Submitted URL: http://ms.yaysavings.com/view.asp?id=85061&d=&u=achiang@underarmour.com
Effective URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Submission: On April 15 via manual from RO

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 69 HTTP transactions. The main IP is 23.250.10.187, located in Buffalo, United States and belongs to SERVER-MANIA - B2 Net Solutions Inc., CA. The main domain is www.yaysavings.com.
This is the only time www.yaysavings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.229.88.50 55286 (SERVER-MANIA)
1 41 23.250.10.187 55286 (SERVER-MANIA)
4 2a00:1450:400... 15169 (GOOGLE)
9 2.19.35.64 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
69 10
Domain Requested by
40 www.yaysavings.com 1 redirects www.yaysavings.com
9 cdn.cpnscdn.com www.yaysavings.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com www.yaysavings.com
pagead2.googlesyndication.com
3 connect.facebook.net www.yaysavings.com
connect.facebook.net
2 www.google-analytics.com www.yaysavings.com
1 www.facebook.com connect.facebook.net
1 staticxx.facebook.com connect.facebook.net
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.google.de www.yaysavings.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 images.yaysavings.com www.yaysavings.com
1 ms.yaysavings.com 1 redirects
69 16

This site contains links to these domains. Also see Links.

Domain
twitter.com
facebook.com
yaysavings.com
go.redirectingat.com
images.yaysavings.com
www.jdoqocy.com
Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
www.google.de
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-03-08 -
2019-06-06
3 months crt.sh
*.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh

This page contains 9 frames:

Primary Page: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Frame ID: 3665FF90E04119E864AD02C8156030FD
Requests: 61 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Frame ID: C59480122670B3BB0AF5F27151743305
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190408/r20190131/zrt_lookup.html
Frame ID: 7F39CA1C2B1BEAA4EF63868BA4E8F199
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=90&slotname=3301706841&adk=2211376183&adf=4223444940&w=720&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=720x90&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&wgl=1&adsid=NT&dt=1555334872009&bpp=32&bdt=816&fdt=274&idt=270&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&correlator=4904471221678&frm=20&pv=2&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=8858346410&dssz=27&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=433&ady=162&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=1&uci=1.xhr6rlu487tu&fsb=1&xpc=oeMn4QX9AK&p=http%3A//www.yaysavings.com&dtd=300
Frame ID: B3F1135F18902E4A71278FCCCA535694
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=5933866044&adk=4105230550&adf=3261161656&w=300&lmt=1555334872&rafmt=11&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&wgl=1&adsid=NT&dt=1555334872041&bpp=13&bdt=848&fdt=278&idt=238&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&rplot=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=973&ady=317&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1168&bc=7&ifi=2&uci=2.qtxg6x8j2cko&fsb=1&xpc=B1FR5qTDcB&p=http%3A//www.yaysavings.com&dtd=282
Frame ID: A00F1110267BDBDC3B6A23CD973798AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=7731906440&adk=2269268744&adf=324661547&w=300&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1555334872071&bpp=9&bdt=878&fdt=266&idt=208&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90%2C300x250&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=804&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=3&uci=3.mp4a1ll14tub&fsb=1&xpc=mNjsvI9cBY&p=http%3A//www.yaysavings.com&dtd=269
Frame ID: 82E2A15B9C05C21F3F8504FFB89912ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=1685372847&adk=1527775730&adf=1339713215&w=300&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1555334872129&bpp=33&bdt=936&fdt=233&idt=150&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90%2C300x250%2C300x250&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=1088&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=4&uci=4.5lcdcagso38c&fsb=1&xpc=3qREwhWgJM&p=http%3A//www.yaysavings.com&dtd=237
Frame ID: 180A06EDB2DD4F602A9238B38FDEC5FB
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: C4EF470B6F0EB70D5A74DA6E2B23367A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?action=like&app_id=1411597365791208&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df2c9454753d6c7c%26domain%3Dwww.yaysavings.com%26origin%3Dhttp%253A%252F%252Fwww.yaysavings.com%252Ff302a6ee99d9818%26relation%3Dparent.parent&container_width=85&href=https%3A%2F%2Fwww.facebook.com%2Fyaysavings%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: 08343D5E90FC7C1C32AA805A87A1C377
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://ms.yaysavings.com/view.asp?id=85061&d=&u=achiang@underarmour.com HTTP 302
    http://www.yaysavings.com/mystery/04132019M?ed=04132019M&u=achiang@underarmour.com HTTP 302
    http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

69
Requests

25 %
HTTPS

77 %
IPv6

10
Domains

16
Subdomains

10
IPs

3
Countries

867 kB
Transfer

1652 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ms.yaysavings.com/view.asp?id=85061&d=&u=achiang@underarmour.com HTTP 302
    http://www.yaysavings.com/mystery/04132019M?ed=04132019M&u=achiang@underarmour.com HTTP 302
    http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 44
  • http://www.google-analytics.com/collect?v=1&_v=j73&a=1654515689&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&ul=en-us&de=UTF-8&dt=Yay%20Savings%20Mystery%20Deal%20%7C%20Retail%20Shopping%20coupon%20codes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=914583099&gjid=676112888&cid=1597373796.1555334872&tid=UA-51514291-1&_gid=1232887453.1555334872&cd2=&cd4=&cd5=&cd6=&cd7=&cd8=not%20adblocked&z=680537427 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j73&a=1654515689&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&ul=en-us&de=UTF-8&dt=Yay%20Savings%20Mystery%20Deal%20%7C%20Retail%20Shopping%20coupon%20codes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=914583099&gjid=676112888&cid=1597373796.1555334872&tid=UA-51514291-1&_gid=1232887453.1555334872&cd2=&cd4=&cd5=&cd6=&cd7=&cd8=not%20adblocked&z=680537427
Request Chain 45
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&gjid=676112888&_gid=1232887453.1555334872&_u=YGBAgAAB~&z=1736483058 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&_v=j73&z=1736483058 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&_v=j73&z=1736483058&slf_rd=1&random=33384537
Request Chain 46
  • http://connect.facebook.net/en_US/sdk.js HTTP 307
  • https://connect.facebook.net/en_US/sdk.js
Request Chain 47
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js

69 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set 04132019M
www.yaysavings.com/mystery/
Redirect Chain
  • http://ms.yaysavings.com/view.asp?id=85061&d=&u=achiang@underarmour.com
  • http://www.yaysavings.com/mystery/04132019M?ed=04132019M&u=achiang@underarmour.com
  • http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
37 KB
37 KB
Document
General
Full URL
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
b587b46da7cba3bcd8d194fec11096ee765cb8889014d2f50f45d5d7cc1292aa

Request headers

Host
www.yaysavings.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html
Server
Microsoft-IIS/8.5
Set-Cookie
user=; path=/
Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Length
38152

Redirect headers

Cache-Control
private
Content-Type
text/html
Location
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Server
Microsoft-IIS/8.5
Set-Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; path=/
Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Length
217
fonts.css
www.yaysavings.com/css/
6 KB
829 B
Stylesheet
General
Full URL
http://www.yaysavings.com/css/fonts.css
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
21daf8bc87790fd7808ba1a6ae9b56b96cbbc82a4b60580f8b7c4d4557e06b37

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:18 GMT
Server
Microsoft-IIS/8.5
ETag
"013a2a73849d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
520
font-awesome.min.css
www.yaysavings.com/css/
23 KB
6 KB
Stylesheet
General
Full URL
http://www.yaysavings.com/css/font-awesome.min.css
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:18 GMT
Server
Microsoft-IIS/8.5
ETag
"013a2a73849d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
5388
desktop.css
www.yaysavings.com/css/
96 KB
15 KB
Stylesheet
General
Full URL
http://www.yaysavings.com/css/desktop.css?id=39
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
c0feca19f82b9104c53305695984fe8209a6216c092e6748792b6871302bb9ce

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Jan 2019 15:49:13 GMT
Server
Microsoft-IIS/8.5
ETag
"80e2f62f33b3d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
14833
jquery-1.11.2.min.js
www.yaysavings.com/js/
94 KB
33 KB
Script
General
Full URL
http://www.yaysavings.com/js/jquery-1.11.2.min.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:25 GMT
Server
Microsoft-IIS/8.5
ETag
"8030ceab3849d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
33367
yayfuncs.js
www.yaysavings.com/js/
14 KB
3 KB
Script
General
Full URL
http://www.yaysavings.com/js/yayfuncs.js?id=38
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
f64495e0111bce057d38696f5afd3da3fdd16a8b42ad764e64fb22a9f4fe2c32

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Mar 2019 20:11:59 GMT
Server
Microsoft-IIS/8.5
ETag
"801195da58d4d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
2277
main.js
www.yaysavings.com/js/
3 KB
1 KB
Script
General
Full URL
http://www.yaysavings.com/js/main.js?id=38
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
e983cbdb90422a80737ded8b12491f7a542f23947f0912959a8b5404671c80c9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:25 GMT
Server
Microsoft-IIS/8.5
ETag
"8030ceab3849d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
869
iscroll.js
www.yaysavings.com/js/
49 KB
11 KB
Script
General
Full URL
http://www.yaysavings.com/js/iscroll.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
f7140a276af75852364eef880f13473fd4791455ba2cd650b7446e6562742a9d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:25 GMT
Server
Microsoft-IIS/8.5
ETag
"8030ceab3849d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
11055
slidermenu.js
www.yaysavings.com/js/
310 B
587 B
Script
General
Full URL
http://www.yaysavings.com/js/slidermenu.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
0e46e836e07ed2da4337b7456c4493f182d53c82cd8560e79d59f2963a0b0d04

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:25 GMT
Server
Microsoft-IIS/8.5
ETag
"27cc5bac3849d41:0"
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
310
yaysearch.js
www.yaysavings.com/js/
3 KB
1 KB
Script
General
Full URL
http://www.yaysavings.com/js/yaysearch.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6ee461d0cc884de09affa4cd5016f609f77dfdc692b09caf9baed2a1849e58b9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:25 GMT
Server
Microsoft-IIS/8.5
ETag
"8030ceab3849d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
796
adshift-up.css
www.yaysavings.com/css/
660 B
922 B
Stylesheet
General
Full URL
http://www.yaysavings.com/css/adshift-up.css
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
948e7086e2122ef37b85878ee431256aaf6ac9bbf98be42d60d8b88e6ea65e1a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:18 GMT
Server
Microsoft-IIS/8.5
ETag
"d47e8a73849d41:0"
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
660
adshift-right.css
www.yaysavings.com/css/
286 B
549 B
Stylesheet
General
Full URL
http://www.yaysavings.com/css/adshift-right.css
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
d798a0d1469fed4046b817dce470c295831c324d61611e3293db8e2a5be55714

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:53 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:18 GMT
Server
Microsoft-IIS/8.5
ETag
"481ee1a73849d41:0"
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
286
yaylogo.png
www.yaysavings.com/img/
8 KB
8 KB
Image
General
Full URL
http://www.yaysavings.com/img/yaylogo.png
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
95eb8b07171b4fb73896d80550127489cfdba979eb4b4a4559322c27051e5437

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:23 GMT
Server
Microsoft-IIS/8.5
ETag
"3b6010ab3849d41:0"
Content-Type
image/png
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
7870
mobile.css
www.yaysavings.com/css/
73 KB
12 KB
Stylesheet
General
Full URL
http://www.yaysavings.com/css/mobile.css?id=39
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
889fbd24d6a87e78a08340d066281238836cf275288eb0767bf2803955fa2e96

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Feb 2019 19:37:53 GMT
Server
Microsoft-IIS/8.5
ETag
"807e659cd3c3d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
11680
yaysocial.js
www.yaysavings.com/js/
1 KB
1 KB
Script
General
Full URL
http://www.yaysavings.com/js/yaysocial.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6a184d7ff0a25d979ce2f3ceccc84925d940af0faca088a2ac4d9a2a08d18024

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:26 GMT
Server
Microsoft-IIS/8.5
ETag
"141a6aac3849d41:0"
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
1116
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
83 KB
32 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
5a1f89963521560bcfee6323095cc269b47f5a8bc31fe04f17ed324ecb8028be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
2212160089238031538
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
31911
X-XSS-Protection
0
Expires
Mon, 15 Apr 2019 13:27:51 GMT
oilchangecoupons.png
images.yaysavings.com/media/
38 KB
38 KB
Image
General
Full URL
http://images.yaysavings.com/media/oilchangecoupons.png
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
2acd431729ea39a3b6426ccf23a18732f789ff1d1e3cfdac98ae0f129d81975a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
images.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 18:50:08 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"133f62183749d41:0"
Content-Length
38446
Content-Type
image/png
20685067.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/067/
4 KB
5 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/067/20685067.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c918dcefc35f58b2eabc66ca3065c8ab15764fab39ae895e9fee84183e5ea73b

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
Last-Modified
Mon, 01 Apr 2019 07:03:41 GMT
X-Cdn
Served-By-Akamai
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=1359317
Connection
keep-alive
Content-Length
4484
Server
Akamai Image Manager
Expires
Wed, 01 May 2019 07:03:08 GMT
20705163.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/163/
4 KB
4 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/163/20705163.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6a5ec699e27ee6eaf16c31a3d56c48a594666b8e31c786ce3776ccbcc5b4361a

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
Last-Modified
Mon, 01 Apr 2019 07:02:45 GMT
X-Cdn
Served-By-Akamai
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=1359400
Connection
keep-alive
Content-Length
4152
Server
Akamai Image Manager
Expires
Wed, 01 May 2019 07:04:31 GMT
20651185.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/185/
3 KB
4 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/185/20651185.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c06a01b8c2c6f7f6483542825a780afc6a6eb4549a02fe7f95a4dfc3335eab8f

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
Last-Modified
Mon, 01 Apr 2019 07:03:46 GMT
X-Cdn
Served-By-Akamai
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=1359276
Connection
keep-alive
Content-Length
3302
Server
Akamai Image Manager
Expires
Wed, 01 May 2019 07:02:27 GMT
20683192.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/192/
4 KB
5 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/192/20683192.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b6226f4773929af05f02045c6ab67b2d0868cf94c2fe13e94eb2793b51805cd5

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
X-Check-Cacheable
YES
X-Cdn
Served-By-Akamai
X-Serial
1052
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=2482394
Last-Modified
Sun, 14 Apr 2019 07:03:08 GMT
Connection
keep-alive
Content-Length
4442
X-Akamai-SSL-Client-Sid
r+N4TWq/tUccPh9n69q2ag==
Server
Akamai Image Manager
Expires
Tue, 14 May 2019 07:01:05 GMT
20672115.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/115/
3 KB
3 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/115/20672115.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ed346d7e8e5587ef37bcb3625fe9fe2bbc6b54e20534ee43c7258b71512baf8e

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
X-Check-Cacheable
YES
X-Cdn
Served-By-Akamai
X-Serial
396
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=2482505
Last-Modified
Sun, 14 Apr 2019 07:04:38 GMT
Connection
keep-alive
Content-Length
3042
X-Akamai-SSL-Client-Sid
tEytov06GOfJGTjCpDZPGw==
Server
Akamai Image Manager
Expires
Tue, 14 May 2019 07:02:56 GMT
20749397.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/397/
5 KB
5 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/397/20749397.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8ef6b2fc197ac7d4ea02085c7fddf6be55acf96da586bcf676304c7c8b866c5b

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
Last-Modified
Sun, 14 Apr 2019 07:05:06 GMT
X-Cdn
Served-By-Akamai
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=2482695
Connection
keep-alive
Content-Length
4660
Server
Akamai Image Manager
Expires
Tue, 14 May 2019 07:06:06 GMT
20753031.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/031/
4 KB
4 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/031/20753031.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
82158cb11d8fa46216b33d0608e775ccbb306fb05d1a1eb75b71b9ac7fb5ad4e

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
X-Check-Cacheable
YES
X-Cdn
Served-By-Akamai
X-Serial
1464
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=2482538
Last-Modified
Sun, 14 Apr 2019 07:03:08 GMT
Connection
keep-alive
Content-Length
3760
X-Akamai-SSL-Client-Sid
V7BzkHxq50hUcBHGmcddzg==
Server
Akamai Image Manager
Expires
Tue, 14 May 2019 07:03:29 GMT
20752039.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/039/
5 KB
5 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/039/20752039.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
21c01cf7f3b4c32952f6175eefc7beff566cea18028a2dab303357c7a7d8c5f0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
X-Check-Cacheable
YES
X-Cdn
Served-By-Akamai
X-Serial
1603
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=2482480
Last-Modified
Sun, 14 Apr 2019 07:03:07 GMT
Connection
keep-alive
Content-Length
4758
X-Akamai-SSL-Client-Sid
iGa19f68zKGLJgqunTN6VA==
Server
Akamai Image Manager
Expires
Tue, 14 May 2019 07:02:31 GMT
20696096.gif
cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/096/
2 KB
2 KB
Image
General
Full URL
http://cdn.cpnscdn.com/insight.coupons.com/COS20/_Cache/_ImageCache/096/20696096.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
2.19.35.64 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
61a75e8ef6e1d06c49289de470feb28bbbcaa94912945a19abbd2eb07c69af93

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:51 GMT
Last-Modified
Sun, 14 Apr 2019 07:03:07 GMT
Server
Akamai Image Manager
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=2482487
Connection
keep-alive
Content-Length
2038
X-Cdn
Served-By-Akamai
Expires
Tue, 14 May 2019 07:02:38 GMT
2.gif
www.yaysavings.com/repo/logos/Large/
2 KB
3 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/2.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
495272234cc9d89f03147f12f5e9e99cd43465b2a5bf10a9920fbb592590b4ab

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 18 Jan 2016 17:36:50 GMT
Server
Microsoft-IIS/8.5
ETag
"025d4cf1652d11:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
2483
1395.gif
www.yaysavings.com/repo/logos/Large/
4 KB
4 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/1395.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
ff49d1bb4a004ada5f1145b2da9e31998700f1f8b9928f28c8e2e293d2a8bd78

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Tue, 19 Aug 2014 02:44:12 GMT
Server
Microsoft-IIS/8.5
ETag
"026357557bbcf1:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
4299
1394.gif
www.yaysavings.com/repo/logos/Large/
686 B
949 B
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/1394.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
0c44c66031e7f438424a149dc400e36a3d8f841127269e0797f470571eae22bd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Sat, 20 Nov 2010 09:30:10 GMT
Server
Microsoft-IIS/8.5
ETag
"0fd9a869588cb1:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
686
1875.gif
www.yaysavings.com/repo/logos/Large/
2 KB
2 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/1875.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
8a783e0d06333f1fbd41a6b7041129cc4fa38ff03549e0c8eb6b5ec2da37f7e1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Tue, 02 Sep 2014 20:40:40 GMT
Server
Microsoft-IIS/8.5
ETag
"0547028eec6cf1:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
1886
8023.gif
www.yaysavings.com/repo/logos/Large/
3 KB
3 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/8023.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
f785875621bc27a38c907b7b7dcfab6eb73158516da0e395e3cec49b3e4bb04f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Sat, 20 Nov 2010 09:32:32 GMT
Server
Microsoft-IIS/8.5
ETag
"0783edb9588cb1:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
3225
1032.gif
www.yaysavings.com/repo/logos/Large/
2 KB
3 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/1032.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
535a0bdfea62c008a7ea2528ff456fa26d5864838cb10e31e47eb09f19293bf5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Thu, 25 Sep 2014 01:18:52 GMT
Server
Microsoft-IIS/8.5
ETag
"0e6bbaa5ed8cf1:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
2422
5634.gif
www.yaysavings.com/repo/logos/Large/
5 KB
5 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/5634.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
c7999e7234de4b3498d4e45da326ad873cc137e8dcc155091ebfb386d5cdc8e3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Tue, 13 Nov 2012 03:30:10 GMT
Server
Microsoft-IIS/8.5
ETag
"08d132f4fc1cd1:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
5304
35637.gif
www.yaysavings.com/repo/logos/Large/
11 KB
11 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/35637.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
4dab3d1b605a96763d2f0f93b443150e0a7d06879092df75149f373a61e42d01

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Sat, 06 Oct 2018 04:37:22 GMT
Server
Microsoft-IIS/8.5
ETag
"0adb5452e5dd41:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
11120
800070.gif
www.yaysavings.com/repo/logos/Large/
3 KB
3 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/800070.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
07114d89d8ef86c873de8051f82cda6965d5d295f9dc7d9eb8e6956cb1e9dfef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 01 Oct 2018 13:36:06 GMT
Server
Microsoft-IIS/8.5
ETag
"24f9cb48b59d41:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
2885
179.gif
www.yaysavings.com/repo/logos/Large/
2 KB
3 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/179.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
e0bc10ae079c8638fa382b46bbb9392234a1e0436c87bc336b331e333ef00edc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Sat, 20 Nov 2010 09:30:02 GMT
Server
Microsoft-IIS/8.5
ETag
"049d6819588cb1:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
2429
33930.gif
www.yaysavings.com/repo/logos/Large/
7 KB
7 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/33930.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6f9cf76f18e60c9624502a4f2b11a46ea4c64738ebde30c7bca3e4ec803644a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Thu, 21 Jun 2018 05:39:32 GMT
Server
Microsoft-IIS/8.5
ETag
"042c33a229d41:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
7053
4004.gif
www.yaysavings.com/repo/logos/Large/
3 KB
3 KB
Image
General
Full URL
http://www.yaysavings.com/repo/logos/Large/4004.gif
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
af0e778d6b513711ff960a8654d96d90ba4629d48870fd70d672874aac4ab0f7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 26 Nov 2018 13:24:30 GMT
Server
Microsoft-IIS/8.5
ETag
"7488f95c8b85d41:0"
Content-Type
image/gif
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
2931
store-logo-banner.png
www.yaysavings.com/img/
32 KB
33 KB
Image
General
Full URL
http://www.yaysavings.com/img/store-logo-banner.png
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
03fe0818cc8beb1afc919d99806b1baeee24517f6ccf4c6093f280f41a4a86b7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:23 GMT
Server
Microsoft-IIS/8.5
ETag
"68c3f3aa3849d41:0"
Content-Type
image/png
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
33258
OpenSans-Semibold-webfont.woff2
www.yaysavings.com/fonts/
18 KB
18 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/OpenSans-Semibold-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
098e7ac0de17db2cabba259a1fada0ec31059515081c1a20d5074a46e6030ac4

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/fonts.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"554230a93849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
18384
Socialico-webfont.woff2
www.yaysavings.com/fonts/
18 KB
18 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/Socialico-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
7076e4b21ba41e2e1a010fdc7dcc0be7581d5e346607a885e8eaa2db462f8d22

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/fonts.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:21 GMT
Server
Microsoft-IIS/8.5
ETag
"88a788a93849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
18160
OpenSans-CondensedLight-webfont.woff2
www.yaysavings.com/fonts/
18 KB
19 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/OpenSans-CondensedLight-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
9d4cc0c1ea84b1247be95187311d7bb0f0d1485ee9c35066d9f814e4bf8bebbb

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/fonts.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"63cdfba83849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
18792
fontawesome-webfont.woff2
www.yaysavings.com/fonts/
55 KB
56 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/font-awesome.min.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/font-awesome.min.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:19 GMT
Server
Microsoft-IIS/8.5
ETag
"df40aca83849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
56780
OpenSans-CondensedBold-webfont.woff2
www.yaysavings.com/fonts/
19 KB
19 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/OpenSans-CondensedBold-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
db5d26f32a5bd71c807e2bf85cb1f80e9e0c2232626f3682a6f1de422181167f

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/fonts.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"b7a7f4a83849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
19008
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
6924
date
Mon, 15 Apr 2019 11:32:27 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Mon, 15 Apr 2019 13:32:27 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j73&a=1654515689&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&ul=...
  • https://www.google-analytics.com/collect?v=1&_v=j73&a=1654515689&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&ul...
35 B
109 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j73&a=1654515689&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&ul=en-us&de=UTF-8&dt=Yay%20Savings%20Mystery%20Deal%20%7C%20Retail%20Shopping%20coupon%20codes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=914583099&gjid=676112888&cid=1597373796.1555334872&tid=UA-51514291-1&_gid=1232887453.1555334872&cd2=&cd4=&cd5=&cd6=&cd7=&cd8=not%20adblocked&z=680537427
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 04:35:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3228730
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j73&a=1654515689&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&ul=en-us&de=UTF-8&dt=Yay%20Savings%20Mystery%20Deal%20%7C%20Retail%20Shopping%20coupon%20codes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=914583099&gjid=676112888&cid=1597373796.1555334872&tid=UA-51514291-1&_gid=1232887453.1555334872&cd2=&cd4=&cd5=&cd6=&cd7=&cd8=not%20adblocked&z=680537427
Non-Authoritative-Reason
HSTS
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&gjid=676112888&_gid=1232887453.1555334872&_u=YGBAgAAB~&z=1736483058
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&_v=j73&z=1736483058
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&_v=j73&z=1736483058&slf_rd=1&random=33384537
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&_v=j73&z=1736483058&slf_rd=1&random=33384537
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Apr 2019 13:27:51 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Apr 2019 13:27:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51514291-1&cid=1597373796.1555334872&jid=914583099&_v=j73&z=1736483058&slf_rd=1&random=33384537
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cf82faab0f9349f97ba2e2897b16939988a61855924c731dab137cded2c37b5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
xYn04FfY20/8oZfRWzHxiQ==
status
200
date
Mon, 15 Apr 2019 13:27:51 GMT
vary
Accept-Encoding
content-length
1778
x-fb-debug
O/wT+9QrVoLVPojRUO/cUsBJ0mZkUX7Uq9aa0gd1PdoEEgLe57TEibtuR5qWd9pkGpLMv31DDS9O8oVxciGPFg==
x-fb-content-md5
d708cf66b0017b594273b0aa4058fa91
etag
"8ec08b3a6c6e1b7aca71ff8b92019673"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Apr 2019 13:42:46 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/sdk.js#xfbml=1&appId=1411597365791208&version=v2.0
Non-Authoritative-Reason
HSTS
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
d85f367fac9e09487a3c2220a9151cf92e797c19240a4879046eaf17899526cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ul0Bpwe+Syzfdp520xzmpQ==
status
200
content-length
1779
x-fb-debug
uf4Z/+O+DaP0OEzen8YZb3MZXAYuK0GuLifQoFo5uPxS2IO8MCu5nnzS+7G2uPxEHeefY7vBJX7ZnM2M8EOH8A==
x-fb-content-md5
16e083a06053e35e8dfe3406a5aaea6e
x-frame-options
DENY
etag
"45221b68e96546b8ac71da6836971662"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Apr 2019 13:47:44 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason
HSTS
mystery-banner-bg.png
www.yaysavings.com/img/
49 KB
49 KB
Image
General
Full URL
http://www.yaysavings.com/img/mystery-banner-bg.png
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
060e9af4ab49efa35b793f1885ccef4ba5ccab365e375906b55dc020152dad6c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/css/desktop.css?id=39
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/css/desktop.css?id=39
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:22 GMT
Server
Microsoft-IIS/8.5
ETag
"d06585aa3849d41:0"
Content-Type
image/png
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
50362
mystery-deal-bg.png
www.yaysavings.com/img/
39 KB
40 KB
Image
General
Full URL
http://www.yaysavings.com/img/mystery-deal-bg.png
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
be154e0b585e54a440ab4b613ba6539aa49f32779cde36ce4b0ea56b7fb5567d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.yaysavings.com/css/desktop.css?id=39
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.yaysavings.com/css/desktop.css?id=39
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:22 GMT
Server
Microsoft-IIS/8.5
ETag
"d06585aa3849d41:0"
Content-Type
image/png
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
40369
Peralta-Regular-webfont.woff2
www.yaysavings.com/fonts/
31 KB
32 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/Peralta-Regular-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
b10e57d046623a792c76a107a8a2ddde6910c9bb78d70ac9f089f37006b92ff9

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/fonts.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"662d5ba93849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
32248
OpenSans-Bold-webfont.woff2
www.yaysavings.com/fonts/
18 KB
19 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/OpenSans-Bold-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
76e15b2ab5986f983b5c23f28f72bc6fdf0237979ea33618348c6e22ed5ae13e

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/fonts.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"993e1a83849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
18852
OpenSans-webfont.woff2
www.yaysavings.com/fonts/
18 KB
18 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/OpenSans-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
28254d0381f1ca30da97dc71124686cfaf60b42a0e25242fa1dd5d27fcf889fe

Request headers

Pragma
no-cache
Origin
http://www.yaysavings.com
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/css/fonts.css
Cookie
ASPSESSIONIDASTBTDBB=KCNGBPDAPPNKFKJBCOMCNPOG; user=; _ga=GA1.2.1597373796.1555334872; _gid=GA1.2.1232887453.1555334872; _gat=1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com

Response headers

Date
Mon, 15 Apr 2019 13:27:54 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"545743a93849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
18240
integrator.js
adservice.google.de/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.yaysavings.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:27:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.yaysavings.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:27:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/
202 KB
76 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6e33cd6f32d5cb012dd5174c71e7080a7285106255765f1ec698f07d66bfab9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
4700164009996688154
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
76985
X-XSS-Protection
0
Expires
Mon, 15 Apr 2019 13:27:52 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/ Frame C594
202 KB
76 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6e33cd6f32d5cb012dd5174c71e7080a7285106255765f1ec698f07d66bfab9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
4700164009996688154
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
76985
X-XSS-Protection
0
Expires
Mon, 15 Apr 2019 13:27:52 GMT
ca-pub-2436759273537177.js
pagead2.googlesyndication.com/pub-config/r20160913/
133 B
241 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-2436759273537177.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 12:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 14 Apr 2019 19:43:36 GMT
server
sffe
age
1679
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
125
x-xss-protection
0
expires
Tue, 16 Apr 2019 00:59:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190408/r20190131/ Frame 7F39
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190408/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190408/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 08 Apr 2019 21:20:44 GMT
expires
Mon, 22 Apr 2019 21:20:44 GMT
content-type
text/html; charset=UTF-8
etag
3275482936266559025
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6909
x-xss-protection
0
cache-control
public, max-age=1209600
age
576428
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
sdk.js
connect.facebook.net/en_US/
193 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=83bcac1a6e6199a915107ffcc3e2bb6e&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
ce72c98c90bc39b9ce521fb481f2623326833e2a2c8d1f1bb3a5a38f8fda633a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
Origin
http://www.yaysavings.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Sk/p1Lq4Z3cCSr6g2Wz+Pg==
status
200
date
Mon, 15 Apr 2019 13:27:52 GMT
vary
Accept-Encoding
content-length
58922
x-fb-debug
qM4yv2yECh2R/VfkGz5bq7mRG+iWWqne3D4Nrw0X5CQPXKVW2YyS217xcFOlvEk3xOJecJKIsLXyUNj1SZoPlQ==
x-fb-content-md5
84e88fcf424ce70e79dbad8924bb53e9
etag
"d74d008c0abcf32d0e639fa9855f484f"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Tue, 14 Apr 2020 11:33:06 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B3F1
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=90&slotname=3301706841&adk=2211376183&adf=4223444940&w=720&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=720x90&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&wgl=1&adsid=NT&dt=1555334872009&bpp=32&bdt=816&fdt=274&idt=270&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&correlator=4904471221678&frm=20&pv=2&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=8858346410&dssz=27&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=433&ady=162&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=1&uci=1.xhr6rlu487tu&fsb=1&xpc=oeMn4QX9AK&p=http%3A//www.yaysavings.com&dtd=300
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2436759273537177&output=html&h=90&slotname=3301706841&adk=2211376183&adf=4223444940&w=720&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=720x90&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&wgl=1&adsid=NT&dt=1555334872009&bpp=32&bdt=816&fdt=274&idt=270&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&correlator=4904471221678&frm=20&pv=2&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=8858346410&dssz=27&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=433&ady=162&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=1&uci=1.xhr6rlu487tu&fsb=1&xpc=oeMn4QX9AK&p=http%3A//www.yaysavings.com&dtd=300
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 15 Apr 2019 13:27:52 GMT
server
cafe
content-length
19806
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 15-Apr-2019 13:42:52 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Mon, 15 Apr 2019 13:27:52 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
77 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
196f161c73eecca785b1c71f24e90c523c1db98defd202a544486b9a707c811d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 15 Apr 2019 13:27:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1554894788928095"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
29096
x-xss-protection
0
expires
Mon, 15 Apr 2019 13:27:52 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A00F
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=5933866044&adk=4105230550&adf=3261161656&w=300&lmt=1555334872&rafmt=11&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&wgl=1&adsid=NT&dt=1555334872041&bpp=13&bdt=848&fdt=278&idt=238&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&rplot=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=973&ady=317&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1168&bc=7&ifi=2&uci=2.qtxg6x8j2cko&fsb=1&xpc=B1FR5qTDcB&p=http%3A//www.yaysavings.com&dtd=282
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=5933866044&adk=4105230550&adf=3261161656&w=300&lmt=1555334872&rafmt=11&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&wgl=1&adsid=NT&dt=1555334872041&bpp=13&bdt=848&fdt=278&idt=238&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&rplot=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=973&ady=317&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1168&bc=7&ifi=2&uci=2.qtxg6x8j2cko&fsb=1&xpc=B1FR5qTDcB&p=http%3A//www.yaysavings.com&dtd=282
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 15 Apr 2019 13:27:52 GMT
server
cafe
content-length
23611
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 15-Apr-2019 13:42:52 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Mon, 15 Apr 2019 13:27:52 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 82E2
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=7731906440&adk=2269268744&adf=324661547&w=300&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1555334872071&bpp=9&bdt=878&fdt=266&idt=208&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90%2C300x250&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=804&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=3&uci=3.mp4a1ll14tub&fsb=1&xpc=mNjsvI9cBY&p=http%3A//www.yaysavings.com&dtd=269
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=7731906440&adk=2269268744&adf=324661547&w=300&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1555334872071&bpp=9&bdt=878&fdt=266&idt=208&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90%2C300x250&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=804&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=3&uci=3.mp4a1ll14tub&fsb=1&xpc=mNjsvI9cBY&p=http%3A//www.yaysavings.com&dtd=269
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 15 Apr 2019 13:27:52 GMT
server
cafe
content-length
2532
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 15-Apr-2019 13:42:52 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Mon, 15 Apr 2019 13:27:52 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 180A
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=1685372847&adk=1527775730&adf=1339713215&w=300&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1555334872129&bpp=33&bdt=936&fdt=233&idt=150&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90%2C300x250%2C300x250&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=1088&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=4&uci=4.5lcdcagso38c&fsb=1&xpc=3qREwhWgJM&p=http%3A//www.yaysavings.com&dtd=237
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190408/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2436759273537177&output=html&h=250&slotname=1685372847&adk=1527775730&adf=1339713215&w=300&lmt=1555334872&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.yaysavings.com%2Fmystery%2F04132019M%3Fed%3D04132019M%26uid%3DYWNoaWFuZ0B1bmRlcmFybW91ci5jb20&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1555334872129&bpp=33&bdt=936&fdt=233&idt=150&shv=r20190408&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=720x90%2C300x250%2C300x250&correlator=4904471221678&frm=20&pv=1&ga_vid=1597373796.1555334872&ga_sid=1555334872&ga_hid=1654515689&ga_fc=0&iag=0&icsg=146297299882&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=1088&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21060853%2C21063244&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=1040&bc=7&ifi=4&uci=4.5lcdcagso38c&fsb=1&xpc=3qREwhWgJM&p=http%3A//www.yaysavings.com&dtd=237
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 15 Apr 2019 13:27:52 GMT
server
cafe
content-length
18296
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 15-Apr-2019 13:42:52 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Mon, 15 Apr 2019 13:27:52 GMT
cache-control
private
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame C4EF
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=83bcac1a6e6199a915107ffcc3e2bb6e&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sat, 11 Apr 2020 13:28:19 GMT
cache-control
public,max-age=31536000,immutable
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
x-fb-debug
I5cRW3HCyPmP9GF3J+x0nNNoQmvQVjU56zDbAC3u/4IU5rSHKs2XZZZYvEz4+q5/+regdTf1H40i/m/fapW1mA==
content-length
11033
date
Mon, 15 Apr 2019 13:27:52 GMT
like.php
www.facebook.com/v2.0/plugins/ Frame 0834
0
0
Document
General
Full URL
https://www.facebook.com/v2.0/plugins/like.php?action=like&app_id=1411597365791208&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df2c9454753d6c7c%26domain%3Dwww.yaysavings.com%26origin%3Dhttp%253A%252F%252Fwww.yaysavings.com%252Ff302a6ee99d9818%26relation%3Dparent.parent&container_width=85&href=https%3A%2F%2Fwww.facebook.com%2Fyaysavings%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=83bcac1a6e6199a915107ffcc3e2bb6e&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.0/plugins/like.php?action=like&app_id=1411597365791208&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df2c9454753d6c7c%26domain%3Dwww.yaysavings.com%26origin%3Dhttp%253A%252F%252Fwww.yaysavings.com%252Ff302a6ee99d9818%26relation%3Dparent.parent&container_width=85&href=https%3A%2F%2Fwww.facebook.com%2Fyaysavings%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
facebook-api-version
v2.8
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
V7uM/3wfHlOeLzbAGzfQFH88bgXpZhqDIwDseI3oS8lkpL7FDtxrJSZVb0aFJqAtwANNeROEWJORvDytzj4Umg==
date
Mon, 15 Apr 2019 13:27:53 GMT
Cookie set nag.asp
www.yaysavings.com/modals/
2 KB
2 KB
XHR
General
Full URL
http://www.yaysavings.com/modals/nag.asp
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/js/jquery-1.11.2.min.js
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
27720c93874976cfc9186a04d547ebd8ff6b367e83caa8694aa86edc36767b26

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.yaysavings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Cache-Control
no-cache
Accept
*/*
Referer
http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 15 Apr 2019 13:27:58 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
Set-Cookie
ASPSESSIONIDASTBTDBB=ODNGBPDAKPKANHOHCLGNLJCM; path=/
Content-Length
2142
Content-Type
text/html

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery boolean| nagModalOpen function| openStoreName function| openSearch function| closeModal function| showCouponModal function| loadModalPage function| loadModal function| showSignup function| showThanks function| reloadModal function| doFlip function| updateQueryStringParameter function| connectEmail function| rejoinEmail function| connectEmailLanding function| connectFacebook function| connectFacebookLanding function| hideWhoopsies function| showWhoopsies function| writeAdSense function| isMobile function| block_size function| block_size_infeed function| IScroll object| myScroll function| loaded undefined| yaySearchSelectedDiv function| selectSearchDiv function| deSelectSearchDiv function| initSearchDivs function| lookup function| lookup2 string| is_adblocked object| testAd string| dimensionValue string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| new_Share function| fbAsyncInit string| google_ad_client string| google_ad_slot number| screen_width boolean| is_desktop object| s_result object| google_ad_size object| adsbygoogle function| mysteryFlip string| desktop_code object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars object| FB function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

7 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmnyK6GJOxS6tDJC9mXf9j5AHTwa1KwEvd8Jfo9jnjFK69ncDQJe_5qxT53
www.yaysavings.com/ Name: ASPSESSIONIDASTBTDBB
Value: KCNGBPDAPPNKFKJBCOMCNPOG
.yaysavings.com/ Name: _gat
Value: 1
.yaysavings.com/ Name: _gid
Value: GA1.2.1232887453.1555334872
.yaysavings.com/ Name: _ga
Value: GA1.2.1597373796.1555334872
www.yaysavings.com/ Name: user
Value:

1 Console Messages

Source Level URL
Text
console-api log URL: http://www.yaysavings.com/mystery/04132019M?ed=04132019M&uid=YWNoaWFuZ0B1bmRlcmFybW91ci5jb20(Line 155)
Message:
AdBlock Enabled?

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.cpnscdn.com
connect.facebook.net
googleads.g.doubleclick.net
images.yaysavings.com
ms.yaysavings.com
pagead2.googlesyndication.com
staticxx.facebook.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.yaysavings.com
2.19.35.64
23.229.88.50
23.250.10.187
2a00:1450:4001:806::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:817::2002
2a00:1450:4001:819::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::200e
2a00:1450:400c:c08::9d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
03fe0818cc8beb1afc919d99806b1baeee24517f6ccf4c6093f280f41a4a86b7
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
060e9af4ab49efa35b793f1885ccef4ba5ccab365e375906b55dc020152dad6c
07114d89d8ef86c873de8051f82cda6965d5d295f9dc7d9eb8e6956cb1e9dfef
098e7ac0de17db2cabba259a1fada0ec31059515081c1a20d5074a46e6030ac4
0c44c66031e7f438424a149dc400e36a3d8f841127269e0797f470571eae22bd
0e46e836e07ed2da4337b7456c4493f182d53c82cd8560e79d59f2963a0b0d04
196f161c73eecca785b1c71f24e90c523c1db98defd202a544486b9a707c811d
21c01cf7f3b4c32952f6175eefc7beff566cea18028a2dab303357c7a7d8c5f0
21daf8bc87790fd7808ba1a6ae9b56b96cbbc82a4b60580f8b7c4d4557e06b37
222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7
27720c93874976cfc9186a04d547ebd8ff6b367e83caa8694aa86edc36767b26
28254d0381f1ca30da97dc71124686cfaf60b42a0e25242fa1dd5d27fcf889fe
2acd431729ea39a3b6426ccf23a18732f789ff1d1e3cfdac98ae0f129d81975a
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
495272234cc9d89f03147f12f5e9e99cd43465b2a5bf10a9920fbb592590b4ab
4dab3d1b605a96763d2f0f93b443150e0a7d06879092df75149f373a61e42d01
535a0bdfea62c008a7ea2528ff456fa26d5864838cb10e31e47eb09f19293bf5
5a1f89963521560bcfee6323095cc269b47f5a8bc31fe04f17ed324ecb8028be
61a75e8ef6e1d06c49289de470feb28bbbcaa94912945a19abbd2eb07c69af93
6a184d7ff0a25d979ce2f3ceccc84925d940af0faca088a2ac4d9a2a08d18024
6a5ec699e27ee6eaf16c31a3d56c48a594666b8e31c786ce3776ccbcc5b4361a
6e33cd6f32d5cb012dd5174c71e7080a7285106255765f1ec698f07d66bfab9a
6ee461d0cc884de09affa4cd5016f609f77dfdc692b09caf9baed2a1849e58b9
6f9cf76f18e60c9624502a4f2b11a46ea4c64738ebde30c7bca3e4ec803644a3
7076e4b21ba41e2e1a010fdc7dcc0be7581d5e346607a885e8eaa2db462f8d22
76e15b2ab5986f983b5c23f28f72bc6fdf0237979ea33618348c6e22ed5ae13e
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
82158cb11d8fa46216b33d0608e775ccbb306fb05d1a1eb75b71b9ac7fb5ad4e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
889fbd24d6a87e78a08340d066281238836cf275288eb0767bf2803955fa2e96
8a783e0d06333f1fbd41a6b7041129cc4fa38ff03549e0c8eb6b5ec2da37f7e1
8ef6b2fc197ac7d4ea02085c7fddf6be55acf96da586bcf676304c7c8b866c5b
948e7086e2122ef37b85878ee431256aaf6ac9bbf98be42d60d8b88e6ea65e1a
95eb8b07171b4fb73896d80550127489cfdba979eb4b4a4559322c27051e5437
9d4cc0c1ea84b1247be95187311d7bb0f0d1485ee9c35066d9f814e4bf8bebbb
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
af0e778d6b513711ff960a8654d96d90ba4629d48870fd70d672874aac4ab0f7
b10e57d046623a792c76a107a8a2ddde6910c9bb78d70ac9f089f37006b92ff9
b587b46da7cba3bcd8d194fec11096ee765cb8889014d2f50f45d5d7cc1292aa
b6226f4773929af05f02045c6ab67b2d0868cf94c2fe13e94eb2793b51805cd5
be154e0b585e54a440ab4b613ba6539aa49f32779cde36ce4b0ea56b7fb5567d
c06a01b8c2c6f7f6483542825a780afc6a6eb4549a02fe7f95a4dfc3335eab8f
c0feca19f82b9104c53305695984fe8209a6216c092e6748792b6871302bb9ce
c7999e7234de4b3498d4e45da326ad873cc137e8dcc155091ebfb386d5cdc8e3
c918dcefc35f58b2eabc66ca3065c8ab15764fab39ae895e9fee84183e5ea73b
ce72c98c90bc39b9ce521fb481f2623326833e2a2c8d1f1bb3a5a38f8fda633a
cf82faab0f9349f97ba2e2897b16939988a61855924c731dab137cded2c37b5e
d798a0d1469fed4046b817dce470c295831c324d61611e3293db8e2a5be55714
d85f367fac9e09487a3c2220a9151cf92e797c19240a4879046eaf17899526cc
db5d26f32a5bd71c807e2bf85cb1f80e9e0c2232626f3682a6f1de422181167f
e0bc10ae079c8638fa382b46bbb9392234a1e0436c87bc336b331e333ef00edc
e983cbdb90422a80737ded8b12491f7a542f23947f0912959a8b5404671c80c9
ed346d7e8e5587ef37bcb3625fe9fe2bbc6b54e20534ee43c7258b71512baf8e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f64495e0111bce057d38696f5afd3da3fdd16a8b42ad764e64fb22a9f4fe2c32
f7140a276af75852364eef880f13473fd4791455ba2cd650b7446e6562742a9d
f785875621bc27a38c907b7b7dcfab6eb73158516da0e395e3cec49b3e4bb04f
ff49d1bb4a004ada5f1145b2da9e31998700f1f8b9928f28c8e2e293d2a8bd78