5b4e676133000"
Vary: Accept-Encoding
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 1134

GET
H2 200 0a0f4551-df11-424e-9f97-c69ee7571c78.js Show response
static.bouncepilot.com/ 33 KB
34 KB 90ms
10ms Script
application/javascript 2600:9000:21f3:d000:10:b308:84c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bouncepilot.com/0a0f4551-df11-424e-9f97-c69ee7571c78.js
Requested by: Host: savingsbits.com
URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d000:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8a3efcf61c1c8a8e147616427e60fabbbe68fc0fab30c7bb0d221dd209bfd37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://savingsbits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 14:15:14 GMT
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
last-modified: Tue, 31 Aug 2021 13:26:05 GMT
server: AmazonS3
age: 103377
etag: "e8b3aa6892d89e7fa297cb215b41f227"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 33917
x-amz-cf-id: eMXAf9Pudsyfv9f7WqEehhzda_XW4S7ZrHF8ZJYzdIhVIlVcnGZckA==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lion's Den Scam (Online)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			savingsbits.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: a8ca3db17ec5d56e45379a37752da442

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://savingsbits.com/testo-pre/?sub1=19499&sub2=bahar&txid=de82253cac8447149470f56fdc191549 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
barahata.club
na10t1mpqcs3e152.page.link
s3.amazonaws.com
savingsbits.com
static.bouncepilot.com
www.incorport.com
173.255.248.174
198.187.29.143
2600:9000:21f3:d000:10:b308:84c0:93a1
2a00:1450:4001:803::200a
2a00:1450:4001:830::200e
52.217.89.246
52.54.72.5
0dae44c119bd4a75b753cfce24f15eada788ec54bdb9205fbd39f9c426d7612a
15586540c6e96c5da2053b81b68f9b9dd5be36c7e676df8fc008d101477e7cbb
1f51926cfac4f128c5d23a09196e74b0ad4ed49cf65c317fdf57c7356f203f90
2714176d43bab0725997695caf4850cd589eb67ae44b92e0f59d7e9c39baf297
2a6591359695c30d05d6acaf70135ed64c5c39b0510b1c15679bdd980b019163
2bba69be095d5007594fcc357cd0b71fb08d759ffaddf26a95059019563b0215
30dc8c592841162540a6f3de56182236364abfa95cb53a79d8d32b2584b416e3
36485c268aa9aa0d57b6fec967d36a8750d11087532c07cf5de92bb938e62f83
3affa02ffd3250c11807a7b946e0575c5d6abb0d0ba6c8e381e147ab65e7e691
3c57acc4f147013067ffd7968d84a9091e6dbf62006a07e389eb16873d3f111e
3deee6e24f4a7effb4f244606282fa6a1afff9c4af0c816a43c72507ff857fb3
3df2f81ce829dca0288cf1424b35ba2e0edf7840b3a177b707c13144001ec048
4faa672e4ac911974ed42e67242c003a62fb79f0a9a8e1b238902ba5beafc6d9
500204517921aa4828c63a6527b5656e9b608319fe7a6d0a25bb3b0d22e63491
5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1
63e32593da7fe7f29129d1debf0a8f90d128b0ed98ca4dcd02104bd003d0954c
6b1619861b1c3286ec1712a83ea5296da19b1fb8b461063ef1c082ac54e77f9f
6f00141a199798584a7b7cefb9735ed3f94dc3264d90bc45d6e934838d0da877
7c17dfcbea9291f6bbce3d58b2d4fc22b82cca9291729b226ae9e0962d953032
7e7406796a48e54ecb6b7c9c2a56c4e8eaf929972b779cfcdd0f07f2ff44c57d
8967e92030ed0a00a387102752bf579de79417622c50475757e360990096e5c3
8addec2b825e24811cf7349068289afc7395fc159e516d444f6beac4bb5a4e03
964ef4608c7fc1e6859569579a4e307600a47f9ed4a8effbb203052f946a2146
b824d023b911240543d7ebcdb49f04fd6c8bb5c829eb26d40dd5ee041d97d543
b8a3efcf61c1c8a8e147616427e60fabbbe68fc0fab30c7bb0d221dd209bfd37
c240d4adbbcf77e5722b5ee4440aeef98b1a3cd91d0ad39845a640a74ee56e6a
ce49b5272bd8fa81ee0e7d1dc59bf1fff14e1c88778e994293dbfc6d98a8468b
d03426e7e486577ef93965b083f2c1ea1dc30ceb60ed4b8cd4b0c2aba633af62
d72938478ae85283819a7268b6121f15efb9133e05d1d8cb792217e27fde5439
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e2f1a90f69ca86b41e6804b533d79117e4a03f1cf4b4879185168caa60b9b137
e49d49fa0edfd20965beabe908ff412f18947cf2983d4c1dbaa904016071cf7c
ef50a2352a00f8e07fb146c516b391c7ea3ad2b60e618d6a32de0dd644cff8b9

savingsbits.com Open in urlscan Pro 52.54.72.5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

43 %IPv6

7 Domains

7 Subdomains

4 IPs

2 Countries

785 kBTransfer

1074 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

savingsbits.com Open in urlscan Pro
52.54.72.5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

4
IPs

2
Countries

785 kB
Transfer

1074 kB
Size

1
Cookies

33 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!