URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Submission: On March 21 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 34 HTTP transactions. The main IP is 23.250.10.187, located in Buffalo, United States and belongs to SERVER-MANIA, CA. The main domain is www.yaysavings.com.
This is the only time www.yaysavings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
22 yaysavings.com
www.yaysavings.com
289 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
14 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 635
137 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
84 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6433
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
444 B
34 8
Domain Requested by
22 www.yaysavings.com www.yaysavings.com
3 www.facebook.com www.yaysavings.com
connect.facebook.net
2 static.xx.fbcdn.net www.facebook.com
2 www.google-analytics.com www.yaysavings.com
2 connect.facebook.net www.yaysavings.com
connect.facebook.net
1 www.google.de www.yaysavings.com
1 www.google.com www.yaysavings.com
1 stats.g.doubleclick.net www.google-analytics.com
34 8

This site contains links to these domains. Also see Links.

Domain
twitter.com
facebook.com
Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-12-29 -
2022-03-29
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
www.google.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
www.google.de
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh

This page contains 2 frames:

Primary Page: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Frame ID: 6FE28083C530F89096CEFF5D38828AA8
Requests: 30 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/like.php?action=like&app_id=1411597365791208&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc3f084c09ae4c%26domain%3Dwww.yaysavings.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.yaysavings.com%252Ff32594ccd353be8%26relation%3Dparent.parent&container_width=85&href=https%3A%2F%2Fwww.facebook.com%2Fyaysavings%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: 836D81D480E1B38A155CC913D55998C5
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Page Not Found | Yay Savings

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

29 %
HTTPS

86 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

546 kB
Transfer

1465 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 23
  • http://www.google-analytics.com/collect?v=1&_v=j96&a=2102972249&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Femail%2F2018%2Fimages%2Ftoptxtpm.png%5D&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Yay%20Savings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1645197984&gjid=214004775&cid=291020233.1647897243&tid=UA-51514291-1&_gid=1091416914.1647897243&cd2=&cd4=&cd5=&cd6=&cd7=&cd8=not%20adblocked&z=551064954 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j96&a=2102972249&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Femail%2F2018%2Fimages%2Ftoptxtpm.png%5D&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Yay%20Savings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1645197984&gjid=214004775&cid=291020233.1647897243&tid=UA-51514291-1&_gid=1091416914.1647897243&cd2=&cd4=&cd5=&cd6=&cd7=&cd8=not%20adblocked&z=551064954

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request toptxtpm.png]
www.yaysavings.com/email/2018/images/
10 KB
11 KB
Document
General
Full URL
http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
461e880517ef7816f42d57e14c62e2c6f0d3825dc90386e7875b473c54193ad7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Type
text/html
Server
Microsoft-IIS/8.5
Date
Mon, 21 Mar 2022 21:14:06 GMT
Content-Length
10651
fonts.css
www.yaysavings.com/css/
6 KB
829 B
Stylesheet
General
Full URL
http://www.yaysavings.com/css/fonts.css
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
21daf8bc87790fd7808ba1a6ae9b56b96cbbc82a4b60580f8b7c4d4557e06b37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/email/2018/images/toptxtpm.png]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:18 GMT
Server
Microsoft-IIS/8.5
ETag
"013a2a73849d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
520
font-awesome.min.css
www.yaysavings.com/css/
23 KB
6 KB
Stylesheet
General
Full URL
http://www.yaysavings.com/css/font-awesome.min.css
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/email/2018/images/toptxtpm.png]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:18 GMT
Server
Microsoft-IIS/8.5
ETag
"013a2a73849d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
5388
desktop.css
www.yaysavings.com/css/
96 KB
15 KB
Stylesheet
General
Full URL
http://www.yaysavings.com/css/desktop.css?id=7
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
9dde5bf29c37e8a5ca9632ab52abd4ae3a4f7d7ea120d7c407e3f46577ef9987

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/email/2018/images/toptxtpm.png]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 May 2019 14:09:47 GMT
Server
Microsoft-IIS/8.5
ETag
"808737da27bd51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
14875
jquery-1.11.2.min.js
www.yaysavings.com/js/
94 KB
33 KB
Script
General
Full URL
http://www.yaysavings.com/js/jquery-1.11.2.min.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/email/2018/images/toptxtpm.png]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:25 GMT
Server
Microsoft-IIS/8.5
ETag
"8030ceab3849d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
33367
yayfuncs.js
www.yaysavings.com/js/
16 KB
3 KB
Script
General
Full URL
http://www.yaysavings.com/js/yayfuncs.js?id=38
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
274bc0f7bee59fb614750dfb307f9394b2de700f0c97158eb64c54678e37efd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/email/2018/images/toptxtpm.png]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Mar 2020 19:23:48 GMT
Server
Microsoft-IIS/8.5
ETag
"03ad74148f6d51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
2409
main.js
www.yaysavings.com/js/
3 KB
1 KB
Script
General
Full URL
http://www.yaysavings.com/js/main.js?id=38
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
e983cbdb90422a80737ded8b12491f7a542f23947f0912959a8b5404671c80c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/email/2018/images/toptxtpm.png]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:25 GMT
Server
Microsoft-IIS/8.5
ETag
"8030ceab3849d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
869
iscroll.js
www.yaysavings.com/js/
49 KB
11 KB
Script
General
Full URL
http://www.yaysavings.com/js/iscroll.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
f7140a276af75852364eef880f13473fd4791455ba2cd650b7446e6562742a9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/email/2018/images/toptxtpm.png]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:25 GMT
Server
Microsoft-IIS/8.5
ETag
"8030ceab3849d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
11055
slidermenu.js
www.yaysavings.com/js/
310 B
587 B
Script
General
Full URL
http://www.yaysavings.com/js/slidermenu.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
0e46e836e07ed2da4337b7456c4493f182d53c82cd8560e79d59f2963a0b0d04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/email/2018/images/toptxtpm.png]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:06 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:25 GMT
Server
Microsoft-IIS/8.5
ETag
"27cc5bac3849d41:0"
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
310
yaysearch.js
www.yaysavings.com/js/
3 KB
1 KB
Script
General
Full URL
http://www.yaysavings.com/js/yaysearch.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6ee461d0cc884de09affa4cd5016f609f77dfdc692b09caf9baed2a1849e58b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/email/2018/images/toptxtpm.png]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Sep 2018 19:01:25 GMT
Server
Microsoft-IIS/8.5
ETag
"8030ceab3849d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
796
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2e3eee5889907cb473b84fec32c7776f259318ded0a1e3cf5e042d3a41767dae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
EdRO9EC6KAjsmhHobnXpOQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
zCD6T8eWCPHIIAQ62Btm0Lwz+oOLH95xaZMndwFsslFGJnJx7TPjF2bIwH72nP8qpYaFjj/FF7AWThB3w3aSIg==
x-fb-trip-id
917726464
x-fb-content-md5
6f9962979aeccffbc84d45ae06721265
x-frame-options
DENY
date
Mon, 21 Mar 2022 21:14:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"a9df5475af4292b92a33582f543843a5"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 21 Mar 2022 21:27:12 GMT
yaylogo.png
www.yaysavings.com/img/
8 KB
8 KB
Image
General
Full URL
http://www.yaysavings.com/img/yaylogo.png
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
95eb8b07171b4fb73896d80550127489cfdba979eb4b4a4559322c27051e5437

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/email/2018/images/toptxtpm.png]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:07 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:23 GMT
Server
Microsoft-IIS/8.5
ETag
"3b6010ab3849d41:0"
Content-Type
image/png
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
7870
mobile.css
www.yaysavings.com/css/
73 KB
12 KB
Stylesheet
General
Full URL
http://www.yaysavings.com/css/mobile.css?id=7
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
670056c8bdb366c707edb2655c7141e74e0c52feb97996565a9aa4112ab8c8a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/email/2018/images/toptxtpm.png]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Nov 2019 16:30:00 GMT
Server
Microsoft-IIS/8.5
ETag
"034866d7699d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
11749
yaysocial.js
www.yaysavings.com/js/
3 B
278 B
Script
General
Full URL
http://www.yaysavings.com/js/yaysocial.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/email/2018/images/toptxtpm.png]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:06 GMT
Last-Modified
Mon, 09 Mar 2020 19:12:39 GMT
Server
Microsoft-IIS/8.5
ETag
"dee583b346f6d51:0"
Content-Type
application/javascript
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
3
OpenSans-Semibold-webfont.woff2
www.yaysavings.com/fonts/
18 KB
18 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/OpenSans-Semibold-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/css/fonts.css
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
098e7ac0de17db2cabba259a1fada0ec31059515081c1a20d5074a46e6030ac4

Request headers

Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:07 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"554230a93849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
18384
Socialico-webfont.woff2
www.yaysavings.com/fonts/
18 KB
18 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/Socialico-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/css/fonts.css
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
7076e4b21ba41e2e1a010fdc7dcc0be7581d5e346607a885e8eaa2db462f8d22

Request headers

Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:07 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:21 GMT
Server
Microsoft-IIS/8.5
ETag
"88a788a93849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
18160
OpenSans-CondensedLight-webfont.woff2
www.yaysavings.com/fonts/
18 KB
19 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/OpenSans-CondensedLight-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/css/fonts.css
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
9d4cc0c1ea84b1247be95187311d7bb0f0d1485ee9c35066d9f814e4bf8bebbb

Request headers

Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:07 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"63cdfba83849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
18792
fontawesome-webfont.woff2
www.yaysavings.com/fonts/
55 KB
56 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/css/font-awesome.min.css
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
http://www.yaysavings.com/css/font-awesome.min.css
Origin
http://www.yaysavings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:07 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:19 GMT
Server
Microsoft-IIS/8.5
ETag
"df40aca83849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
56780
OpenSans-CondensedBold-webfont.woff2
www.yaysavings.com/fonts/
19 KB
19 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/OpenSans-CondensedBold-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/css/fonts.css
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
db5d26f32a5bd71c807e2bf85cb1f80e9e0c2232626f3682a6f1de422181167f

Request headers

Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:07 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"b7a7f4a83849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
19008
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
H2
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5952
date
Mon, 21 Mar 2022 19:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 21 Mar 2022 21:34:50 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
Podkova-Bold-webfont.woff2
www.yaysavings.com/fonts/
19 KB
19 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/Podkova-Bold-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/css/fonts.css
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
7e675279fe9369b2e36a829af868ccbb37a6888b44d2dcd0cb29f03aa5f7226e

Request headers

Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:07 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"9c1967a93849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
19688
sdk.js
connect.facebook.net/en_US/
288 KB
82 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=448303341777236db0e8ad084b13c477
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f6d550df58b421ccd1fbc1d67deff7c448f3dbce1188ab260040d62b15c911d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.yaysavings.com/
Origin
http://www.yaysavings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
H9xT7RHkhwK9F//3ZeACkQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84082
x-fb-rlafr
0
x-fb-debug
NfXE2keqhDYH3GGM1I9TKSPikyp1VS7/OslFliYYNDrlbdpIvA1QrSNHqjrzvQwJb5GMGh9eA1gjxnyasY/gXA==
x-fb-content-md5
af34da7b4ebbbb00b5c98e81e21c024b
x-frame-options
DENY
date
Mon, 21 Mar 2022 21:14:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"d7b8df14d017e6a340dc8643910f4c72"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 21 Mar 2023 18:14:09 GMT
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1411597365791208&ev=fb_page_view&dl=http%3A%2F%2Fwww.yaysavings.com%2Femail%2F2018%2Fimages%2Ftoptxtpm.png%5D&rl=&if=false&ts=1647897242495&sw=1600&sh=1200&at=
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 21:14:02 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 21 Mar 2022 21:14:02 GMT
collect
stats.g.doubleclick.net/j/
4 B
444 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51514291-1&cid=291020233.1647897243&jid=1645197984&gjid=214004775&_gid=1091416914.1647897243&_u=YGBAgAABAAAAAE~&z=1126540123
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.yaysavings.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 21 Mar 2022 21:14:02 GMT
content-type
text/plain
access-control-allow-origin
http://www.yaysavings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j96&a=2102972249&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Femail%2F2018%2Fimages%2Ftoptxtpm.png%5D&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%...
  • https://www.google-analytics.com/collect?v=1&_v=j96&a=2102972249&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Femail%2F2018%2Fimages%2Ftoptxtpm.png%5D&ul=en-us&de=UTF-8&dt=Page%20Not%20Found...
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2102972249&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Femail%2F2018%2Fimages%2Ftoptxtpm.png%5D&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Yay%20Savings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1645197984&gjid=214004775&cid=291020233.1647897243&tid=UA-51514291-1&_gid=1091416914.1647897243&cd2=&cd4=&cd5=&cd6=&cd7=&cd8=not%20adblocked&z=551064954
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
H3
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 09:17:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
42981
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j96&a=2102972249&t=pageview&_s=1&dl=http%3A%2F%2Fwww.yaysavings.com%2Femail%2F2018%2Fimages%2Ftoptxtpm.png%5D&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Yay%20Savings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1645197984&gjid=214004775&cid=291020233.1647897243&tid=UA-51514291-1&_gid=1091416914.1647897243&cd2=&cd4=&cd5=&cd6=&cd7=&cd8=not%20adblocked&z=551064954
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51514291-1&cid=291020233.1647897243&jid=1645197984&_u=YGBAgAABAAAAAE~&z=391264177
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 21:14:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51514291-1&cid=291020233.1647897243&jid=1645197984&_u=YGBAgAABAAAAAE~&z=391264177
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/email/2018/images/toptxtpm.png]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 21:14:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
like.php
www.facebook.com/v6.0/plugins/ Frame 836D
35 KB
13 KB
Document
General
Full URL
https://www.facebook.com/v6.0/plugins/like.php?action=like&app_id=1411597365791208&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc3f084c09ae4c%26domain%3Dwww.yaysavings.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.yaysavings.com%252Ff32594ccd353be8%26relation%3Dparent.parent&container_width=85&href=https%3A%2F%2Fwww.facebook.com%2Fyaysavings%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=448303341777236db0e8ad084b13c477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0298266d22331de95e5fecbf91ace14f664b2ad5e327838aed14b93e5cc2bc90
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.yaysavings.com/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v6.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
GFkn1LEWyEASiV4iIyN3yUHwE6Ig9awHmTN0cZvcr4y/qoBgARazCN0zn4jaOXWmGnVZRkU1+OMgQAMxBsYDfw==
date
Mon, 21 Mar 2022 21:14:02 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0
OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 836D
400 B
623 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v6.0/plugins/like.php?action=like&app_id=1411597365791208&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc3f084c09ae4c%26domain%3Dwww.yaysavings.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.yaysavings.com%252Ff32594ccd353be8%26relation%3Dparent.parent&container_width=85&href=https%3A%2F%2Fwww.facebook.com%2Fyaysavings%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 21:14:02 GMT
x-content-type-options
nosniff
content-md5
uF0RL4E+h23ClLQmPOTTMw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
400
x-fb-rlafr
0
x-fb-debug
dEapBxV1tONVMWG85YQEP/DBwvCn+nurLbPSlCmqYtpWT9kBicR01YCuEzi1OT/0yh+qcgoWZvQjccGDEGzBEg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 20 Mar 2023 05:54:11 GMT
O1HAmSXE-0h.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yV/l/en_US/ Frame 836D
523 KB
137 KB
XHR
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yV/l/en_US/O1HAmSXE-0h.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v6.0/plugins/like.php?action=like&app_id=1411597365791208&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc3f084c09ae4c%26domain%3Dwww.yaysavings.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.yaysavings.com%252Ff32594ccd353be8%26relation%3Dparent.parent&container_width=85&href=https%3A%2F%2Fwww.facebook.com%2Fyaysavings%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7edcc70692c82568abbc3ae7edd619b7a9bb776e803d873e7d03b3fd4f853f20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 21:14:02 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
rJej41MiqkLDaTm3Ym6aQg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
139427
x-fb-rlafr
0
x-fb-debug
vtchbYUIOAU4K7Ja5QOoHL9RddsUyTFTaDVEV3cxMRFytxUtgXSkPOsv0IaxJUD1CrrtebKvWFtDiLwBB+I/6g==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 18 Mar 2023 00:52:36 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame 836D
67 B
99 B
Image
General
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1647897242911&t_start=1647897242911&t_domcontent=1647897242915&t_layout=1647897242948&t_onload=1647897242948&t_paint=1647897242948&t_creport=1647897242948&t_tti=1647897242915&lid=7077664762721633446-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/v6.0/plugins/like.php?action=like&app_id=1411597365791208&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc3f084c09ae4c%26domain%3Dwww.yaysavings.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.yaysavings.com%252Ff32594ccd353be8%26relation%3Dparent.parent&container_width=85&href=https%3A%2F%2Fwww.facebook.com%2Fyaysavings%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
pragma
no-cache
x-fb-debug
I9fFCH/kso7U2+FzddhwZeUVSU7yAt88reR7nPf1TF87ReEI7r4tnqdRmvprRS/wd6Q/MPR1bzzmVe2wjTBpeg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 21 Mar 2022 21:14:02 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
nag.asp
www.yaysavings.com/modals/
2 KB
2 KB
XHR
General
Full URL
http://www.yaysavings.com/modals/nag.asp
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/js/jquery-1.11.2.min.js
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
27720c93874976cfc9186a04d547ebd8ff6b367e83caa8694aa86edc36767b26

Request headers

Accept
*/*
Referer
http://www.yaysavings.com/email/2018/images/toptxtpm.png]
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:10 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
Content-Length
2142
Content-Type
text/html
OpenSans-webfont.woff2
www.yaysavings.com/fonts/
18 KB
18 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/OpenSans-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/css/fonts.css
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
28254d0381f1ca30da97dc71124686cfaf60b42a0e25242fa1dd5d27fcf889fe

Request headers

Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:11 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"545743a93849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
18240
OpenSans-Bold-webfont.woff2
www.yaysavings.com/fonts/
18 KB
19 KB
Font
General
Full URL
http://www.yaysavings.com/fonts/OpenSans-Bold-webfont.woff2
Requested by
Host: www.yaysavings.com
URL: http://www.yaysavings.com/css/fonts.css
Protocol
HTTP/1.1
Server
23.250.10.187 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
dsa-sm-ny102.vilayer.com
Software
Microsoft-IIS/8.5 /
Resource Hash
76e15b2ab5986f983b5c23f28f72bc6fdf0237979ea33618348c6e22ed5ae13e

Request headers

Referer
http://www.yaysavings.com/css/fonts.css
Origin
http://www.yaysavings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 21:14:11 GMT
Last-Modified
Mon, 10 Sep 2018 19:01:20 GMT
Server
Microsoft-IIS/8.5
ETag
"993e1a83849d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
18852

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery boolean| nagModalOpen function| openStoreName function| openSearch function| closeModal function| showCouponModal function| loadModalPage function| loadModal function| showSignup function| showThanks function| reloadModal function| doFlip function| updateQueryStringParameter function| connectEmail function| rejoinEmail function| connectEmailLanding function| connectFacebook function| connectFacebook2 function| connectFacebookLanding function| hideWhoopsies function| showWhoopsies function| writeAdSense function| isMobile function| block_size function| lead_size function| block_size_infeed function| IScroll object| myScroll function| loaded undefined| yaySearchSelectedDiv function| selectSearchDiv function| deSelectSearchDiv function| initSearchDivs function| lookup function| lookup2 function| fbAsyncInit string| is_adblocked object| testAd string| dimensionValue string| GoogleAnalyticsObject function| ga object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
www.yaysavings.com/ Name: ASPSESSIONIDCASAQBDQ
Value: JHFMDKAABNIAOILJLEIDNPIC
.yaysavings.com/ Name: _ga
Value: GA1.2.291020233.1647897243
.yaysavings.com/ Name: _gid
Value: GA1.2.1091416914.1647897243
.yaysavings.com/ Name: _gat
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
static.xx.fbcdn.net
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.yaysavings.com
23.250.10.187
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:82b::2004
2a00:1450:400c:c08::9a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
0298266d22331de95e5fecbf91ace14f664b2ad5e327838aed14b93e5cc2bc90
098e7ac0de17db2cabba259a1fada0ec31059515081c1a20d5074a46e6030ac4
0e46e836e07ed2da4337b7456c4493f182d53c82cd8560e79d59f2963a0b0d04
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
21daf8bc87790fd7808ba1a6ae9b56b96cbbc82a4b60580f8b7c4d4557e06b37
222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7
274bc0f7bee59fb614750dfb307f9394b2de700f0c97158eb64c54678e37efd4
27720c93874976cfc9186a04d547ebd8ff6b367e83caa8694aa86edc36767b26
28254d0381f1ca30da97dc71124686cfaf60b42a0e25242fa1dd5d27fcf889fe
2e3eee5889907cb473b84fec32c7776f259318ded0a1e3cf5e042d3a41767dae
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
461e880517ef7816f42d57e14c62e2c6f0d3825dc90386e7875b473c54193ad7
670056c8bdb366c707edb2655c7141e74e0c52feb97996565a9aa4112ab8c8a9
6ee461d0cc884de09affa4cd5016f609f77dfdc692b09caf9baed2a1849e58b9
7076e4b21ba41e2e1a010fdc7dcc0be7581d5e346607a885e8eaa2db462f8d22
76e15b2ab5986f983b5c23f28f72bc6fdf0237979ea33618348c6e22ed5ae13e
7e675279fe9369b2e36a829af868ccbb37a6888b44d2dcd0cb29f03aa5f7226e
7edcc70692c82568abbc3ae7edd619b7a9bb776e803d873e7d03b3fd4f853f20
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
95eb8b07171b4fb73896d80550127489cfdba979eb4b4a4559322c27051e5437
9d4cc0c1ea84b1247be95187311d7bb0f0d1485ee9c35066d9f814e4bf8bebbb
9dde5bf29c37e8a5ca9632ab52abd4ae3a4f7d7ea120d7c407e3f46577ef9987
9f6d550df58b421ccd1fbc1d67deff7c448f3dbce1188ab260040d62b15c911d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
db5d26f32a5bd71c807e2bf85cb1f80e9e0c2232626f3682a6f1de422181167f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e983cbdb90422a80737ded8b12491f7a542f23947f0912959a8b5404671c80c9
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7140a276af75852364eef880f13473fd4791455ba2cd650b7446e6562742a9d