urlscan.io logo urlscan.io
SecurityTrails logo

11172243.searchiqnet.com Open in urlscan Pro
209.132.243.15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://soywaxamazon.com/
Effective URL: https://11172243.searchiqnet.com/redirect?s=11172243&o=75&y=150&x=350&r=https%3A%2F%2Fwww.groupon.com%2F%3Futm_source%3Dgoogle%26...
Submission: On February 28 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 1 countries across 20 domains to perform 33 HTTP transactions. The main IP is 209.132.243.15, located in and belongs to . The main domain is 11172243.searchiqnet.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 27th 2022. Valid for: a year.
This is the only time 11172243.searchiqnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    199.115.115.102 (Charlotte, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
soywaxamazon.com
4    66.165.243.160 (Los Angeles, United States)

ASN29802 (HVC-AS, US)
PTR: 66-165-243-160.static.hvvc.us
r.ealeo.com
3    2607:f8b0:4006:80c::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    192.138.218.207 (United States)

ASN14332 (SHOPZILLA, US)
PTR: rd.bizrate.com
link.sylikes.com
rd.bizrate.com
1    2607:f8b0:4006:80c::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    108.139.29.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-103.jfk50.r.cloudfront.net
s5.cnnx.io
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)
s.yimg.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadus.exelator.com
1    64.19.224.208 (United States)

ASN14332 (SHOPZILLA, US)
pxl.connexity.net
2    2607:f8b0:4006:81f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com
sp.analytics.yahoo.com
4    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2607:f8b0:4006:816::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    192.138.218.139 (None, )

ASN- ()
rd.connexity.net
1    209.132.243.25 (None, )

ASN- ()
c.next2.io
2    209.132.243.15 (None, )

ASN- ()
c.pageprotect.net
11172243.searchiqnet.com
Apex Domain
Subdomains		 Transfer
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
301 B
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 357
13 KB
4 ealeo.com
r.ealeo.com
11 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
563 B
2 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1186
879 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
4 KB
2 connexity.net
pxl.connexity.net — Cisco Umbrella Rank: 4792
rd.connexity.net
2 KB
2 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1317
2 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 466
7 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
136 KB
2 bizrate.com
rd.bizrate.com — Cisco Umbrella Rank: 80457
17 KB
1 searchiqnet.com
11172243.searchiqnet.com
8 KB
1 pageprotect.net
c.pageprotect.net
2 KB
1 next2.io
c.next2.io
1 KB
1 cnnx.io
s5.cnnx.io — Cisco Umbrella Rank: 119067
540 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
64 KB
1 sylikes.com
link.sylikes.com — Cisco Umbrella Rank: 147349
990 B
1 soywaxamazon.com
soywaxamazon.com
450 B
0 groupon.com Failed
www.groupon.com Failed
33 20
Domain Requested by
4 www.facebook.com rd.bizrate.com
4 bat.bing.com rd.bizrate.com
bat.bing.com
4 r.ealeo.com r.ealeo.com
3 www.google-analytics.com r.ealeo.com
www.google-analytics.com
2 www.google.com rd.bizrate.com
2 sp.analytics.yahoo.com rd.bizrate.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 loadus.exelator.com 2 redirects
2 s.yimg.com rd.bizrate.com
s.yimg.com
2 connect.facebook.net rd.bizrate.com
connect.facebook.net
2 rd.bizrate.com r.ealeo.com
rd.bizrate.com
1 11172243.searchiqnet.com rd.bizrate.com
1 c.pageprotect.net 1 redirects
1 c.next2.io 1 redirects
1 rd.connexity.net 1 redirects
1 pxl.connexity.net rd.bizrate.com
1 s5.cnnx.io rd.bizrate.com
1 www.googletagmanager.com rd.bizrate.com
1 link.sylikes.com 1 redirects
1 soywaxamazon.com 1 redirects
0 www.groupon.com Failed 11172243.searchiqnet.com
33 21

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.bizrate.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-19 -
2023-09-19		 a year crt.sh
s1.cnnx.io
Amazon		 2022-08-29 -
2023-09-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-07		 2 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-27 -
2023-04-19		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-01-03 -
2023-06-28		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.searchiqnet.com
Go Daddy Secure Certificate Authority - G2		 2022-07-27 -
2023-08-28		 a year crt.sh

This page contains 2 frames:

Frame: https://www.groupon.com/?utm_source=google&utm_medium=cpc&utm_campaign=us_dt_sea_ggl_txt_smp_sr_cbp_ch1_nbr_d*ADNET_a181079316933473524223644951146089196453_g*homepage-1&template=regular&bypass=true&anid=181079316933473524223644951146089196453
Frame ID: 6974FFDAA56E7EA308F5FDA9CE860BD8
Requests: 29 HTTP requests in this frame

Frame: http://r.ealeo.com/go?e=DwCaxHVbjaF9gQAvgFW0Ozsmu3KeHFA80aC0OzX-bFLdR2X8bvCztRsyRaBdHFp9x3C5kGVy0aCeZKq7bFW4cRsYIGCdfxVXgvCzfHs7jmK9uFs8bPXabGs-jKF9IPrVy3C55GVxfvEuHPsW1KW09Is7t3K8gRr-bFLRu2Z_pPEmV3XTEwLwbHVyLPM55QL80KX99SA78SF-IFs-03Ba0QsmuQFdHPrx1UXdZTsmEGLdfGq70KW0bRs-D3K95Gq5jaBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV
Frame ID: BDEBC185F311982477ABE8FA14515DCC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://soywaxamazon.com/ HTTP 302
    http://r.ealeo.com/redirect?redirect_id=3fd1ca2237ec42fe36945cdaeb6c1520&request_id=c2677e15824... Page URL
  2. https://link.sylikes.com/?publisherId=693406&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0W... HTTP 302
    https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHAN... Page URL
  3. https://rd.connexity.net/rd2?mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903a... HTTP 302
    https://c.next2.io/api/ads?sid=11172243&said=8114875&kw=online+coupons&link=https%3A%2F%2Fwww.g... HTTP 301
    https://c.pageprotect.net/c?pid=11172243-8114875&c=9e73f9b4e2cbb9e14f5a75385eb07a9e-FuewFsewwue4U%09mt... HTTP 302
    https://11172243.searchiqnet.com/redirect?s=11172243&o=75&y=150&x=350&r=https%3A%2F%2Fwww.groupon.com%2F%3Fut... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

33
Requests

73 %
HTTPS

44 %
IPv6

20
Domains

21
Subdomains

15
IPs

1
Countries

283 kB
Transfer

801 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://soywaxamazon.com/ HTTP 302
    http://r.ealeo.com/redirect?redirect_id=3fd1ca2237ec42fe36945cdaeb6c1520&request_id=c2677e15824e7d6a5bf6cfdbe010ba0e Page URL
  2. https://link.sylikes.com/?publisherId=693406&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&afPlacementId=316965&url=https%3A%2F%2Fwww.groupon.com%2F HTTP 302
    https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913 Page URL
  3. https://rd.connexity.net/rd2?mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913&t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3D8114875%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3D16775848477935597767610080301008005%26cnx%3D1&br=16775848477059340843202030301012194&rf=cldaf1&vsc=dru&rdrSerial=7bb67ed3-6918-4d3a-8c5b-de0a87534312&redirectId=16775848477935597767610080301008005 HTTP 302
    https://c.next2.io/api/ads?sid=11172243&said=8114875&kw=online+coupons&link=https%3A%2F%2Fwww.groupon.com%2F&fallback_url=https%3A%2F%2Fwww.groupon.com%2F&partnerId=16775848477935597767610080301008005&cnx=1 HTTP 301
    https://c.pageprotect.net/c?pid=11172243-8114875&c=9e73f9b4e2cbb9e14f5a75385eb07a9e-FuewFsewwue4U%09mt.qiij%2FSef+%28CqLotnN+Dl+wfef%3B+CqLUk%3B+bUk%29+hRRiICIAdqv%2FSF4eFU+%28dBlmV%2C+iqHI+8IEHt%29+72atQI%2FwwfefeSkuwew44+rjOjaq%2FSF4eFU%09wU44Sukuk3ukU%09ukf%09Sfw%09FF%09LIn+0taH%092vvRN%3A%2F%2FnnnezatWRtLeEtQ%2F%3FWvQ_NtWaEI%3DzttziI%26WvQ_QIoqWQ%3DERE%26WvQ_EjQRjqzL%3DWN_ov_NIj_zzi_vbv_NQR_Na_EAR_E2w_LAa_o*h9Dpl_j%24%7BEiqEH9jvjeEiqEHgo%7D_z*2tQIRjzI-w%26vIQRijvI%3DaIzWija%26A0RjNN%3DvaWI%09%5BLWii%5D%09fefF%09fefU%09aoeAq.ajvIeEtQ%09vaWI%094s%09SsF44S3%09rphX7B%09-SukF43kf34433ku3FwU%7EkkkF3wk4fFsUFfkUw4%09%5BLWii%5D%09FFuSF3%09w3sewUuewffewks%09dpJCTX9%09f%09f%7Ef%093SsSE4sf-Ffw4-kU4j-uEo4-f3ww3FEEAIu4%09tLiqLI+EtWRtLN%09%5BLWii%5D%09tLiqLI+EtWRtLN%09tLiqLI+EtWRtLN%09%5BLWii%5D%09%5BLWii%5D%09f%09w%09tLiqLI+EtWRtLN%09f%09f%09%5BLWii%5D%09SsF44S3%09%5BLWii%5D%09%5BLWii%5D%09%5BLWii%5D%09%5BLWii%5D%09%5BLWii%5D%09wffsS%09uwwku4S%09wU44Sukuk443FSS344U4UwffufFfwffuffS%09%5BLWii%5D%09%7B%22N2tnhozatWRdI0%22%3A%22vaWI%22%2C%22N2tnXIQtYIoVqNvqLzN%22%3A%22vaWI%22%2C%22oqNjAiIXtL%22%3A%22w%22%2C%22oIIRiqLH_EtLNqNvILv_QjaH_Wai%22%3A%222vvRN%3A%2F%2FnnnezatWRtLeEtQ%2F%22%2C%22ELb%22%3A%22w%22%7D%09%5BLWii%5D%09%5BLWii%5D%09f%09www4sskF-uwwku4S%092vvRN%3A%2F%2FnnnezatWRtLeEtQ%2F%09w%09&r=1&ptt= HTTP 302
    https://11172243.searchiqnet.com/redirect?s=11172243&o=75&y=150&x=350&r=https%3A%2F%2Fwww.groupon.com%2F%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dus_dt_sea_ggl_txt_smp_sr_cbp_ch1_nbr_d*ADNET_a181079316933473524223644951146089196453_g*homepage-1%26template%3Dregular%26bypass%3Dtrue%26anid%3D181079316933473524223644951146089196453&u=181079316933473524223644951146089196453&a=72&t=5237759&g=-5843794097799489316~444391470326304617&cb=0&faid=5237759&fint=1&b=fefF,fefU,LWii&epcCD=1677584850361&cc=840&dma=501&epcRFU=null&tk=tLiqLI+EtWRtLN&k=online+coupons&qk=tLiqLI+EtWRtLN&mqk=tLiqLI+EtWRtLN&eqk=null&eqke=0&nw=SEARCH&tgt=5237759&tp=www4sskF-uwwku4S&vu=null&ir=0&tt=KEYWORD&ck=0~0&rk=1&ptt=&f=https%3A%2F%2Fwww.groupon.com%2F%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dus_dt_sea_ggl_txt_smp_sr_cbp_ch1_nbr_d*ADNET_a181079316933473524223644951146089196453_g*homepage-1%26template%3Dregular%26bypass%3Dtrue%26anid%3D181079316933473524223644951146089196453&sc=null&st=null&id=0&it=1&nbrs=0&nk=5237759&fwc=0&lt=0&spa=&spt=&spc=&dvid=&sid=9525c720-3017-467a-8cd7-091193ccbe87 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://soywaxamazon.com/ HTTP 302
  • http://r.ealeo.com/redirect?redirect_id=3fd1ca2237ec42fe36945cdaeb6c1520&request_id=c2677e15824e7d6a5bf6cfdbe010ba0e
Request Chain 4
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 6
  • http://www.google-analytics.com/collect?v=1&_v=j99&a=380289254&t=pageview&_s=2&dl=http%3A%2F%2Fr.ealeo.com%2Fgo%3Fe%3DDwCaxHVbjaF9gQAvgFW0Ozsmu3KeHFA80aC0OzX-bFLdR2X8bvCztRsyRaBdHFp9x3C5kGVy0aCeZKq7bFW4cRsYIGCdfxVXgvCzfHs7jmK9uFs8bPXabGs-jKF9IPrVy3C55GVxfvEuHPsW1KW09Is7t3K8gRr-bFLRu2Z_pPEmV3XTEwLwbHVyLPM55QL80KX99SA78SF-IFs-03Ba0QsmuQFdHPrx1UXdZTsmEGLdfGq70KW0bRs-D3K95Gq5jaBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=160214730.1677584846&tid=UA-32454353-1&_gid=1841316637.1677584846&cd1=oz9lp3I8n25coUuhL3k8sUkho3WmqKkeozyfrT5wsUk8sN%3D%3D&z=281310148 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j99&a=380289254&t=pageview&_s=2&dl=http%3A%2F%2Fr.ealeo.com%2Fgo%3Fe%3DDwCaxHVbjaF9gQAvgFW0Ozsmu3KeHFA80aC0OzX-bFLdR2X8bvCztRsyRaBdHFp9x3C5kGVy0aCeZKq7bFW4cRsYIGCdfxVXgvCzfHs7jmK9uFs8bPXabGs-jKF9IPrVy3C55GVxfvEuHPsW1KW09Is7t3K8gRr-bFLRu2Z_pPEmV3XTEwLwbHVyLPM55QL80KX99SA78SF-IFs-03Ba0QsmuQFdHPrx1UXdZTsmEGLdfGq70KW0bRs-D3K95Gq5jaBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=160214730.1677584846&tid=UA-32454353-1&_gid=1841316637.1677584846&cd1=oz9lp3I8n25coUuhL3k8sUkho3WmqKkeozyfrT5wsUk8sN%3D%3D&z=281310148
Request Chain 7
  • https://link.sylikes.com/?publisherId=693406&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&afPlacementId=316965&url=https%3A%2F%2Fwww.groupon.com%2F HTTP 302
  • https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Request Chain 13
  • https://loadus.exelator.com/load/?p=204&g=92&j=0 HTTP 302
  • https://loadus.exelator.com/load/?p=204&g=92&j=0&xl8blockcheck=1 HTTP 302
  • https://pxl.connexity.net/c/cse?a=R&A=292&D=6a0d&V=9&I0k=ptnrid&I0v=c6f9e9fe658c64f51905a7c2f68c91cf&b=1677584848329
Request Chain 31
  • https://11172243.searchiqnet.com/logClient?atemp=1&clickId=181079316933473524223644951146089196453&searchId=9525c720-3017-467a-8cd7-091193ccbe87&sid=11172243&viewableStatus=viewable&feedAdvertiserId=72&trackingId=5237759&adgroupKeyString=-5843794097799489316~444391470326304617&clickBehaviorOrdinal=0&feedAdvertiserAdvertiserId=5237759&findologyInternal=1&bid=fefF,fefU,LWii&entryPointClickDate=1677584850361&countryCode=840&dmaCode=501&entryPointReasonForUnpaid=null&keyword=online+coupons&networkType=SEARCH&targetId=5237759&trafficProviderKeyString=www4sskF-uwwku4S&viewedUrl=null&isRon=0&targetType=KEYWORD&categoryKeyString=0~0&windowPositionLeft=0&windowPositionTop=0&windowWidth=1600&windowHeight=1200&screenWidth=1600&screenHeight=1200&ableToSetCookie=true&redirect=https%3A%2F%2Fwww.groupon.com%2F%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dus_dt_sea_ggl_txt_smp_sr_cbp_ch1_nbr_d*ADNET_a181079316933473524223644951146089196453_g*homepage-1%26template%3Dregular%26bypass%3Dtrue%26anid%3D181079316933473524223644951146089196453&fallback=https%3A%2F%2Fwww.groupon.com%2F%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dus_dt_sea_ggl_txt_smp_sr_cbp_ch1_nbr_d*ADNET_a181079316933473524223644951146089196453_g*homepage-1%26template%3Dregular%26bypass%3Dtrue%26anid%3D181079316933473524223644951146089196453&ranking=1&passthruText=&targetKeyword=tLiqLI+EtWRtLN&queryKeyword=tLiqLI+EtWRtLN&matchedQueryKeyword=tLiqLI+EtWRtLN&expandedQueryKeyword=null&expandedQueryKeywordEnabled=0&flashEnabled=false&saidCategory=null&saidTier=null&isDomain=0&isTrace=1&nextBidderRepeatedSearch=0&nusfKey=5237759&spAdgroup=&spTarget=&spCategory=&deviceId=&redirectEvents=null&searchIqUserId= HTTP 302
  • https://www.groupon.com/?utm_source=google&utm_medium=cpc&utm_campaign=us_dt_sea_ggl_txt_smp_sr_cbp_ch1_nbr_d*ADNET_a181079316933473524223644951146089196453_g*homepage-1&template=regular&bypass=true&anid=181079316933473524223644951146089196453

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
redirect
r.ealeo.com/
Redirect Chain
  • http://soywaxamazon.com/
  • http://r.ealeo.com/redirect?redirect_id=3fd1ca2237ec42fe36945cdaeb6c1520&request_id=c2677e15824e7d6a5bf6cfdbe010ba0e
815 B
1023 B 		Document
General
Check archive.org
Download Go to
Full URL
http://r.ealeo.com/redirect?redirect_id=3fd1ca2237ec42fe36945cdaeb6c1520&request_id=c2677e15824e7d6a5bf6cfdbe010ba0e
Protocol
HTTP/1.1
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.23.3 / PHP/8.1.13
Resource Hash
621e8fb65ee49b92343c85896180017cc8e85520a610efd39536a9c3f7736f6f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Feb 2023 11:47:24 GMT
Server
nginx/1.23.3
Transfer-Encoding
chunked
X-Powered-By
PHP/8.1.13

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Tue, 28 Feb 2023 11:47:23 GMT
location
http://r.ealeo.com/redirect?redirect_id=3fd1ca2237ec42fe36945cdaeb6c1520&request_id=c2677e15824e7d6a5bf6cfdbe010ba0e
server
nginx
adren.css
r.ealeo.com/css/ 		243 B
479 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://r.ealeo.com/css/adren.css?n=3151462432
Requested by
Host: r.ealeo.com
URL: http://r.ealeo.com/redirect?redirect_id=3fd1ca2237ec42fe36945cdaeb6c1520&request_id=c2677e15824e7d6a5bf6cfdbe010ba0e
Protocol
HTTP/1.1
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.23.3 /
Resource Hash
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

Request headers

accept-language
en-US,en;q=0.9
Referer
http://r.ealeo.com/redirect?redirect_id=3fd1ca2237ec42fe36945cdaeb6c1520&request_id=c2677e15824e7d6a5bf6cfdbe010ba0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 11:47:24 GMT
Last-Modified
Sat, 03 Jul 2021 05:46:18 GMT
Server
nginx/1.23.3
ETag
"60dff9aa-f3"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
243
adren.min.js
r.ealeo.com/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://r.ealeo.com/js/adren.min.js?n=3151462432
Requested by
Host: r.ealeo.com
URL: http://r.ealeo.com/redirect?redirect_id=3fd1ca2237ec42fe36945cdaeb6c1520&request_id=c2677e15824e7d6a5bf6cfdbe010ba0e
Protocol
HTTP/1.1
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.23.3 /
Resource Hash
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec

Request headers

accept-language
en-US,en;q=0.9
Referer
http://r.ealeo.com/redirect?redirect_id=3fd1ca2237ec42fe36945cdaeb6c1520&request_id=c2677e15824e7d6a5bf6cfdbe010ba0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 11:47:24 GMT
Last-Modified
Sat, 03 Jul 2021 05:46:18 GMT
Server
nginx/1.23.3
ETag
"60dff9aa-1d68"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7528
go
r.ealeo.com/ Frame BDEB 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://r.ealeo.com/go?e=DwCaxHVbjaF9gQAvgFW0Ozsmu3KeHFA80aC0OzX-bFLdR2X8bvCztRsyRaBdHFp9x3C5kGVy0aCeZKq7bFW4cRsYIGCdfxVXgvCzfHs7jmK9uFs8bPXabGs-jKF9IPrVy3C55GVxfvEuHPsW1KW09Is7t3K8gRr-bFLRu2Z_pPEmV3XTEwLwbHVyLPM55QL80KX99SA78SF-IFs-03Ba0QsmuQFdHPrx1UXdZTsmEGLdfGq70KW0bRs-D3K95Gq5jaBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV
Requested by
Host: r.ealeo.com
URL: http://r.ealeo.com/js/adren.min.js?n=3151462432
Protocol
HTTP/1.1
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.23.3 / PHP/8.1.13
Resource Hash
e9db18059cd64bbc127436149bd4d2d233ad53ac2dd517cf93b8c6c744b9e875

Request headers

Referer
http://r.ealeo.com/redirect?redirect_id=3fd1ca2237ec42fe36945cdaeb6c1520&request_id=c2677e15824e7d6a5bf6cfdbe010ba0e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Feb 2023 11:47:24 GMT
Server
nginx/1.23.3
Transfer-Encoding
chunked
X-Powered-By
PHP/8.1.13
analytics.js
www.google-analytics.com/ Frame BDEB
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: r.ealeo.com
URL: http://r.ealeo.com/go?e=DwCaxHVbjaF9gQAvgFW0Ozsmu3KeHFA80aC0OzX-bFLdR2X8bvCztRsyRaBdHFp9x3C5kGVy0aCeZKq7bFW4cRsYIGCdfxVXgvCzfHs7jmK9uFs8bPXabGs-jKF9IPrVy3C55GVxfvEuHPsW1KW09Is7t3K8gRr-bFLRu2Z_pPEmV3XTEwLwbHVyLPM55QL80KX99SA78SF-IFs-03Ba0QsmuQFdHPrx1UXdZTsmEGLdfGq70KW0bRs-D3K95Gq5jaBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV
Protocol
H2
Server
2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://r.ealeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Feb 2023 10:41:43 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3943
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 28 Feb 2023 12:41:43 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
collect
www.google-analytics.com/j/ Frame BDEB 		3 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=380289254&t=pageview&_s=1&dl=http%3A%2F%2Fr.ealeo.com%2Fgo%3Fe%3DDwCaxHVbjaF9gQAvgFW0Ozsmu3KeHFA80aC0OzX-bFLdR2X8bvCztRsyRaBdHFp9x3C5kGVy0aCeZKq7bFW4cRsYIGCdfxVXgvCzfHs7jmK9uFs8bPXabGs-jKF9IPrVy3C55GVxfvEuHPsW1KW09Is7t3K8gRr-bFLRu2Z_pPEmV3XTEwLwbHVyLPM55QL80KX99SA78SF-IFs-03Ba0QsmuQFdHPrx1UXdZTsmEGLdfGq70KW0bRs-D3K95Gq5jaBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=932455812&gjid=1759698579&cid=160214730.1677584846&tid=UA-32454353-1&_gid=1841316637.1677584846&_r=1&_slc=1&z=1760116173
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://r.ealeo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 11:47:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://r.ealeo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame BDEB
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j99&a=380289254&t=pageview&_s=2&dl=http%3A%2F%2Fr.ealeo.com%2Fgo%3Fe%3DDwCaxHVbjaF9gQAvgFW0Ozsmu3KeHFA80aC0OzX-bFLdR2X8bvCztRsyRaBdHFp9x3C5kGVy0aCeZKq...
  • https://www.google-analytics.com/collect?v=1&_v=j99&a=380289254&t=pageview&_s=2&dl=http%3A%2F%2Fr.ealeo.com%2Fgo%3Fe%3DDwCaxHVbjaF9gQAvgFW0Ozsmu3KeHFA80aC0OzX-bFLdR2X8bvCztRsyRaBdHFp9x3C5kGVy0aCeZK...
35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=380289254&t=pageview&_s=2&dl=http%3A%2F%2Fr.ealeo.com%2Fgo%3Fe%3DDwCaxHVbjaF9gQAvgFW0Ozsmu3KeHFA80aC0OzX-bFLdR2X8bvCztRsyRaBdHFp9x3C5kGVy0aCeZKq7bFW4cRsYIGCdfxVXgvCzfHs7jmK9uFs8bPXabGs-jKF9IPrVy3C55GVxfvEuHPsW1KW09Is7t3K8gRr-bFLRu2Z_pPEmV3XTEwLwbHVyLPM55QL80KX99SA78SF-IFs-03Ba0QsmuQFdHPrx1UXdZTsmEGLdfGq70KW0bRs-D3K95Gq5jaBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=160214730.1677584846&tid=UA-32454353-1&_gid=1841316637.1677584846&cd1=oz9lp3I8n25coUuhL3k8sUkho3WmqKkeozyfrT5wsUk8sN%3D%3D&z=281310148
Requested by
Host: r.ealeo.com
URL: http://r.ealeo.com/go?e=DwCaxHVbjaF9gQAvgFW0Ozsmu3KeHFA80aC0OzX-bFLdR2X8bvCztRsyRaBdHFp9x3C5kGVy0aCeZKq7bFW4cRsYIGCdfxVXgvCzfHs7jmK9uFs8bPXabGs-jKF9IPrVy3C55GVxfvEuHPsW1KW09Is7t3K8gRr-bFLRu2Z_pPEmV3XTEwLwbHVyLPM55QL80KX99SA78SF-IFs-03Ba0QsmuQFdHPrx1UXdZTsmEGLdfGq70KW0bRs-D3K95Gq5jaBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV
Protocol
H2
Server
2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://r.ealeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 22:16:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
48672
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j99&a=380289254&t=pageview&_s=2&dl=http%3A%2F%2Fr.ealeo.com%2Fgo%3Fe%3DDwCaxHVbjaF9gQAvgFW0Ozsmu3KeHFA80aC0OzX-bFLdR2X8bvCztRsyRaBdHFp9x3C5kGVy0aCeZKq7bFW4cRsYIGCdfxVXgvCzfHs7jmK9uFs8bPXabGs-jKF9IPrVy3C55GVxfvEuHPsW1KW09Is7t3K8gRr-bFLRu2Z_pPEmV3XTEwLwbHVyLPM55QL80KX99SA78SF-IFs-03Ba0QsmuQFdHPrx1UXdZTsmEGLdfGq70KW0bRs-D3K95Gq5jaBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=160214730.1677584846&tid=UA-32454353-1&_gid=1841316637.1677584846&cd1=oz9lp3I8n25coUuhL3k8sUkho3WmqKkeozyfrT5wsUk8sN%3D%3D&z=281310148
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
rd2
rd.bizrate.com/
Redirect Chain
  • https://link.sylikes.com/?publisherId=693406&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&afPlacement...
  • https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_...
15 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Requested by
Host: r.ealeo.com
URL: http://r.ealeo.com/go?e=DwCaxHVbjaF9gQAvgFW0Ozsmu3KeHFA80aC0OzX-bFLdR2X8bvCztRsyRaBdHFp9x3C5kGVy0aCeZKq7bFW4cRsYIGCdfxVXgvCzfHs7jmK9uFs8bPXabGs-jKF9IPrVy3C55GVxfvEuHPsW1KW09Is7t3K8gRr-bFLRu2Z_pPEmV3XTEwLwbHVyLPM55QL80KX99SA78SF-IFs-03Ba0QsmuQFdHPrx1UXdZTsmEGLdfGq70KW0bRs-D3K95Gq5jaBefxXvyaLuHPquk3pj5QAu1aFlZ3KWk3BjuHr_VPn1pKrtgvV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.138.218.207 , United States, ASN14332 (SHOPZILLA, US),
Reverse DNS
rd.bizrate.com
Software
nginx/1.20.1 /
Resource Hash
ab37e46b9aff938e67e1e1cce4202af133b7f6dcd27f82d5097a6b5b132c72c5

Request headers

Referer
http://r.ealeo.com/redirect?redirect_id=3fd1ca2237ec42fe36945cdaeb6c1520&request_id=c2677e15824e7d6a5bf6cfdbe010ba0e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache no-store
Connection
keep-alive
Content-Language
en-US
Content-Type
text/html;charset=UTF-8
Date
Tue, 28 Feb 2023 11:47:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
CP="NON DSP ADM DEV PSD TAI OUR IND STP PRE NAV UNI"
Pragma
no-cache
Server
nginx/1.20.1
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Date
Tue, 28 Feb 2023 11:47:27 GMT
Location
https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
P3P
CP="NON DSP ADM DEV PSD TAI OUR IND STP PRE NAV UNI"
Server
nginx/1.20.1
Transfer-Encoding
chunked
js
www.googletagmanager.com/gtag/ 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1070533785
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a74d927d26517961965a7e8c2b50814d53f82bdc93d5ab5966f1112ae9c399e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 11:47:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65445
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Feb 2023 11:47:28 GMT
ads.js
s5.cnnx.io/s2static/us/br/7a1e7714/br3/js/ 		22 B
540 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s5.cnnx.io/s2static/us/br/7a1e7714/br3/js/ads.js?a=1&ad_code=1
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-103.jfk50.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
a3148adeb204b3a8581d4774b05c2c46a9dca4c18e1b183223603ebb53375799

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 03:02:14 GMT
Via
1.1 8cdf4e2d4f4070992665477c4dbca0c0.cloudfront.net (CloudFront)
Last-Modified
Tue, 24 Jan 2023 21:42:08 GMT
Server
nginx/1.20.1
X-Amz-Cf-Pop
JFK50-P2
Age
636314
ETag
"16-5f30963318c00"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22
X-Amz-Cf-Id
FuAvbO5daq3vqFlUKxkh3c_OzAJos2QnRBkvpwpNZMd-pfhvHFWpKA==
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Feb 2023 11:47:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
ZMP8B0+DzoY5ACDAJXiHEnyEBxF3DCk0wENwa2+T3Vh8jmtcS2QxGQ3cYNIDghNTnmuEzJDi1VrOhUiahQKnRQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 28 Feb 2023 11:47:27 GMT
last-modified
Thu, 16 Feb 2023 18:31:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 460CE9B7E85F4C1CA7910DF2476FA583 Ref B: MIAEDGE2706 Ref C: 2023-02-28T11:47:28Z
etag
"8072cff03442d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11894
ytc.js
s.yimg.com/wi/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 11:47:25 GMT
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
7G7AKNBD4Z5J2J39
age
4
x-amz-server-side-encryption
AES256
content-length
5929
x-amz-id-2
bcrPn599UPmhdynZKSfMSTRb/Xx2UFLZtSy+hYzktIdKG+ElgEtz2ZJJ8+jdskffpt0+8jBymtg=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
cse
pxl.connexity.net/c/
Redirect Chain
  • https://loadus.exelator.com/load/?p=204&g=92&j=0
  • https://loadus.exelator.com/load/?p=204&g=92&j=0&xl8blockcheck=1
  • https://pxl.connexity.net/c/cse?a=R&A=292&D=6a0d&V=9&I0k=ptnrid&I0v=c6f9e9fe658c64f51905a7c2f68c91cf&b=1677584848329
44 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.connexity.net/c/cse?a=R&A=292&D=6a0d&V=9&I0k=ptnrid&I0v=c6f9e9fe658c64f51905a7c2f68c91cf&b=1677584848329
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
HTTP/1.1
Server
64.19.224.208 , United States, ASN14332 (SHOPZILLA, US),
Reverse DNS
Software
nginx /
Resource Hash
6d1743a4b9cd803083da5fd65626a4e92edebe73a40ee18f60276c96492b4afd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tues, 28 Feb 2023 11:47:28 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="CAO PSA OUR CURa DEVa PSDo PSAo BUS COR UNI COM",an.pp="http://www.connexity.com/privacy",an.oo="http://www.connexity.com/privacy",an.bt="N"
Content-Type
image/gif
Cache-Control
no-store, max-age=-1, post-check=0, pre-check=0
Content-Transfer-Encoding
binary
Connection
keep-alive
Expires
-1

Redirect headers

date
Tue, 28 Feb 2023 11:47:28 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pxl.connexity.net/c/cse?a=R&A=292&D=6a0d&V=9&I0k=ptnrid&I0v=c6f9e9fe658c64f51905a7c2f68c91cf&b=1677584848329
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
17135630.js
bat.bing.com/p/action/ 		0
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17135630.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 28 Feb 2023 11:47:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 27BFEB019ACA47748FD65E4F98A02347 Ref B: MIAEDGE2706 Ref C: 2023-02-28T11:47:28Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17135630&Ver=2&mid=af14d066-d59d-44b3-b2bd-7108b01f285c&sid=ad116be0b75d11ed911f7b0cd886fc04&vid=ad11d780b75d11ed8f06dd744228e77f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fc.next2.io%252Fapi%252Fads%253Fsid%253D11172243%2526said%253DMERCHANT_PARTNER_ID%2526kw%253Donline%252Bcoupons%2526link%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526fallback_url%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526partnerId%253DSZ_REDIRECT_ID%2526cnx%253D1%26mid%3D316965%26dMid%3D316965%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Da3602b01fbe7903aebe0e4176b965f77%26af_id%3D693406%26af_rid%3Dnull%26af_permalink_id%3Dd7cc0352d0e6cd4028b24a51d7130bb44eb4b030%26cobrand%3D1%26af_placement_id%3D316965%26afCampaignId%3Dj3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&r=http%3A%2F%2Fr.ealeo.com%2F&lt=1621&evt=pageLoad&sv=1&rn=759236
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 28 Feb 2023 11:47:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CD6209315926461DAC0EBCA0BBFE7B86 Ref B: MIAEDGE2706 Ref C: 2023-02-28T11:47:28Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17135630&Ver=2&mid=af14d066-d59d-44b3-b2bd-7108b01f285c&sid=ad116be0b75d11ed911f7b0cd886fc04&vid=ad11d780b75d11ed8f06dd744228e77f&vids=0&msclkid=N&pagetype=searchresults&sw=1600&sh=1200&sc=24&evt=custom&rn=115690
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 28 Feb 2023 11:47:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AE5EA24D6FFD4207AC0D82CC2B5BDCBF Ref B: MIAEDGE2706 Ref C: 2023-02-28T11:47:28Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
10135448.json
s.yimg.com/wi/config/ 		2 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10135448.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 11:16:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
8XX8S22AHMJJXS4N
age
1837
content-length
2
x-amz-id-2
T0m/tcxxfNVLLh9QoCTqo77qb1biNJwhwnIp8L8IetAMX+LyFeMOaFR/Mc1MJ/nIolJqLgxFcTc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
1593772137433234
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1593772137433234?v=2.9.97&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
895b7ddbe290a12bc7a20abfacf7b43e264e74fdea0faa0da07ba02ec55d133a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 28 Feb 2023 11:47:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110398
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
gyfhldWRJ3hg7HK5JEPI17owzEIefpqhoUmKuvaVRlQttrkP5S5F0SdyZ21Aw/uBu1mK23dGmdZpCAo4txVOWA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070533785/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070533785/?random=1677584848367&cv=11&fst=1677584848367&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fc.next2.io%252Fapi%252Fads%253Fsid%253D11172243%2526said%253DMERCHANT_PARTNER_ID%2526kw%253Donline%252Bcoupons%2526link%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526fallback_url%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526partnerId%253DSZ_REDIRECT_ID%2526cnx%253D1%26mid%3D316965%26dMid%3D316965%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Da3602b01fbe7903aebe0e4176b965f77%26af_id%3D693406%26af_rid%3Dnull%26af_permalink_id%3Dd7cc0352d0e6cd4028b24a51d7130bb44eb4b030%26cobrand%3D1%26af_placement_id%3D316965%26afCampaignId%3Dj3BvtxsmImM0&ref=http%3A%2F%2Fr.ealeo.com%2F&auid=62700792.1677584848&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1070533785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83b5e1ba97828b9786c24c0eeda50c376de02125fc8ec3f4c9dcf16ca038e36e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 11:47:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1493
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070533785/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070533785/?random=1677584848402&cv=11&fst=1677584848402&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fc.next2.io%252Fapi%252Fads%253Fsid%253D11172243%2526said%253DMERCHANT_PARTNER_ID%2526kw%253Donline%252Bcoupons%2526link%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526fallback_url%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526partnerId%253DSZ_REDIRECT_ID%2526cnx%253D1%26mid%3D316965%26dMid%3D316965%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Da3602b01fbe7903aebe0e4176b965f77%26af_id%3D693406%26af_rid%3Dnull%26af_permalink_id%3Dd7cc0352d0e6cd4028b24a51d7130bb44eb4b030%26cobrand%3D1%26af_placement_id%3D316965%26afCampaignId%3Dj3BvtxsmImM0&ref=http%3A%2F%2Fr.ealeo.com%2F&auid=62700792.1677584848&uamb=0&uaw=0&data=event%3Dpage_view%3Becomm_pagetype%3Dproduct%3Becomm_prodid%3D&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1070533785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
168c3ccb08c390bb8ed6a6ab93a77b07ddd4ed6e7ad4d4522a2419584548a4db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 11:47:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1508
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2028%20Feb%202023%2011%3A47%3A28%20GMT&n=0&.yp=10135448&f=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fc.next2.io%252Fapi%252Fads%253Fsid%253D11172243%2526said%253DMERCHANT_PARTNER_ID%2526kw%253Donline%252Bcoupons%2526link%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526fallback_url%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526partnerId%253DSZ_REDIRECT_ID%2526cnx%253D1%26mid%3D316965%26dMid%3D316965%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Da3602b01fbe7903aebe0e4176b965f77%26af_id%3D693406%26af_rid%3Dnull%26af_permalink_id%3Dd7cc0352d0e6cd4028b24a51d7130bb44eb4b030%26cobrand%3D1%26af_placement_id%3D316965%26afCampaignId%3Dj3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&e=http%3A%2F%2Fr.ealeo.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spdc.pbp.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 11:47:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Tue, 28 Feb 2023 11:47:28 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10135448&f=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fc.next2.io%252Fapi%252Fads%253Fsid%253D11172243%2526said%253DMERCHANT_PARTNER_ID%2526kw%253Donline%252Bcoupons%2526link%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526fallback_url%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526partnerId%253DSZ_REDIRECT_ID%2526cnx%253D1%26mid%3D316965%26dMid%3D316965%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Da3602b01fbe7903aebe0e4176b965f77%26af_id%3D693406%26af_rid%3Dnull%26af_permalink_id%3Dd7cc0352d0e6cd4028b24a51d7130bb44eb4b030%26cobrand%3D1%26af_placement_id%3D316965%26afCampaignId%3Dj3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&e=http%3A%2F%2Fr.ealeo.com%2F&enc=UTF-8&yv=1.13.0&et=custom&ea=ViewProduct&product_id=&tagmgr=gtm
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spdc.pbp.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 11:47:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Tue, 28 Feb 2023 11:47:28 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1593772137433234&ev=PageView&dl=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fc.next2.io%252Fapi%252Fads%253Fsid%253D11172243%2526said%253DMERCHANT_PARTNER_ID%2526kw%253Donline%252Bcoupons%2526link%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526fallback_url%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526partnerId%253DSZ_REDIRECT_ID%2526cnx%253D1%26mid%3D316965%26dMid%3D316965%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Da3602b01fbe7903aebe0e4176b965f77%26af_id%3D693406%26af_rid%3Dnull%26af_permalink_id%3Dd7cc0352d0e6cd4028b24a51d7130bb44eb4b030%26cobrand%3D1%26af_placement_id%3D316965%26afCampaignId%3Dj3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&rl=http%3A%2F%2Fr.ealeo.com%2F&if=false&ts=1677584848491&sw=1600&sh=1200&v=2.9.97&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677584848477.1743468423&it=1677584848249&coo=false&exp=b2&rqm=GET
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 28 Feb 2023 11:47:28 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1593772137433234&ev=AddToCart&dl=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fc.next2.io%252Fapi%252Fads%253Fsid%253D11172243%2526said%253DMERCHANT_PARTNER_ID%2526kw%253Donline%252Bcoupons%2526link%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526fallback_url%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526partnerId%253DSZ_REDIRECT_ID%2526cnx%253D1%26mid%3D316965%26dMid%3D316965%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Da3602b01fbe7903aebe0e4176b965f77%26af_id%3D693406%26af_rid%3Dnull%26af_permalink_id%3Dd7cc0352d0e6cd4028b24a51d7130bb44eb4b030%26cobrand%3D1%26af_placement_id%3D316965%26afCampaignId%3Dj3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&rl=http%3A%2F%2Fr.ealeo.com%2F&if=false&ts=1677584848512&cd[content_type]=product&cd[content_ids]=%5B%22%22%5D&cd[contents]=%5B%7B%22id%22%3A%22%22%2C%22quantity%22%3A1%7D%5D&sw=1600&sh=1200&v=2.9.97&r=stable&ec=1&o=30&fbp=fb.1.1677584848477.1743468423&it=1677584848249&coo=false&exp=b2&rqm=GET
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 28 Feb 2023 11:47:28 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1593772137433234&ev=ViewContent&dl=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fc.next2.io%252Fapi%252Fads%253Fsid%253D11172243%2526said%253DMERCHANT_PARTNER_ID%2526kw%253Donline%252Bcoupons%2526link%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526fallback_url%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526partnerId%253DSZ_REDIRECT_ID%2526cnx%253D1%26mid%3D316965%26dMid%3D316965%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Da3602b01fbe7903aebe0e4176b965f77%26af_id%3D693406%26af_rid%3Dnull%26af_permalink_id%3Dd7cc0352d0e6cd4028b24a51d7130bb44eb4b030%26cobrand%3D1%26af_placement_id%3D316965%26afCampaignId%3Dj3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&rl=http%3A%2F%2Fr.ealeo.com%2F&if=false&ts=1677584848515&cd[content_type]=product&cd[content_ids]=%5B%22%22%5D&cd[contents]=%5B%7B%22id%22%3A%22%22%2C%22mid%22%3A%22316965%22%2C%22atom%22%3A%22%22%7D%5D&sw=1600&sh=1200&v=2.9.97&r=stable&ec=2&o=30&fbp=fb.1.1677584848477.1743468423&it=1677584848249&coo=false&exp=b2&rqm=GET
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 28 Feb 2023 11:47:28 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/1070533785/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1070533785/?random=1677584848367&cv=11&fst=1677582000000&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fc.next2.io%252Fapi%252Fads%253Fsid%253D11172243%2526said%253DMERCHANT_PARTNER_ID%2526kw%253Donline%252Bcoupons%2526link%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526fallback_url%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526partnerId%253DSZ_REDIRECT_ID%2526cnx%253D1%26mid%3D316965%26dMid%3D316965%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Da3602b01fbe7903aebe0e4176b965f77%26af_id%3D693406%26af_rid%3Dnull%26af_permalink_id%3Dd7cc0352d0e6cd4028b24a51d7130bb44eb4b030%26cobrand%3D1%26af_placement_id%3D316965%26afCampaignId%3Dj3BvtxsmImM0&ref=http%3A%2F%2Fr.ealeo.com%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2379928853&rmt_tld=0&ipr=y
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 11:47:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1070533785/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1070533785/?random=1677584848402&cv=11&fst=1677582000000&bg=ffffff&guid=ON&async=1&gtm=45be32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fc.next2.io%252Fapi%252Fads%253Fsid%253D11172243%2526said%253DMERCHANT_PARTNER_ID%2526kw%253Donline%252Bcoupons%2526link%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526fallback_url%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526partnerId%253DSZ_REDIRECT_ID%2526cnx%253D1%26mid%3D316965%26dMid%3D316965%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Da3602b01fbe7903aebe0e4176b965f77%26af_id%3D693406%26af_rid%3Dnull%26af_permalink_id%3Dd7cc0352d0e6cd4028b24a51d7130bb44eb4b030%26cobrand%3D1%26af_placement_id%3D316965%26afCampaignId%3Dj3BvtxsmImM0&ref=http%3A%2F%2Fr.ealeo.com%2F&data=event%3Dpage_view%3Becomm_pagetype%3Dproduct%3Becomm_prodid%3D&fmt=3&is_vtc=1&random=2996486819&rmt_tld=0&ipr=y
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 11:47:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial-redirect-publisher-min-javascript-abtest-remarketing
rd.bizrate.com/em/ 		43 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rd.bizrate.com/em/interstitial-redirect-publisher-min-javascript-abtest-remarketing
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.138.218.207 , United States, ASN14332 (SHOPZILLA, US),
Reverse DNS
rd.bizrate.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Referer
https://rd.bizrate.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 11:47:29 GMT
Server
nginx/1.20.1
P3P
CP="NON DSP ADM DEV PSD TAI OUR IND STP PRE NAV UNI"
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Primary Request redirect
11172243.searchiqnet.com/
Redirect Chain
  • https://rd.connexity.net/rd2?mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b0...
  • https://c.next2.io/api/ads?sid=11172243&said=8114875&kw=online+coupons&link=https%3A%2F%2Fwww.groupon.com%2F&fallback_url=https%3A%2F%2Fwww.groupon.com%2F&partnerId=16775848477935597767610080301008...
  • https://c.pageprotect.net/c?pid=11172243-8114875&c=9e73f9b4e2cbb9e14f5a75385eb07a9e-FuewFsewwue4U%09mt.qiij%2FSef+%28CqLotnN+Dl+wfef%3B+CqLUk%3B+bUk%29+hRRiICIAdqv%2FSF4eFU+%28dBlmV%2C+iqHI+8IEHt%2...
  • https://11172243.searchiqnet.com/redirect?s=11172243&o=75&y=150&x=350&r=https%3A%2F%2Fwww.groupon.com%2F%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dus_dt_sea_ggl_txt_smp_sr_cbp_ch1_n...
8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://11172243.searchiqnet.com/redirect?s=11172243&o=75&y=150&x=350&r=https%3A%2F%2Fwww.groupon.com%2F%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dus_dt_sea_ggl_txt_smp_sr_cbp_ch1_nbr_d*ADNET_a181079316933473524223644951146089196453_g*homepage-1%26template%3Dregular%26bypass%3Dtrue%26anid%3D181079316933473524223644951146089196453&u=181079316933473524223644951146089196453&a=72&t=5237759&g=-5843794097799489316~444391470326304617&cb=0&faid=5237759&fint=1&b=fefF,fefU,LWii&epcCD=1677584850361&cc=840&dma=501&epcRFU=null&tk=tLiqLI+EtWRtLN&k=online+coupons&qk=tLiqLI+EtWRtLN&mqk=tLiqLI+EtWRtLN&eqk=null&eqke=0&nw=SEARCH&tgt=5237759&tp=www4sskF-uwwku4S&vu=null&ir=0&tt=KEYWORD&ck=0~0&rk=1&ptt=&f=https%3A%2F%2Fwww.groupon.com%2F%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dus_dt_sea_ggl_txt_smp_sr_cbp_ch1_nbr_d*ADNET_a181079316933473524223644951146089196453_g*homepage-1%26template%3Dregular%26bypass%3Dtrue%26anid%3D181079316933473524223644951146089196453&sc=null&st=null&id=0&it=1&nbrs=0&nk=5237759&fwc=0&lt=0&spa=&spt=&spc=&dvid=&sid=9525c720-3017-467a-8cd7-091193ccbe87
Requested by
Host: rd.bizrate.com
URL: https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.132.243.15 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.z-SNAPSHOT) /
Resource Hash

Request headers

Referer
https://rd.bizrate.com/rd2?t=https%3A%2F%2Fc.next2.io%2Fapi%2Fads%3Fsid%3D11172243%26said%3DMERCHANT_PARTNER_ID%26kw%3Donline%2Bcoupons%26link%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26fallback_url%3Dhttps%253A%252F%252Fwww.groupon.com%252F%26partnerId%3DSZ_REDIRECT_ID%26cnx%3D1&mid=316965&dMid=316965&tokenId=18P&bId=314&bidType=11&a=a3602b01fbe7903aebe0e4176b965f77&af_id=693406&af_rid=null&af_permalink_id=d7cc0352d0e6cd4028b24a51d7130bb44eb4b030&cobrand=1&af_placement_id=316965&afCampaignId=j3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-language
en-US
content-length
7953
content-type
text/html;charset=iso-8859-1
date
Tue, 28 Feb 2023 11:47:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
referrer-policy
same-origin
server
Jetty(9.4.z-SNAPSHOT)

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Tue, 28 Feb 2023 11:47:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://11172243.searchiqnet.com/redirect?s=11172243&o=75&y=150&x=350&r=https%3A%2F%2Fwww.groupon.com%2F%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dus_dt_sea_ggl_txt_smp_sr_cbp_ch1_nbr_d*ADNET_a181079316933473524223644951146089196453_g*homepage-1%26template%3Dregular%26bypass%3Dtrue%26anid%3D181079316933473524223644951146089196453&u=181079316933473524223644951146089196453&a=72&t=5237759&g=-5843794097799489316~444391470326304617&cb=0&faid=5237759&fint=1&b=fefF,fefU,LWii&epcCD=1677584850361&cc=840&dma=501&epcRFU=null&tk=tLiqLI+EtWRtLN&k=online+coupons&qk=tLiqLI+EtWRtLN&mqk=tLiqLI+EtWRtLN&eqk=null&eqke=0&nw=SEARCH&tgt=5237759&tp=www4sskF-uwwku4S&vu=null&ir=0&tt=KEYWORD&ck=0~0&rk=1&ptt=&f=https%3A%2F%2Fwww.groupon.com%2F%3Futm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dus_dt_sea_ggl_txt_smp_sr_cbp_ch1_nbr_d*ADNET_a181079316933473524223644951146089196453_g*homepage-1%26template%3Dregular%26bypass%3Dtrue%26anid%3D181079316933473524223644951146089196453&sc=null&st=null&id=0&it=1&nbrs=0&nk=5237759&fwc=0&lt=0&spa=&spt=&spc=&dvid=&sid=9525c720-3017-467a-8cd7-091193ccbe87
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
pragma
no-cache
server
Jetty(9.4.z-SNAPSHOT)
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1593772137433234&ev=Microdata&dl=https%3A%2F%2Frd.bizrate.com%2Frd2%3Ft%3Dhttps%253A%252F%252Fc.next2.io%252Fapi%252Fads%253Fsid%253D11172243%2526said%253DMERCHANT_PARTNER_ID%2526kw%253Donline%252Bcoupons%2526link%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526fallback_url%253Dhttps%25253A%25252F%25252Fwww.groupon.com%25252F%2526partnerId%253DSZ_REDIRECT_ID%2526cnx%253D1%26mid%3D316965%26dMid%3D316965%26tokenId%3D18P%26bId%3D314%26bidType%3D11%26a%3Da3602b01fbe7903aebe0e4176b965f77%26af_id%3D693406%26af_rid%3Dnull%26af_permalink_id%3Dd7cc0352d0e6cd4028b24a51d7130bb44eb4b030%26cobrand%3D1%26af_placement_id%3D316965%26afCampaignId%3Dj3BvtxsmImM0RTnxIGL1AzXbNJB24QnTgaC9q0Zcx0WzVTFY5apwyRsYuaE8IPqwg3B0R2AmEUF8AaXs1KW8Z2AmkKF9gQCu1KXWgmZ_xQEltPMQqmqafRA-tzE3ZUp%26rf_code%3Daf1%26af_assettype_id%3D14%26af_creative_id%3D2913&rl=http%3A%2F%2Fr.ealeo.com%2F&if=false&ts=1677584849999&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.97&r=stable&ec=3&o=30&fbp=fb.1.1677584848477.1743468423&it=1677584848249&coo=false&es=automatic&tm=3&exp=b2&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rd.bizrate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 28 Feb 2023 11:47:30 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
0
bat.bing.com/actionp/ 		0
0
/
www.groupon.com/
Redirect Chain
  • https://11172243.searchiqnet.com/logClient?atemp=1&clickId=181079316933473524223644951146089196453&searchId=9525c720-3017-467a-8cd7-091193ccbe87&sid=11172243&viewableStatus=viewable&feedAdvertiserI...
  • https://www.groupon.com/?utm_source=google&utm_medium=cpc&utm_campaign=us_dt_sea_ggl_txt_smp_sr_cbp_ch1_nbr_d*ADNET_a181079316933473524223644951146089196453_g*homepage-1&template=regular&bypass=tru...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bat.bing.com
URL
https://bat.bing.com/actionp/0?ti=17135630&Ver=2&mid=af14d066-d59d-44b3-b2bd-7108b01f285c&sid=ad116be0b75d11ed911f7b0cd886fc04&vid=ad11d780b75d11ed8f06dd744228e77f&vids=0&msclkid=N&evt=pageHide
Domain
www.groupon.com
URL
https://www.groupon.com/?utm_source=google&utm_medium=cpc&utm_campaign=us_dt_sea_ggl_txt_smp_sr_cbp_ch1_nbr_d*ADNET_a181079316933473524223644951146089196453_g*homepage-1&template=regular&bypass=true&anid=181079316933473524223644951146089196453

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

23 Cookies

Domain/Path Name / Value
.soywaxamazon.com/ Name: sid
Value: aa663042-b75d-11ed-816b-389b66c20471
r.ealeo.com/ Name: uuid
Value: 2766089273852747264
.ealeo.com/ Name: _ga
Value: GA1.2.160214730.1677584846
.ealeo.com/ Name: _gid
Value: GA1.2.1841316637.1677584846
.ealeo.com/ Name: _gat
Value: 1
.bizrate.com/ Name: sessionid
Value: 520331643151948519
.bizrate.com/ Name: br
Value: 16775848477059340843202030301012194
.bizrate.com/ Name: _data
Value: _time%3A%3Astart_time%3D1677584847%3Btimestamp%3D1677584847%7Ctracker%3A%3Ahtcnt%3D1%3Brf%3Dcldaf1%3Brf2%3D%3Bvsc%3Ddru%3Baf_id%3Baf_assettype_id%3Baf_creative_id%3Baf_placement_id%7Cdnt%3A%3Aon%3D0%3Bsrc%3D0
.bizrate.com/ Name: rng
Value: 9157054
.bizrate.com/ Name: redirect_data
Value: eyJvIjpbXSwibSI6WzMxNjk2NV0sImMiOltdLCJiIjpbXX0=
.bizrate.com/ Name: roi_cookie
Value: 16775848477935597767610080301008005%7C316965
.bizrate.com/ Name: roi_mid_attr
Value: 316965%3A316965
.bizrate.com/ Name: _uetsid
Value: ad116be0b75d11ed911f7b0cd886fc04
.bizrate.com/ Name: _uetvid
Value: ad11d780b75d11ed8f06dd744228e77f
.exelator.com/ Name: EE
Value: "c6f9e9fe658c64f51905a7c2f68c91cf"
.bat.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 25C4251E0B8D62F9244D37D80A3363B8
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHZLM0y1TIt1czUItnMJM3U0NLANNE82SjNzCLZ0jA5bXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQYEl%252BUWb6otDgxUUpaQyLSopPBR%252F2fgsAwG4q%252Bw%253D%253D"
.bizrate.com/ Name: _gcl_au
Value: 1.1.62700792.1677584848
.bizrate.com/ Name: _fbp
Value: fb.1.1677584848477.1743468423
.yahoo.com/ Name: A3
Value: d=AQABBNDp_WMCEFoJXyVDe97UarjstALqA6YFEgEBAQE7_2MHZAAAAAAA_eMAAA&S=AQAAAlwbEnI5ERxoU4MlKTNNEtI
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.connexity.net/ Name: COu
Value: e87604a8e8f2d607-07471b9ef0383839-2078c9c3ab7732ef

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11172243.searchiqnet.com
bat.bing.com
c.next2.io
c.pageprotect.net
connect.facebook.net
googleads.g.doubleclick.net
link.sylikes.com
loadus.exelator.com
pxl.connexity.net
r.ealeo.com
rd.bizrate.com
rd.connexity.net
s.yimg.com
s5.cnnx.io
soywaxamazon.com
sp.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.groupon.com
bat.bing.com
www.groupon.com
108.139.29.103
192.138.218.139
192.138.218.207
199.115.115.102
2001:4998:14:800::1001
209.132.243.15
209.132.243.25
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80c::200e
2607:f8b0:4006:816::2004
2607:f8b0:4006:81f::2002
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
52.0.156.250
64.19.224.208
66.165.243.160
76.13.32.146
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
168c3ccb08c390bb8ed6a6ab93a77b07ddd4ed6e7ad4d4522a2419584548a4db
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
2a74d927d26517961965a7e8c2b50814d53f82bdc93d5ab5966f1112ae9c399e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
55afe8ae4db5b6ca9ec5a3aca1f3a7b482ca51d0914acd250093f1a9ecbfccec
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
621e8fb65ee49b92343c85896180017cc8e85520a610efd39536a9c3f7736f6f
6d1743a4b9cd803083da5fd65626a4e92edebe73a40ee18f60276c96492b4afd
83b5e1ba97828b9786c24c0eeda50c376de02125fc8ec3f4c9dcf16ca038e36e
895b7ddbe290a12bc7a20abfacf7b43e264e74fdea0faa0da07ba02ec55d133a
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a3148adeb204b3a8581d4774b05c2c46a9dca4c18e1b183223603ebb53375799
ab37e46b9aff938e67e1e1cce4202af133b7f6dcd27f82d5097a6b5b132c72c5
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9db18059cd64bbc127436149bd4d2d233ad53ac2dd517cf93b8c6c744b9e875