savingsnow.org Open in urlscan Pro
2606:4700:3031::ac43:aec3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://savingsnow.org/
Effective URL:
https://savingsnow.org/subscribe
Submission: On August 04 via automatic, source certstream-suspicious (August 4th 2024, 11:49:59 am UTC) — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3031::ac43:aec3, located in United States and belongs to CLOUDFLARENET, US. The main domain is savingsnow.org.
TLS certificate: Issued by WE1 on July 30th 2024. Valid for: 3 months.

This is the only time savingsnow.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2606:4700:303... 2606:4700:3031::ac43:aec3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
17	6

10 2606:4700:3031::ac43:aec3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

savingsnow.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	savingsnow.org 1 redirects savingsnow.org	579 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	92 KB
1	gstatic.com fonts.gstatic.com	22 KB
17	5

	Domain	Requested by
10	savingsnow.org	1 redirects savingsnow.org
3	fonts.googleapis.com	savingsnow.org
2	www.google-analytics.com	savingsnow.org www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
17	6

This site contains no links.

Subject Issuer	Validity	Valid
savingsnow.org WE1	`2024-07-30` - `2024-10-28`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://savingsnow.org/subscribe
Frame ID: 071AB4436709B044E64066F08DA87BC1
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Savings Collaborative

Page URL History Show full URLs

https://savingsnow.org/ HTTP 301
https://savingsnow.org/subscribe Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

17
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

717 kB
Transfer

3371 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://savingsnow.org/ HTTP 301
https://savingsnow.org/subscribe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request subscribe Show response
savingsnow.org/
Redirect Chain

https://savingsnow.org/
https://savingsnow.org/subscribe

395 KB
52 KB

589ms
588ms

Document
text/html

2606:4700:3031::ac43:aec3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://savingsnow.org/subscribe

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:aec3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a23300058bd33857cf0806bf0f3c1c753dd1974c27a450cccc176becdc4a9645

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ade539dcd679bd0-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 04 Aug 2024 11:49:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FWF91NFTG5LgoK8yur8QxpjFDBwM6s8qMLAwsFXUIERwDiJtd%2BW9p8fNGpzaJBsFAQHnmQZIlYXTaFQeBfqL2O3XAYTRBcLdFZnUi%2BcrBaQVrvN4yO64JOhG6kcA2XxTRfSlv8Rmc5rmUav63w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=3600
cf-ray: 8ade539d9d239bd0-FRA
content-length: 167
content-type: text/html
date: Sun, 04 Aug 2024 11:49:52 GMT
expires: Sun, 04 Aug 2024 12:49:52 GMT
location: /subscribe
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AeSNwqMgwbAmQ0pZD0IiMYiJgfjWGaeSYVukv%2BpV1lBDeFAJ0CxR3fKYMOpSgr4J4PlIuTuWQTnQizpzWg46yn53nYOKpPhbEYoSchzicG57U58xW1BFId40F38wrlaMN%2BLiisgq37%2FBdGCJDw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 client.ff62a1c7.js Show response
savingsnow.org/assets/ 2 MB
356 KB 1160ms
1159ms Script
application/javascript 2606:4700:3031::ac43:aec3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://savingsnow.org/assets/client.ff62a1c7.js
Requested by: Host: savingsnow.org
URL: https://savingsnow.org/subscribe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:aec3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 65b00f125302e5c03a145c24926ddd5ece97d0cec0eb706f1f29a2539d6abac8

Request headers

Referer: https://savingsnow.org/subscribe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 11:49:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Jul 2024 16:15:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1f7465-190eaad7290"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D3zK2Nf92rNy612HRcY%2FNQCQCF9kLI%2B1sC5Ad3OSGIQPznYQQhCkl6aXWW7oBMS7sjI0eNO%2FJ3FMTzCle5Zlqfc7wj3stp45UN9IC23mZgsslqApcBgTV4EG%2FH%2BN%2FYmFmXxxptviXusSvnIJNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 8ade53a1bae59bd0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 welcome.67dec218.chunk.js Show response
savingsnow.org/assets/ 423 KB
109 KB 943ms
942ms Script
application/javascript 2606:4700:3031::ac43:aec3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://savingsnow.org/assets/welcome.67dec218.chunk.js
Requested by: Host: savingsnow.org
URL: https://savingsnow.org/subscribe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:aec3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b1db8f930206ecb40bf200fbc5c963b1ecb89201a1bb5331fb089e3b23da6cb9

Request headers

Referer: https://savingsnow.org/subscribe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 11:49:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Jul 2024 16:15:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"69a5d-190eaad7290"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2F6UQEPsxw9YgWct2hqXa7QsEsp2sp3wdtapG7JEeeqauAS0n%2FpIMO5M2TBa2y%2FXf940q%2F78wSt3gAMGnWQ8gjOjDfh53mZFL%2B5UKZmhS3w9E39q6lgSz5dtQelRfQZHXX6Lykh45n2z8LQQNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 8ade53a1baf39bd0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
628 B 85ms
32ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: savingsnow.org
URL: https://savingsnow.org/subscribe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdbcbb6ab7680b6f7ee6f09ff2a54b0e8e3eb6e758efb1c0a7fe5e71fb0da118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://savingsnow.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Aug 2024 11:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Aug 2024 11:12:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Aug 2024 11:49:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
802 B 84ms
31ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Host: savingsnow.org
URL: https://savingsnow.org/subscribe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d54b3be3b60db5c05b4699f9849d0ec974d10b48845b0749cabf4b5a045b7d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://savingsnow.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Aug 2024 11:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Aug 2024 11:05:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Aug 2024 11:49:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
823 B 83ms
30ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,500

Requested by

Host: savingsnow.org
URL: https://savingsnow.org/subscribe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ed7bd79d1c75d21e6744f8bcc4d30d9951301404b0526ca8b26d69a0eaf6b15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://savingsnow.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Aug 2024 11:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Aug 2024 11:42:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Aug 2024 11:49:53 GMT

GET
H3 200 8ee45e80.png
savingsnow.org/assets/ 14 KB
15 KB 589ms
589ms Image
image/png 2606:4700:3031::ac43:aec3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsnow.org/assets/8ee45e80.png
Requested by: Host: savingsnow.org
URL: https://savingsnow.org/subscribe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:aec3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5596c5db6ee9dced3ffac9090b4e5144374f4d1d39d5e9f3cb1664e69e1b477d

Request headers

Referer: https://savingsnow.org/subscribe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 11:49:54 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jul 2024 16:15:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3854-190eaad7290"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4JpmjoG3WvlY5Ql5zDY8LrYhKo8RwkeB7CApgwrYcr5IffDkoo91cxwLm75mjz5L47PJUy7myxLLxhIAWTwQK92zhGtFW9o4RaFdCZSK4ue%2BkgQvroak%2BVEX8Q144Cnlw0jwFHDBi8Wgnt62bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8ade53a21b699bd0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14420

GET
H3 200 e635e330.svg
savingsnow.org/assets/ 2 KB
1 KB 517ms
517ms Image
image/svg+xml 2606:4700:3031::ac43:aec3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savingsnow.org/assets/e635e330.svg
Requested by: Host: savingsnow.org
URL: https://savingsnow.org/subscribe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:aec3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5b36be1078bf9ca26afafa557ccef83da254803906faf4903c963166fe8771c5

Request headers

Referer: https://savingsnow.org/subscribe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 11:49:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Jul 2024 16:15:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"8b9-190eaad7290"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IoxeTPwYG0AYnPDBlBLatV60IBshqtb1pG0ccchFaJ1F705PGNynFqtKm%2Fc%2F0JKxl%2BiNIuFd7%2BPnO5OD2l8PELLJCP2OCCxLDhgmkfuEwBih3eLDeG0d2UgloxWZXcpON1e7t0RDZg8OSyotwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 8ade53a21b6c9bd0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 22 KB
22 KB 70ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://savingsnow.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:41:54 GMT
x-content-type-options: nosniff
age: 421679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22432
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 14:41:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: savingsnow.org
URL: https://savingsnow.org/subscribe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://savingsnow.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Aug 2024 11:15:05 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2088
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 04 Aug 2024 13:15:05 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
220 B 28ms
27ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1248557902&t=pageview&_s=1&dl=https%3A%2F%2Fsavingsnow.org%2Fsubscribe&ul=de-de&de=UTF-8&dt=Savings%20Collaborative&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=7683052&gjid=1364916022&cid=1500593884.1722772195&tid=UA-121780832-1&_gid=878058664.1722772195&_r=1&_slc=1&z=1374616030

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

64aaecb65eac88338e552438e51e606dd37a687065489993eaa29deba3c8a039

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://savingsnow.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 11:49:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://savingsnow.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
92 KB 91ms
41ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-62GT3TDT3W&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a618214835003815605cd5eef72928fde08a5a4437dc232ca8b99c01bb1aa59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://savingsnow.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 11:49:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93810
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Aug 2024 11:49:55 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 80ms
30ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-62GT3TDT3W&gtm=45je47v0v9124266624za200&_p=1722772195108&gcd=13l3l3l2l2&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250752&ul=de-de&sr=1600x1200&cid=1500593884.1722772195&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fsavingsnow.org%2Fsubscribe&dt=Savings%20Collaborative&sid=1722772195&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2433
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-62GT3TDT3W&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://savingsnow.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 11:49:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://savingsnow.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 app-icon.png
savingsnow.org/ 45 KB
46 KB 685ms
685ms Other
image/png 2606:4700:3031::ac43:aec3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://savingsnow.org/app-icon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:aec3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b9f77d7f997b702fe786e271cafbf8864534355d443b73822495f3a9b483c34f

Request headers

Referer: https://savingsnow.org/subscribe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 11:49:55 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jul 2024 16:15:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"b4db-190eaad18b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=neTwSW6EKJv3nHFdJYDG7zpD1JvGzAS2RufCKlSfA%2F1eIC3bml7wfNghTHjTMoO8sCnkELv1Zo%2FJFQYoMOcxAjt14rj9%2FAfJdhfTf4Cgm%2Ba66dhG%2Fp0XxEHvt5Lr%2BIvYBSgZ7xXoXadKyBjzDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8ade53ac8a8e9bd0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 46299

GET
H3 200 app-icon.png
savingsnow.org/ 45 KB
0 0ms
0ms Other
image/png 2606:4700:3031::ac43:aec3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://savingsnow.org/app-icon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:aec3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b9f77d7f997b702fe786e271cafbf8864534355d443b73822495f3a9b483c34f

Request headers

Referer: https://savingsnow.org/subscribe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 11:49:55 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jul 2024 16:15:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"b4db-190eaad18b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=neTwSW6EKJv3nHFdJYDG7zpD1JvGzAS2RufCKlSfA%2F1eIC3bml7wfNghTHjTMoO8sCnkELv1Zo%2FJFQYoMOcxAjt14rj9%2FAfJdhfTf4Cgm%2Ba66dhG%2Fp0XxEHvt5Lr%2BIvYBSgZ7xXoXadKyBjzDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8ade53ac8a8e9bd0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 46299

GET
H3 200 app-icon.png
savingsnow.org/ 45 KB
0 0ms
0ms Other
image/png 2606:4700:3031::ac43:aec3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://savingsnow.org/app-icon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:aec3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b9f77d7f997b702fe786e271cafbf8864534355d443b73822495f3a9b483c34f

Request headers

Referer: https://savingsnow.org/subscribe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 11:49:55 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jul 2024 16:15:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"b4db-190eaad18b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=neTwSW6EKJv3nHFdJYDG7zpD1JvGzAS2RufCKlSfA%2F1eIC3bml7wfNghTHjTMoO8sCnkELv1Zo%2FJFQYoMOcxAjt14rj9%2FAfJdhfTf4Cgm%2Ba66dhG%2Fp0XxEHvt5Lr%2BIvYBSgZ7xXoXadKyBjzDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8ade53ac8a8e9bd0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 46299

GET
H3 200 app-icon.png
savingsnow.org/ 45 KB
0 0ms
0ms Other
image/png 2606:4700:3031::ac43:aec3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://savingsnow.org/app-icon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:aec3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b9f77d7f997b702fe786e271cafbf8864534355d443b73822495f3a9b483c34f

Request headers

Referer: https://savingsnow.org/subscribe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 11:49:55 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jul 2024 16:15:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"b4db-190eaad18b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=neTwSW6EKJv3nHFdJYDG7zpD1JvGzAS2RufCKlSfA%2F1eIC3bml7wfNghTHjTMoO8sCnkELv1Zo%2FJFQYoMOcxAjt14rj9%2FAfJdhfTf4Cgm%2Ba66dhG%2Fp0XxEHvt5Lr%2BIvYBSgZ7xXoXadKyBjzDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8ade53ac8a8e9bd0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 46299

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
savingsnow.org/	1970-01-21 08:08:52	Name: lang Value: es-MX
.savingsnow.org/	1970-01-21 08:08:52	Name: _ga Value: GA1.2.1500593884.1722772195
.savingsnow.org/	1970-01-20 22:34:18	Name: _gid Value: GA1.2.878058664.1722772195
.savingsnow.org/	1970-01-20 22:32:52	Name: _gat Value: 1
.savingsnow.org/	1970-01-21 08:08:52	Name: _ga_62GT3TDT3W Value: GS1.2.1722772195.1.0.1722772195.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
savingsnow.org
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:34::36
2606:4700:3031::ac43:aec3
2a00:1450:4001:800::200a
2a00:1450:4001:802::2008
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200e
1d54b3be3b60db5c05b4699f9849d0ec974d10b48845b0749cabf4b5a045b7d5
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c
5596c5db6ee9dced3ffac9090b4e5144374f4d1d39d5e9f3cb1664e69e1b477d
5b36be1078bf9ca26afafa557ccef83da254803906faf4903c963166fe8771c5
64aaecb65eac88338e552438e51e606dd37a687065489993eaa29deba3c8a039
65b00f125302e5c03a145c24926ddd5ece97d0cec0eb706f1f29a2539d6abac8
9ed7bd79d1c75d21e6744f8bcc4d30d9951301404b0526ca8b26d69a0eaf6b15
a23300058bd33857cf0806bf0f3c1c753dd1974c27a450cccc176becdc4a9645
a618214835003815605cd5eef72928fde08a5a4437dc232ca8b99c01bb1aa59e
b1db8f930206ecb40bf200fbc5c963b1ecb89201a1bb5331fb089e3b23da6cb9
b9f77d7f997b702fe786e271cafbf8864534355d443b73822495f3a9b483c34f
cdbcbb6ab7680b6f7ee6f09ff2a54b0e8e3eb6e758efb1c0a7fe5e71fb0da118
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

savingsnow.org Open in urlscan Pro 2606:4700:3031::ac43:aec3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

100 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

717 kBTransfer

3371 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

savingsnow.org Open in urlscan Pro
2606:4700:3031::ac43:aec3 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

717 kB
Transfer

3371 kB
Size

5
Cookies

17 HTTP transactions
0 data transactions