Submitted URL: http://ms.yaysavings.com/view.asp?id=85061&d=&u=achiang@underarmour.com
Effective URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Submission: On April 15 via manual from RO

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 69 HTTP transactions.
The main IP is 23.250.10.187, located in Buffalo, United States and belongs to SERVER-MANIA - B2 Net Solutions Inc., CA. The main domain is www.yaysavings.com.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
1 1 23.229.88.50 55286 (SERVER-MANIA)
1 41 23.250.10.187 55286 (SERVER-MANIA)
4 2a00:1450:400... 15169 (GOOGLE)
9 2.19.35.64 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
69 10
Domain
Subdomains
Transfer
42 yaysavings.com
540 KB
9 cpnscdn.com
37 KB
6 doubleclick.net
161 B
5 facebook.net
62 KB
4 google-analytics.com
17 KB
4 googlesyndication.com
183 KB
2 facebook.com
0 B
2 google.de
280 B
2 google.com
354 B
1 googletagservices.com
29 KB
69 10
Domain Requested by
40 www.yaysavings.com 1 redirects www.yaysavings.com
9 cdn.cpnscdn.com www.yaysavings.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 connect.facebook.net 2 redirects www.yaysavings.com
connect.facebook.net
4 www.google-analytics.com 2 redirects www.yaysavings.com
4 pagead2.googlesyndication.com www.yaysavings.com
pagead2.googlesyndication.com
1 www.facebook.com connect.facebook.net
1 staticxx.facebook.com connect.facebook.net
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.google.de www.yaysavings.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 images.yaysavings.com www.yaysavings.com
1 ms.yaysavings.com 1 redirects
69 16

This site contains links to these domains. Also see Links.

Domain
twitter.com
facebook.com
yaysavings.com
go.redirectingat.com
images.yaysavings.com
www.jdoqocy.com
Subject / Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
www.google.de
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-03-08 -
2019-06-06
3 months
*.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months
*.g.doubleclick.net
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Web
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

69 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set 04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
/mystery
Redirect Chain
  • http://ms.yaysavings.com/view.asp?id=85061&d=&u=achiang@underarmour.com
  • http://www.yaysavings.com/mystery/04132019M?ed=04132019M&u=achiang@underarmour.com
  • http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
37 KB
37 KB
Document
General
Full URL
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
b587b46da7cba3bcd8d194fec11096ee765cb8889014d2f50f45d5d7cc1292aa

Request headers

Host
www.yaysavings.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html
Server
Microsoft-IIS/8.5
Set-Cookie
user=; path=/
Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Length
38152

Redirect headers

Cache-Control
private
Content-Type
text/html
Location
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Server
Microsoft-IIS/8.5
Set-Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; path=/
Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Length
217
fonts.css
/css
6 KB
829 B
Stylesheet
General
Full URL
http://www.yaysavings.com/css/fonts.css
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
21daf8bc87790fd7808ba1a6ae9b56b96cbbc82a4b60580f8b7c4d4557e06b37

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:18 GMT
Server
Microsoft-IIS/8.5
ETag
"013a2a73849d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
520
font-awesome.min.css
/css
23 KB
6 KB
Stylesheet
General
Full URL
http://www.yaysavings.com/css/font-awesome.min.css
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:18 GMT
Server
Microsoft-IIS/8.5
ETag
"013a2a73849d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
5388
desktop.css?id=39
/css
96 KB
15 KB
Stylesheet
General
Full URL
http://www.yaysavings.com/css/desktop.css?id=39
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
c0feca19f82b9104c53305695984fe8209a6216c092e6748792b6871302bb9ce

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Jan 2019 15:49:13 GMT
Server
Microsoft-IIS/8.5
ETag
"80e2f62f33b3d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
14833
jquery-1.11.2.min.js
/js
94 KB
33 KB
Script
General
Full URL
http://www.yaysavings.com/js/jquery-1.11.2.min.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:25 GMT
Server
Microsoft-IIS/8.5
ETag
"8030ceab3849d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
33367
yayfuncs.js?id=38
/js
14 KB
3 KB
Script
General
Full URL
http://www.yaysavings.com/js/yayfuncs.js?id=38
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
f64495e0111bce057d38696f5afd3da3fdd16a8b42ad764e64fb22a9f4fe2c32

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Mar 2019 20:11:59 GMT
Server
Microsoft-IIS/8.5
ETag
"801195da58d4d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
2277
main.js?id=38
/js
3 KB
1 KB
Script
General
Full URL
http://www.yaysavings.com/js/main.js?id=38
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
e983cbdb90422a80737ded8b12491f7a542f23947f0912959a8b5404671c80c9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:25 GMT
Server
Microsoft-IIS/8.5
ETag
"8030ceab3849d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
869
Verified iscroll.js
/js
49 KB
11 KB
Script
General
Full URL
http://www.yaysavings.com/js/iscroll.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
f7140a276af75852364eef880f13473fd4791455ba2cd650b7446e6562742a9d
Verified resource
iScroll/5.1.3/iscroll.js at cdnjs.com, project iScroll

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:25 GMT
Server
Microsoft-IIS/8.5
ETag
"8030ceab3849d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
11055
slidermenu.js
/js
310 B
587 B
Script
General
Full URL
http://www.yaysavings.com/js/slidermenu.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
0e46e836e07ed2da4337b7456c4493f182d53c82cd8560e79d59f2963a0b0d04

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:25 GMT
Server
Microsoft-IIS/8.5
ETag
"27cc5bac3849d41:0"
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
310
yaysearch.js
/js
3 KB
1 KB
Script
General
Full URL
http://www.yaysavings.com/js/yaysearch.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6ee461d0cc884de09affa4cd5016f609f77dfdc692b09caf9baed2a1849e58b9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:25 GMT
Server
Microsoft-IIS/8.5
ETag
"8030ceab3849d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
796
adshift-up.css
/css
660 B
922 B
Stylesheet
General
Full URL
http://www.yaysavings.com/css/adshift-up.css
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
948e7086e2122ef37b85878ee431256aaf6ac9bbf98be42d60d8b88e6ea65e1a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:18 GMT
Server
Microsoft-IIS/8.5
ETag
"d47e8a73849d41:0"
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
660
adshift-right.css
/css
286 B
549 B
Stylesheet
General
Full URL
http://www.yaysavings.com/css/adshift-right.css
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
d798a0d1469fed4046b817dce470c295831c324d61611e3293db8e2a5be55714

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:18 GMT
Server
Microsoft-IIS/8.5
ETag
"481ee1a73849d41:0"
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
286
yaylogo.png
/img
8 KB
8 KB
Image
General
Full URL
http://www.yaysavings.com/img/yaylogo.png
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
95eb8b07171b4fb73896d80550127489cfdba979eb4b4a4559322c27051e5437

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:23 GMT
Server
Microsoft-IIS/8.5
ETag
"3b6010ab3849d41:0"
Content-Type
image/png
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
7870
mobile.css?id=39
/css
73 KB
12 KB
Stylesheet
General
Full URL
http://www.yaysavings.com/css/mobile.css?id=39
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
889fbd24d6a87e78a08340d066281238836cf275288eb0767bf2803955fa2e96

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Feb 2019 19:37:53 GMT
Server
Microsoft-IIS/8.5
ETag
"807e659cd3c3d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
11680
yaysocial.js
/js
1 KB
1 KB
Script
General
Full URL
http://www.yaysavings.com/js/yaysocial.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6a184d7ff0a25d979ce2f3ceccc84925d940af0faca088a2ac4d9a2a08d18024

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:26 GMT
Server
Microsoft-IIS/8.5
ETag
"141a6aac3849d41:0"
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
1116
Adblocked adsbygoogle.js
pagead2.googlesyndication.com/pagead/js
83 KB
32 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
5a1f89963521560bcfee6323095cc269b47f5a8bc31fe04f17ed324ecb8028be
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
2212160089238031538
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
31911
X-XSS-Protection
0
Expires
Mon, 15 Apr 2019 13:27:51 GMT
oilchangecoupons.png
images.yaysavings.com/media
38 KB
38 KB
Image
General
Full URL
http://images.yaysavings.com/media/oilchangecoupons.png
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
2acd431729ea39a3b6426ccf23a18732f789ff1d1e3cfdac98ae0f129d81975a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
images.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 18:50:08 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"133f62183749d41:0"
Content-Length
38446
Content-Type
image/png
20685067.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/067
4 KB
5 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/067/20685067.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c918dcefc35f58b2eabc66ca3065c8ab15764fab39ae895e9fee84183e5ea73b

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
Last-Modified
Mon, 01 Apr 2019 07:03:41 GMT
X-Cdn
Served-By-Akamai
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=1359317
Connection
keep-alive
Content-Length
4484
Server
Akamai Image Manager
Expires
Wed, 01 May 2019 07:03:08 GMT
20705163.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/163
4 KB
4 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/163/20705163.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6a5ec699e27ee6eaf16c31a3d56c48a594666b8e31c786ce3776ccbcc5b4361a

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
Last-Modified
Mon, 01 Apr 2019 07:02:45 GMT
X-Cdn
Served-By-Akamai
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=1359400
Connection
keep-alive
Content-Length
4152
Server
Akamai Image Manager
Expires
Wed, 01 May 2019 07:04:31 GMT
20651185.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/185
3 KB
4 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/185/20651185.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c06a01b8c2c6f7f6483542825a780afc6a6eb4549a02fe7f95a4dfc3335eab8f

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
Last-Modified
Mon, 01 Apr 2019 07:03:46 GMT
X-Cdn
Served-By-Akamai
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=1359276
Connection
keep-alive
Content-Length
3302
Server
Akamai Image Manager
Expires
Wed, 01 May 2019 07:02:27 GMT
20683192.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/192
4 KB
5 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/192/20683192.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b6226f4773929af05f02045c6ab67b2d0868cf94c2fe13e94eb2793b51805cd5

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
X-Check-Cacheable
YES
X-Cdn
Served-By-Akamai
X-Serial
1052
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=2482394
Last-Modified
Sun, 14 Apr 2019 07:03:08 GMT
Connection
keep-alive
Content-Length
4442
X-Akamai-SSL-Client-Sid
r+N4TWq/tUccPh9n69q2ag==
Server
Akamai Image Manager
Expires
Tue, 14 May 2019 07:01:05 GMT
20672115.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/115
3 KB
3 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/115/20672115.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ed346d7e8e5587ef37bcb3625fe9fe2bbc6b54e20534ee43c7258b71512baf8e

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
X-Check-Cacheable
YES
X-Cdn
Served-By-Akamai
X-Serial
396
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=2482505
Last-Modified
Sun, 14 Apr 2019 07:04:38 GMT
Connection
keep-alive
Content-Length
3042
X-Akamai-SSL-Client-Sid
tEytov06GOfJGTjCpDZPGw==
Server
Akamai Image Manager
Expires
Tue, 14 May 2019 07:02:56 GMT
20749397.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/397
5 KB
5 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/397/20749397.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8ef6b2fc197ac7d4ea02085c7fddf6be55acf96da586bcf676304c7c8b866c5b

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
Last-Modified
Sun, 14 Apr 2019 07:05:06 GMT
X-Cdn
Served-By-Akamai
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=2482695
Connection
keep-alive
Content-Length
4660
Server
Akamai Image Manager
Expires
Tue, 14 May 2019 07:06:06 GMT
20753031.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/031
4 KB
4 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/031/20753031.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
82158cb11d8fa46216b33d0608e775ccbb306fb05d1a1eb75b71b9ac7fb5ad4e

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
X-Check-Cacheable
YES
X-Cdn
Served-By-Akamai
X-Serial
1464
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=2482538
Last-Modified
Sun, 14 Apr 2019 07:03:08 GMT
Connection
keep-alive
Content-Length
3760
X-Akamai-SSL-Client-Sid
V7BzkHxq50hUcBHGmcddzg==
Server
Akamai Image Manager
Expires
Tue, 14 May 2019 07:03:29 GMT
20752039.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/039
5 KB
5 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/039/20752039.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
21c01cf7f3b4c32952f6175eefc7beff566cea18028a2dab303357c7a7d8c5f0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
X-Check-Cacheable
YES
X-Cdn
Served-By-Akamai
X-Serial
1603
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=2482480
Last-Modified
Sun, 14 Apr 2019 07:03:07 GMT
Connection
keep-alive
Content-Length
4758
X-Akamai-SSL-Client-Sid
iGa19f68zKGLJgqunTN6VA==
Server
Akamai Image Manager
Expires
Tue, 14 May 2019 07:02:31 GMT
20696096.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/096
2 KB
2 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/096/20696096.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
61a75e8ef6e1d06c49289de470feb28bbbcaa94912945a19abbd2eb07c69af93

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
Last-Modified
Sun, 14 Apr 2019 07:03:07 GMT
Server
Akamai Image Manager
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=2482487
Connection
keep-alive
Content-Length
2038
X-Cdn
Served-By-Akamai
Expires
Tue, 14 May 2019 07:02:38 GMT
2.gif
/repo/logos/Large
2 KB
3 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/2.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
495272234cc9d89f03147f12f5e9e99cd43465b2a5bf10a9920fbb592590b4ab

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 18 Jan 2016 17:36:50 GMT
Server
Microsoft-IIS/8.5
ETag
"025d4cf1652d11:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
2483
1395.gif
/repo/logos/Large
4 KB
4 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/1395.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
ff49d1bb4a004ada5f1145b2da9e31998700f1f8b9928f28c8e2e293d2a8bd78

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Tue, 19 Aug 2014 02:44:12 GMT
Server
Microsoft-IIS/8.5
ETag
"026357557bbcf1:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
4299
1394.gif
/repo/logos/Large
686 B
949 B
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/1394.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
0c44c66031e7f438424a149dc400e36a3d8f841127269e0797f470571eae22bd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Sat, 20 Nov 2010 09:30:10 GMT
Server
Microsoft-IIS/8.5
ETag
"0fd9a869588cb1:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
686
1875.gif
/repo/logos/Large
2 KB
2 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/1875.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
8a783e0d06333f1fbd41a6b7041129cc4fa38ff03549e0c8eb6b5ec2da37f7e1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Tue, 02 Sep 2014 20:40:40 GMT
Server
Microsoft-IIS/8.5
ETag
"0547028eec6cf1:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
1886
8023.gif
/repo/logos/Large
3 KB
3 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/8023.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
f785875621bc27a38c907b7b7dcfab6eb73158516da0e395e3cec49b3e4bb04f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Sat, 20 Nov 2010 09:32:32 GMT
Server
Microsoft-IIS/8.5
ETag
"0783edb9588cb1:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
3225
1032.gif
/repo/logos/Large
2 KB
3 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/1032.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
535a0bdfea62c008a7ea2528ff456fa26d5864838cb10e31e47eb09f19293bf5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Thu, 25 Sep 2014 01:18:52 GMT
Server
Microsoft-IIS/8.5
ETag
"0e6bbaa5ed8cf1:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
2422
5634.gif
/repo/logos/Large
5 KB
5 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/5634.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
c7999e7234de4b3498d4e45da326ad873cc137e8dcc155091ebfb386d5cdc8e3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Tue, 13 Nov 2012 03:30:10 GMT
Server
Microsoft-IIS/8.5
ETag
"08d132f4fc1cd1:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
5304
35637.gif
/repo/logos/Large
11 KB
11 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/35637.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
4dab3d1b605a96763d2f0f93b443150e0a7d06879092df75149f373a61e42d01

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Sat, 06 Oct 2018 04:37:22 GMT
Server
Microsoft-IIS/8.5
ETag
"0adb5452e5dd41:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
11120
800070.gif
/repo/logos/Large
3 KB
3 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/800070.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
07114d89d8ef86c873de8051f82cda6965d5d295f9dc7d9eb8e6956cb1e9dfef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 01 Oct 2018 13:36:06 GMT
Server
Microsoft-IIS/8.5
ETag
"24f9cb48b59d41:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
2885
179.gif
/repo/logos/Large
2 KB
3 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/179.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
e0bc10ae079c8638fa382b46bbb9392234a1e0436c87bc336b331e333ef00edc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Sat, 20 Nov 2010 09:30:02 GMT
Server
Microsoft-IIS/8.5
ETag
"049d6819588cb1:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
2429
33930.gif
/repo/logos/Large
7 KB
7 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/33930.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6f9cf76f18e60c9624502a4f2b11a46ea4c64738ebde30c7bca3e4ec803644a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Thu, 21 Jun 2018 05:39:32 GMT
Server
Microsoft-IIS/8.5
ETag
"042c33a229d41:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
7053
4004.gif
/repo/logos/Large
3 KB
3 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/4004.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
af0e778d6b513711ff960a8654d96d90ba4629d48870fd70d672874aac4ab0f7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 26 Nov 2018 13:24:30 GMT
Server
Microsoft-IIS/8.5
ETag
"7488f95c8b85d41:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
2931
store-logo-banner.png
/img
32 KB
33 KB
Image
General
Full URL
http://www.yaysavings.com/img/store-logo-banner.png
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
03fe0818cc8beb1afc919d99806b1baeee24517f6ccf4c6093f280f41a4a86b7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:23 GMT
Server
Microsoft-IIS/8.5
ETag
"68c3f3aa3849d41:0"
Content-Type
image/png
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
33258
OpenSans-Semibold-webfont.woff2
/fonts
18 KB
18 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/OpenSans-Semibold-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
098e7ac0de17db2cabba259a1fada0ec31059515081c1a20d5074a46e6030ac4

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/fonts.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"554230a93849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
18384
Socialico-webfont.woff2
/fonts
18 KB
18 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/Socialico-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
7076e4b21ba41e2e1a010fdc7dcc0be7581d5e346607a885e8eaa2db462f8d22

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/fonts.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:21 GMT
Server
Microsoft-IIS/8.5
ETag
"88a788a93849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
18160
OpenSans-CondensedLight-webfont.woff2
/fonts
18 KB
19 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/OpenSans-CondensedLight-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
9d4cc0c1ea84b1247be95187311d7bb0f0d1485ee9c35066d9f814e4bf8bebbb

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/fonts.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"63cdfba83849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
18792
Verified fontawesome-webfont.woff2?v=4.3.0
/fonts
55 KB
56 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Verified resource
semantic-ui/2.0.8/themes/default/assets/fonts/icons.woff2 at cdnjs.com, project semantic-ui
font-awesome/4.3.0/fonts/fontawesome-webfont.woff2 at cdnjs.com, project font-awesome

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/font-awesome.min.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/font-awesome.min.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:19 GMT
Server
Microsoft-IIS/8.5
ETag
"df40aca83849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
56780
OpenSans-CondensedBold-webfont.woff2
/fonts
19 KB
19 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/OpenSans-CondensedBold-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
db5d26f32a5bd71c807e2bf85cb1f80e9e0c2232626f3682a6f1de422181167f

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/fonts.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"b7a7f4a83849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
19008
Adblocked analytics.js
www.google-analytics.com
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
6924
date
Mon, 15 Apr 2019 11:32:27 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Mon, 15 Apr 2019 13:32:27 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Adblocked collect?v=1&_v=j73&a=1654515689&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&ul=en-us&de=UTF-8&dt=Yay%20Savings%...
www.google-analytics.com
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j73&a=1654515689&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&ul=...
  • https://www.google-analytics.com/collect?v=1&_v=j73&a=1654515689&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&ul...
35 B
109 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j73&a=1654515689&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&ul=en-us&de=UTF-8&dt=Yay%20Savings%20Mystery%20Deal%20%7C%20Retail%20Shopping%20coupon%20codes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=914583099&gjid=676112888&cid=1597373796.1555334872&tid=UA-51514291-1&_gid=1232887453.1555334872&cd2=&cd4=&cd5=&cd6=&cd7=&cd8=not%20adblocked&z=680537427
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 04:35:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3228730
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j73&a=1654515689&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&ul=en-us&de=UTF-8&dt=Yay%20Savings%20Mystery%20Deal%20%7C%20Retail%20Shopping%20coupon%20codes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=914583099&gjid=676112888&cid=1597373796.1555334872&tid=UA-51514291-1&_gid=1232887453.1555334872&cd2=&cd4=&cd5=&cd6=&cd7=&cd8=not%20adblocked&z=680537427
Non-Authoritative-Reason
HSTS
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&_v=j73&z=1736483058&slf_rd=1&random=33384537
www.google.de/ads
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&gjid=676112888&_gid=1232887453.1555334872&_u=YGBAgAAB~&z=1736483058
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&_v=j73&z=1736483058
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&_v=j73&z=1736483058&slf_rd=1&random=33384537
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&_v=j73&z=1736483058&slf_rd=1&random=33384537
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Apr 2019 13:27:51 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Apr 2019 13:27:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&_v=j73&z=1736483058&slf_rd=1&random=33384537
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US
Redirect Chain
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cf82faab0f9349f97ba2e2897b16939988a61855924c731dab137cded2c37b5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
xYn04FfY20/8oZfRWzHxiQ==
status
200
date
Mon, 15 Apr 2019 13:27:51 GMT
vary
Accept-Encoding
content-length
1778
x-fb-debug
O/wT+9QrVoLVPojRUO/cUsBJ0mZkUX7Uq9aa0gd1PdoEEgLe57TEibtuR5qWd9pkGpLMv31DDS9O8oVxciGPFg==
x-fb-content-md5
d708cf66b0017b594273b0aa4058fa91
etag
"8ec08b3a6c6e1b7aca71ff8b92019673"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Apr 2019 13:42:46 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/sdk.js#xfbml=1&appId=1411597365791208&version=v2.0
Non-Authoritative-Reason
HSTS
all.js
connect.facebook.net/en_US
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
d85f367fac9e09487a3c2220a9151cf92e797c19240a4879046eaf17899526cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ul0Bpwe+Syzfdp520xzmpQ==
status
200
content-length
1779
x-fb-debug
uf4Z/+O+DaP0OEzen8YZb3MZXAYuK0GuLifQoFo5uPxS2IO8MCu5nnzS+7G2uPxEHeefY7vBJX7ZnM2M8EOH8A==
x-fb-content-md5
16e083a06053e35e8dfe3406a5aaea6e
x-frame-options
DENY
etag
"45221b68e96546b8ac71da6836971662"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Apr 2019 13:47:44 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason
HSTS
mystery-banner-bg.png
/img
49 KB
49 KB
Image
General
Full URL
http://www.yaysavings.com/img/mystery-banner-bg.png
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
060e9af4ab49efa35b793f1885ccef4ba5ccab365e375906b55dc020152dad6c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/css/desktop.css?id=39
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/css/desktop.css?id=39
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:22 GMT
Server
Microsoft-IIS/8.5
ETag
"d06585aa3849d41:0"
Content-Type
image/png
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
50362
mystery-deal-bg.png
/img
39 KB
40 KB
Image
General
Full URL
http://www.yaysavings.com/img/mystery-deal-bg.png
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
be154e0b585e54a440ab4b613ba6539aa49f32779cde36ce4b0ea56b7fb5567d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/css/desktop.css?id=39
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/css/desktop.css?id=39
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:22 GMT
Server
Microsoft-IIS/8.5
ETag
"d06585aa3849d41:0"
Content-Type
image/png
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
40369
Peralta-Regular-webfont.woff2
/fonts
31 KB
32 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/Peralta-Regular-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
b10e57d046623a792c76a107a8a2ddde6910c9bb78d70ac9f089f37006b92ff9

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/fonts.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"662d5ba93849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
32248
OpenSans-Bold-webfont.woff2
/fonts
18 KB
19 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/OpenSans-Bold-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
76e15b2ab5986f983b5c23f28f72bc6fdf0237979ea33618348c6e22ed5ae13e

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/fonts.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"993e1a83849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
18852
OpenSans-webfont.woff2
/fonts
18 KB
18 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/OpenSans-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
28254d0381f1ca30da97dc71124686cfaf60b42a0e25242fa1dd5d27fcf889fe

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/fonts.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"545743a93849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
18240
Adblocked integrator.js?domain=www.yaysavings.com
adservice.google.de/adsid
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.yaysavings.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:27:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
Adblocked integrator.js?domain=www.yaysavings.com
adservice.google.com/adsid
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.yaysavings.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:27:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
Adblocked show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190408/r20190131
202 KB
76 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6e33cd6f32d5cb012dd5174c71e7080a7285106255765f1ec698f07d66bfab9a
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
4700164009996688154
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
76985
X-XSS-Protection
0
Expires
Mon, 15 Apr 2019 13:27:52 GMT
Adblocked show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190408/r20190131
202 KB
76 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6e33cd6f32d5cb012dd5174c71e7080a7285106255765f1ec698f07d66bfab9a
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
4700164009996688154
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
76985
X-XSS-Protection
0
Expires
Mon, 15 Apr 2019 13:27:52 GMT
Adblocked ca-pub-2436759273537177.js
pagead2.googlesyndication.com/pub-config/r20160913
133 B
241 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-2436759273537177.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 12:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 14 Apr 2019 19:43:36 GMT
server
sffe
age
1679
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
125
x-xss-protection
0
expires
Tue, 16 Apr 2019 00:59:53 GMT
Adblocked zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190408/r20190131
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190408/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190408/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 08 Apr 2019 21:20:44 GMT
expires
Mon, 22 Apr 2019 21:20:44 GMT
content-type
text/html; charset=UTF-8
etag
3275482936266559025
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6909
x-xss-protection
0
cache-control
public, max-age=1209600
age
576428
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
sdk.js?hash=83bcac1a6e6199a915107ffcc3e2bb6e&ua=modern_es6
connect.facebook.net/en_US
193 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=83bcac1a6e6199a915107ffcc3e2bb6e&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
ce72c98c90bc39b9ce521fb481f2623326833e2a2c8d1f1bb3a5a38f8fda633a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Origin
http://www.yaysavings.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Sk/p1Lq4Z3cCSr6g2Wz+Pg==
status
200
date
Mon, 15 Apr 2019 13:27:52 GMT
vary
Accept-Encoding
content-length
58922
x-fb-debug
qM4yv2yECh2R/VfkGz5bq7mRG+iWWqne3D4Nrw0X5CQPXKVW2YyS217xcFOlvEk3xOJecJKIsLXyUNj1SZoPlQ==
x-fb-content-md5
84e88fcf424ce70e79dbad8924bb53e9
etag
"d74d008c0abcf32d0e639fa9855f484f"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Tue, 14 Apr 2020 11:33:06 GMT
Adblocked www.yaysavings.com&dtd=300
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=90&slotname=3301706841&adk=2211376183&adf=4223444940&w=720&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=720x90&url=...
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=90&slotname=3301706841&adk=2211376183&adf=4223444940&w=720&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=720x90&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&wgl=1&adsid=NT&dt=1555334872009&bpp=32&bdt=816&fdt=274&idt=270&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&correlator=4904471221678&frm=20&pv=2&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=8858346410&dssz=27&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=433&ady=162&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=1&uci=1.xhr6rlu487tu&fsb=1&xpc=oeMn4QX9AK&p=http%3A//www.yaysavings.com&dtd=300
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2436759273537177&output=html&h=90&slotname=3301706841&adk=2211376183&adf=4223444940&w=720&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=720x90&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&wgl=1&adsid=NT&dt=1555334872009&bpp=32&bdt=816&fdt=274&idt=270&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&correlator=4904471221678&frm=20&pv=2&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=8858346410&dssz=27&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=433&ady=162&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=1&uci=1.xhr6rlu487tu&fsb=1&xpc=oeMn4QX9AK&p=http%3A//www.yaysavings.com&dtd=300
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 15 Apr 2019 13:27:52 GMT
server
cafe
content-length
19806
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 15-Apr-2019 13:42:52 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Mon, 15 Apr 2019 13:27:52 GMT
cache-control
private
Adblocked osd.js?cb=%2Fr20100101
www.googletagservices.com/activeview/js/current
77 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
196f161c73eecca785b1c71f24e90c523c1db98defd202a544486b9a707c811d
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:27:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1554894788928095"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
29096
x-xss-protection
0
expires
Mon, 15 Apr 2019 13:27:52 GMT
Adblocked www.yaysavings.com&dtd=282
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=5933866044&adk=4105230550&adf=3261161656&w=300&lmt=1555334872&rafmt=11&guci=1.2.0.0.2.2.0.0&format=3...
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=5933866044&adk=4105230550&adf=3261161656&w=300&lmt=1555334872&rafmt=11&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&wgl=1&adsid=NT&dt=1555334872041&bpp=13&bdt=848&fdt=278&idt=238&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&rplot=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=973&ady=317&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1168&bc=7&ifi=2&uci=2.qtxg6x8j2cko&fsb=1&xpc=B1FR5qTDcB&p=http%3A//www.yaysavings.com&dtd=282
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=5933866044&adk=4105230550&adf=3261161656&w=300&lmt=1555334872&rafmt=11&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&wgl=1&adsid=NT&dt=1555334872041&bpp=13&bdt=848&fdt=278&idt=238&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&rplot=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=973&ady=317&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1168&bc=7&ifi=2&uci=2.qtxg6x8j2cko&fsb=1&xpc=B1FR5qTDcB&p=http%3A//www.yaysavings.com&dtd=282
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 15 Apr 2019 13:27:52 GMT
server
cafe
content-length
23611
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 15-Apr-2019 13:42:52 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Mon, 15 Apr 2019 13:27:52 GMT
cache-control
private
Adblocked www.yaysavings.com&dtd=269
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=7731906440&adk=2269268744&adf=324661547&w=300&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=300x250&url...
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=7731906440&adk=2269268744&adf=324661547&w=300&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1555334872071&bpp=9&bdt=878&fdt=266&idt=208&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90%2C300x250&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=804&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=3&uci=3.mp4a1ll14tub&fsb=1&xpc=mNjsvI9cBY&p=http%3A//www.yaysavings.com&dtd=269
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=7731906440&adk=2269268744&adf=324661547&w=300&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1555334872071&bpp=9&bdt=878&fdt=266&idt=208&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90%2C300x250&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=804&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=3&uci=3.mp4a1ll14tub&fsb=1&xpc=mNjsvI9cBY&p=http%3A//www.yaysavings.com&dtd=269
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 15 Apr 2019 13:27:52 GMT
server
cafe
content-length
2532
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 15-Apr-2019 13:42:52 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Mon, 15 Apr 2019 13:27:52 GMT
cache-control
private
Adblocked www.yaysavings.com&dtd=237
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=1685372847&adk=1527775730&adf=1339713215&w=300&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=300x250&ur...
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=1685372847&adk=1527775730&adf=1339713215&w=300&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1555334872129&bpp=33&bdt=936&fdt=233&idt=150&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90%2C300x250%2C300x250&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=1088&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=4&uci=4.5lcdcagso38c&fsb=1&xpc=3qREwhWgJM&p=http%3A//www.yaysavings.com&dtd=237
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=1685372847&adk=1527775730&adf=1339713215&w=300&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1555334872129&bpp=33&bdt=936&fdt=233&idt=150&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90%2C300x250%2C300x250&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=1088&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=4&uci=4.5lcdcagso38c&fsb=1&xpc=3qREwhWgJM&p=http%3A//www.yaysavings.com&dtd=237
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 15 Apr 2019 13:27:52 GMT
server
cafe
content-length
18296
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 15-Apr-2019 13:42:52 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Mon, 15 Apr 2019 13:27:52 GMT
cache-control
private
d_vbiawPdxB.js?version=44
staticxx.facebook.com/connect/xd_arbiter/r
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=83bcac1a6e6199a915107ffcc3e2bb6e&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sat, 11 Apr 2020 13:28:19 GMT
cache-control
public,max-age=31536000,immutable
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
x-fb-debug
I5cRW3HCyPmP9GF3J+x0nNNoQmvQVjU56zDbAC3u/4IU5rSHKs2XZZZYvEz4+q5/+regdTf1H40i/m/fapW1mA==
content-length
11033
date
Mon, 15 Apr 2019 13:27:52 GMT
Adblocked like.php?action=like&app_id=1411597365791208&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df2c9454753d6c7c%26domain%3Dwww.yaysavings....
www.facebook.com/v2.0/plugins
0
0
Document
General
Full URL
https://www.facebook.com/v2.0/plugins/like.php?action=like&app_id=1411597365791208&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df2c9454753d6c7c%26domain%3Dwww.yaysavings.com%26origin%3Dhttp%253A%252F%252Fwww.yaysavings.com%252Ff302a6ee99d9818%26relation%3Dparent.parent&container_width=85&href=https%3A%2F%2Fwww.facebook.com%2Fyaysavings%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=83bcac1a6e6199a915107ffcc3e2bb6e&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Blocked
Source: easylist, Type: annoyance (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.0/plugins/like.php?action=like&app_id=1411597365791208&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df2c9454753d6c7c%26domain%3Dwww.yaysavings.com%26origin%3Dhttp%253A%252F%252Fwww.yaysavings.com%252Ff302a6ee99d9818%26relation%3Dparent.parent&container_width=85&href=https%3A%2F%2Fwww.facebook.com%2Fyaysavings%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
facebook-api-version
v2.8
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
V7uM/3wfHlOeLzbAGzfQFH88bgXpZhqDIwDseI3oS8lkpL7FDtxrJSZVb0aFJqAtwANNeROEWJORvDytzj4Umg==
date
Mon, 15 Apr 2019 13:27:53 GMT
Cookie set nag.asp
/modals
2 KB
2 KB
XHR
General
Full URL
http://www.yaysavings.com/modals/nag.asp
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/js/jquery-1.11.2.min.js
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
27720c93874976cfc9186a04d547ebd8ff6b367e83caa8694aa86edc36767b26

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Cache-Control
no-cache
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:58 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
Set-Cookie
ASPSESSIONIDASTBTDBB=ODNGBPDAKPKANHOHCLGNLJCM; path=/
Content-Length
2142
Content-Type
text/html

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://ms.yaysavings.com/view.asp?id=85061&d=&u=achiang@underarmour.com
  • http://www.yaysavings.com/mystery/04132019M?ed=04132019M&u=achiang@underarmour.com
  • http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Request 44
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
Request 45
  • http://www.google-analytics.com/collect?v=1&_v=j73&a=1654515689&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&ul=...
  • https://www.google-analytics.com/collect?v=1&_v=j73&a=1654515689&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&ul...
Request 46
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&gjid=676112888&_gid=1232887453.1555334872&_u=YGBAgAAB~&z=1736483058
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&_v=j73&z=1736483058
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&_v=j73&z=1736483058&slf_rd=1&random=33384537
Request 47
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
Request 48
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery boolean| nagModalOpen function| openStoreName function| openSearch function| closeModal function| showCouponModal function| loadModalPage function| loadModal function| showSignup function| showThanks function| reloadModal function| doFlip function| updateQueryStringParameter function| connectEmail function| rejoinEmail function| connectEmailLanding function| connectFacebook function| connectFacebookLanding function| hideWhoopsies function| showWhoopsies function| writeAdSense function| isMobile function| block_size function| block_size_infeed function| IScroll object| myScroll function| loaded undefined| yaySearchSelectedDiv function| selectSearchDiv function| deSelectSearchDiv function| initSearchDivs function| lookup function| lookup2 string| is_adblocked object| testAd string| dimensionValue string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| new_Share function| fbAsyncInit string| google_ad_client string| google_ad_slot number| screen_width boolean| is_desktop object| s_result object| google_ad_size object| adsbygoogle function| mysteryFlip string| desktop_code object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars object| FB function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

7 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmnyK6GJOxS6tDJC9mXf9j5AHTwa1KwEvd8Jfo9jnjFK69ncDQJe_5qxT53
www.yaysavings.com/ Name: ASPSESSIONIDASTBTDBB
Value: KCNGBPDAPPNKFKJBCOMCNPOG
.yaysavings.com/ Name: _gat
Value: 1
.yaysavings.com/ Name: _gid
Value: GA1.2.1232887453.1555334872
.yaysavings.com/ Name: _ga
Value: GA1.2.1597373796.1555334872
www.yaysavings.com/ Name: user
Value:

1 Console Messages

Source Level URL
Text
console-api log URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20, Line 155, Column13
Message:
AdBlock Enabled?

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

adservice.google.com
adservice.google.de
cdn.cpnscdn.com
connect.facebook.net
googleads.g.doubleclick.net
images.yaysavings.com
ms.yaysavings.com
pagead2.googlesyndication.com
staticxx.facebook.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.yaysavings.com


2.19.35.64
23.229.88.50
23.250.10.187
2a00:1450:4001:806::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:817::2002
2a00:1450:4001:819::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::200e
2a00:1450:400c:c08::9d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de

03fe0818cc8beb1afc919d99806b1baeee24517f6ccf4c6093f280f41a4a86b7
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
060e9af4ab49efa35b793f1885ccef4ba5ccab365e375906b55dc020152dad6c
07114d89d8ef86c873de8051f82cda6965d5d295f9dc7d9eb8e6956cb1e9dfef
098e7ac0de17db2cabba259a1fada0ec31059515081c1a20d5074a46e6030ac4
0c44c66031e7f438424a149dc400e36a3d8f841127269e0797f470571eae22bd
0e46e836e07ed2da4337b7456c4493f182d53c82cd8560e79d59f2963a0b0d04
196f161c73eecca785b1c71f24e90c523c1db98defd202a544486b9a707c811d
21c01cf7f3b4c32952f6175eefc7beff566cea18028a2dab303357c7a7d8c5f0
21daf8bc87790fd7808ba1a6ae9b56b96cbbc82a4b60580f8b7c4d4557e06b37
222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7
27720c93874976cfc9186a04d547ebd8ff6b367e83caa8694aa86edc36767b26
28254d0381f1ca30da97dc71124686cfaf60b42a0e25242fa1dd5d27fcf889fe
2acd431729ea39a3b6426ccf23a18732f789ff1d1e3cfdac98ae0f129d81975a
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
495272234cc9d89f03147f12f5e9e99cd43465b2a5bf10a9920fbb592590b4ab
4dab3d1b605a96763d2f0f93b443150e0a7d06879092df75149f373a61e42d01
535a0bdfea62c008a7ea2528ff456fa26d5864838cb10e31e47eb09f19293bf5
5a1f89963521560bcfee6323095cc269b47f5a8bc31fe04f17ed324ecb8028be
61a75e8ef6e1d06c49289de470feb28bbbcaa94912945a19abbd2eb07c69af93
6a184d7ff0a25d979ce2f3ceccc84925d940af0faca088a2ac4d9a2a08d18024
6a5ec699e27ee6eaf16c31a3d56c48a594666b8e31c786ce3776ccbcc5b4361a
6e33cd6f32d5cb012dd5174c71e7080a7285106255765f1ec698f07d66bfab9a
6ee461d0cc884de09affa4cd5016f609f77dfdc692b09caf9baed2a1849e58b9
6f9cf76f18e60c9624502a4f2b11a46ea4c64738ebde30c7bca3e4ec803644a3
7076e4b21ba41e2e1a010fdc7dcc0be7581d5e346607a885e8eaa2db462f8d22
76e15b2ab5986f983b5c23f28f72bc6fdf0237979ea33618348c6e22ed5ae13e
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
82158cb11d8fa46216b33d0608e775ccbb306fb05d1a1eb75b71b9ac7fb5ad4e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
889fbd24d6a87e78a08340d066281238836cf275288eb0767bf2803955fa2e96
8a783e0d06333f1fbd41a6b7041129cc4fa38ff03549e0c8eb6b5ec2da37f7e1
8ef6b2fc197ac7d4ea02085c7fddf6be55acf96da586bcf676304c7c8b866c5b
948e7086e2122ef37b85878ee431256aaf6ac9bbf98be42d60d8b88e6ea65e1a
95eb8b07171b4fb73896d80550127489cfdba979eb4b4a4559322c27051e5437
9d4cc0c1ea84b1247be95187311d7bb0f0d1485ee9c35066d9f814e4bf8bebbb
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
af0e778d6b513711ff960a8654d96d90ba4629d48870fd70d672874aac4ab0f7
b10e57d046623a792c76a107a8a2ddde6910c9bb78d70ac9f089f37006b92ff9
b587b46da7cba3bcd8d194fec11096ee765cb8889014d2f50f45d5d7cc1292aa
b6226f4773929af05f02045c6ab67b2d0868cf94c2fe13e94eb2793b51805cd5
be154e0b585e54a440ab4b613ba6539aa49f32779cde36ce4b0ea56b7fb5567d
c06a01b8c2c6f7f6483542825a780afc6a6eb4549a02fe7f95a4dfc3335eab8f
c0feca19f82b9104c53305695984fe8209a6216c092e6748792b6871302bb9ce
c7999e7234de4b3498d4e45da326ad873cc137e8dcc155091ebfb386d5cdc8e3
c918dcefc35f58b2eabc66ca3065c8ab15764fab39ae895e9fee84183e5ea73b
ce72c98c90bc39b9ce521fb481f2623326833e2a2c8d1f1bb3a5a38f8fda633a
cf82faab0f9349f97ba2e2897b16939988a61855924c731dab137cded2c37b5e
d798a0d1469fed4046b817dce470c295831c324d61611e3293db8e2a5be55714
d85f367fac9e09487a3c2220a9151cf92e797c19240a4879046eaf17899526cc
db5d26f32a5bd71c807e2bf85cb1f80e9e0c2232626f3682a6f1de422181167f
e0bc10ae079c8638fa382b46bbb9392234a1e0436c87bc336b331e333ef00edc
e983cbdb90422a80737ded8b12491f7a542f23947f0912959a8b5404671c80c9
ed346d7e8e5587ef37bcb3625fe9fe2bbc6b54e20534ee43c7258b71512baf8e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f64495e0111bce057d38696f5afd3da3fdd16a8b42ad764e64fb22a9f4fe2c32
f7140a276af75852364eef880f13473fd4791455ba2cd650b7446e6562742a9d
f785875621bc27a38c907b7b7dcfab6eb73158516da0e395e3cec49b3e4bb04f
ff49d1bb4a004ada5f1145b2da9e31998700f1f8b9928f28c8e2e293d2a8bd78