www.savings.com Open in urlscan Pro
23.55.230.175 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.savings.com/u/click?_t=284b0eb146f147ceb44d29aedfbdbbc4&_m=c01e986779ca4ed4841b59eb722cc5c7&_e=vEr-6MR9R-leR...
Effective URL:
https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pe...
Submission: On October 27 via manual (October 27th 2023, 5:47:45 pm UTC) from US — Scanned from DE

Summary HTTP 67 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 15 domains to perform 67 HTTP transactions. The main IP is 23.55.230.175, located in Düsseldorf, Germany and belongs to AKAMAI-AS, US. The main domain is www.savings.com. The Cisco Umbrella rank of the primary domain is 506060.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 26th 2023. Valid for: a year.

This is the only time www.savings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.207.65.31 44.207.65.31	14618 (AMAZON-AES) (AMAZON-AES)
1 26	23.55.230.175 23.55.230.175	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:616c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2606:4700:20:... 2606:4700:20::ac43:49ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2251:d800:15:875a:d300:21	16509 (AMAZON-02) (AMAZON-02)
8	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1	3.162.38.31 3.162.38.31	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	18.164.52.121 18.164.52.121	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1f14:5db... 2600:1f14:5db:eb11:9a56:ad25:21d5:260a	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	52.36.168.171 52.36.168.171	16509 (AMAZON-02) (AMAZON-02)
67	18

1 44.207.65.31 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-65-31.compute-1.amazonaws.com

links.savings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 23.55.230.175 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-230-175.deploy.static.akamaitechnologies.com

www.savings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
node2.sdccdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:616c (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:49ec (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:d800:15:875a:d300:21 (United States)

ASN16509 (AMAZON-02, US)

d2xu3jvg5io30s.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.38.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-38-31.cdg52.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.52.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-121.cdg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb11:9a56:ad25:21d5:260a (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.36.168.171 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-168-171.us-west-2.compute.amazonaws.com

zekelofnbk.execute-api.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	sdccdn.com node2.sdccdn.com	213 KB
9	userway.org cdn.userway.org — Cisco Umbrella Rank: 4291 api.userway.org — Cisco Umbrella Rank: 4209	58 KB
8	lytics.io c.lytics.io — Cisco Umbrella Rank: 9077	51 KB
4	amazonaws.com zekelofnbk.execute-api.us-west-2.amazonaws.com — Cisco Umbrella Rank: 269947	774 B
4	savings.com 2 redirects links.savings.com www.savings.com — Cisco Umbrella Rank: 506060	23 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	270 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6862	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	396 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	662 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	60 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	getclicky.com static.getclicky.com — Cisco Umbrella Rank: 11582 in.getclicky.com — Cisco Umbrella Rank: 9854	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	183 KB
1	cloudfront.net d2xu3jvg5io30s.cloudfront.net	13 KB
67	15

	Domain	Requested by
23	node2.sdccdn.com	www.savings.com node2.sdccdn.com
8	cdn.userway.org	www.savings.com cdn.userway.org
8	c.lytics.io	www.savings.com c.lytics.io
4	zekelofnbk.execute-api.us-west-2.amazonaws.com	d2xu3jvg5io30s.cloudfront.net
3	www.facebook.com	www.savings.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.savings.com	1 redirects node2.sdccdn.com
2	www.google.de	www.savings.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.savings.com connect.facebook.net
2	www.googletagmanager.com	www.savings.com www.googletagmanager.com
1	in.getclicky.com	static.getclicky.com
1	api.userway.org	cdn.userway.org
1	www.google.com	www.savings.com
1	script.hotjar.com	static.hotjar.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	d2xu3jvg5io30s.cloudfront.net	www.googletagmanager.com
1	static.getclicky.com	www.googletagmanager.com
1	links.savings.com	1 redirects
67	20

This site contains links to these domains. Also see Links.

Domain
savings.zendesk.com
compliance.centerfield.com
www.savoo.co.uk
www.savoo.de
www.savoo.fr
www.savoo.es
www.savoo.com.au
www.savoo.ca
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.savings.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-26` - `2024-04-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.getclicky.com E1	`2023-10-05` - `2024-01-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-06` - `2023-11-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
*.execute-api.us-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-06-02` - `2024-06-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Frame ID: 2113AFC9A4FCD269A0B37A44456AD621
Requests: 66 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

40% Off Tempur-Pedic Coupons, Promo Codes & Deals - October 2023

Page URL History Show full URLs

http://links.savings.com/u/click?_t=284b0eb146f147ceb44d29aedfbdbbc4&_m=c01e986779ca4ed4841b59eb722cc... HTTP 303
https://www.savings.com/m/email/tempurpedic.com/d?did=9226564&pid=13005710&utm_source=dedicated&utm_... HTTP 302
https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&ut... Page URL

Detected technologies

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

Page Statistics

67
Requests

100 %
HTTPS

72 %
IPv6

15
Domains

20
Subdomains

18
IPs

3
Countries

715 kB
Transfer

2189 kB
Size

31
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://savings.zendesk.com/
Title: Help Desk

Search URL Search Domain Scan URL

URL: https://compliance.centerfield.com/doNotSell.php?ReferenceURL=savings.com#/rightsRequest
Title: Do Not Sell/Share My Personal Information

Search URL Search Domain Scan URL

URL: https://www.savoo.co.uk/

Search URL Search Domain Scan URL

URL: https://www.savoo.de/

Search URL Search Domain Scan URL

URL: https://www.savoo.fr/

Search URL Search Domain Scan URL

URL: https://www.savoo.es/

Search URL Search Domain Scan URL

URL: https://www.savoo.com.au/

Search URL Search Domain Scan URL

URL: https://www.savoo.ca/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Savings

Search URL Search Domain Scan URL

URL: https://twitter.com/savings

Search URL Search Domain Scan URL

URL: https://www.instagram.com/savings_com/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SavingsDotCom

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/savings-com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.savings.com/u/click?_t=284b0eb146f147ceb44d29aedfbdbbc4&_m=c01e986779ca4ed4841b59eb722cc5c7&_e=vEr-6MR9R-leRprJF8E2lf1CqKeKlUa51Lh3qJmafRlNkDURglNdI6vD9A-cQIv4-24PWJFETQnoD9FmBzrecrDt0NPdRq5zV-JERv_v-7dQ2O7xRqIZLXzu4zqSS6DEcRbnjBDZOGHHJ2Yw790m2Po2ShjO23kNkkJ9TSdTP40KCh8QtiPX6QyJ0BLPIkW-oC7oZcq5JEF1NfIU9PpcEkpPtOlUXX8DKxT34k4_fzglcKrxNtU4gNhaDUp5RXF9FTyMHdcVQazCBnCALglNIvHerjMXdviatwSmkip9mTX3Gx5yZMaYzDAUhxMzOxK_D32fOa-jlxm-aPj8PF7aPXhPT65Nd11OXe2hBl1d6Iuv0C22dsSVUIYEj6hD8uuZYcD-OZZiQF4k7KcDJ10Zd9TOf4S7wss4k-KJ60BtAcXD2tAKskScbW6cl1g9dAQwdTXPDYsj5lwsD0nsR0lNgYUwXc9Lnf7NeNpswCJIV8QCH4BnGcohB8KD_FeGlT9WeE1MNU46-XQYo31Fa6xZhWzk2vfZMyYn6_KxGo2Thco%3D HTTP 303
https://www.savings.com/m/email/tempurpedic.com/d?did=9226564&pid=13005710&utm_source=dedicated&utm_medium=email&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&x=nnY82m7mLbzMbib7lJGrvcHASpZGpMiv66m0TDmqRwlGVoa8%252FiPbEQ%253D%253D&p2=Tempur-Pedic HTTP 302
https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tempurpedic.com Show response
www.savings.com/coupons/
Redirect Chain

http://links.savings.com/u/click?_t=284b0eb146f147ceb44d29aedfbdbbc4&_m=c01e986779ca4ed4841b59eb722cc5c7&_e=vEr-6MR9R-leRprJF8E2lf1CqKeKlUa51Lh3qJmafRlNkDURglNdI6vD9A-cQIv4-24PWJFETQnoD9FmBzrecrDt0...
https://www.savings.com/m/email/tempurpedic.com/d?did=9226564&pid=13005710&utm_source=dedicated&utm_medium=email&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262...
https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-P...

114 KB
18 KB

209ms
209ms

Document
text/html

23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-55-230-175.deploy.static.akamaitechnologies.com

Software

Resource Hash

e0968362c3ffbcdc5fc42bb982e6fd4912aff500d6892e1c2aca3f81f749a645

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-language: en-US
content-length: 17830
content-type: text/html; charset=UTF-8
date: Fri, 27 Oct 2023 17:47:38 GMT
server
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private
content-length: 287
content-type: text/html
date: Fri, 27 Oct 2023 17:47:38 GMT
location: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated#d-9226564
server
vary: Accept-Encoding
x-robots-tag: noindex, nofollow

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 276 KB
93 KB 151ms
63ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WMF4HVR

Requested by

Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2c65c5b897214b400c5b210cc21ef8551a3903175353a4380cc6951aa6fc597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94897
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Oct 2023 17:47:39 GMT

GET
H2 200 tk-poppins-400.woff2
node2.sdccdn.com/fonts/poppins/ 11 KB
11 KB 165ms
59ms Font
application/octet-stream 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://node2.sdccdn.com/fonts/poppins/tk-poppins-400.woff2
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b6f5d61563c157daf91c76c9909e5d6410928fa9583ce04f362c3359a222af22

Request headers

Referer: https://www.savings.com/
Origin: https://www.savings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
last-modified: Mon, 28 Dec 2020 16:57:56 GMT
server
etag: "EucDQzJ3+sO"
access-control-allow-origin: *
cache-control: public, max-age=1388786
content-length: 11200
expires: Sun, 12 Nov 2023 19:34:05 GMT

GET
H2 200 tk-poppins-600.woff2
node2.sdccdn.com/fonts/poppins/ 11 KB
11 KB 214ms
109ms Font
application/octet-stream 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://node2.sdccdn.com/fonts/poppins/tk-poppins-600.woff2
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65475ce49a4da735ed9defc8b1faae5290810dc23aa08c7438427d435c027dc5

Request headers

Referer: https://www.savings.com/
Origin: https://www.savings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
last-modified: Mon, 28 Dec 2020 16:57:56 GMT
server
etag: "FRF+asEfAwF"
access-control-allow-origin: *
cache-control: public, max-age=1388726
content-length: 11564
expires: Sun, 12 Nov 2023 19:33:05 GMT

GET
H2 200 fa-solid-900.woff2
node2.sdccdn.com/fonts/webfonts-subset/ 17 KB
17 KB 193ms
87ms Font
application/octet-stream 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://node2.sdccdn.com/fonts/webfonts-subset/fa-solid-900.woff2?v=17
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1be555ca5e351453170a3cfcf81bf803e93d16995bdf968fa527000f3d093850

Request headers

Referer: https://www.savings.com/
Origin: https://www.savings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
last-modified: Mon, 21 Aug 2023 15:00:16 GMT
server
etag: "E4gZ0YKs4sW"
access-control-allow-origin: *
cache-control: public, max-age=2593628
content-length: 17564
expires: Sun, 26 Nov 2023 18:14:47 GMT

GET
H2 200 fa-regular-400.woff2
node2.sdccdn.com/fonts/webfonts-subset/ 2 KB
2 KB 167ms
62ms Font
application/octet-stream 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://node2.sdccdn.com/fonts/webfonts-subset/fa-regular-400.woff2?v=17
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ce666b62ff89a7f4fbcd83e0b281b8faf1d856aaf21cdcf918496ef6bdd6675e

Request headers

Referer: https://www.savings.com/
Origin: https://www.savings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
last-modified: Mon, 21 Aug 2023 15:00:16 GMT
server
etag: "98dnfzYxnMo"
access-control-allow-origin: *
cache-control: public, max-age=2593623
content-length: 2144
expires: Sun, 26 Nov 2023 18:14:42 GMT

GET
H2 200 fa-light-300.woff2
node2.sdccdn.com/fonts/webfonts-subset/ 1 KB
1 KB 191ms
85ms Font
application/octet-stream 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://node2.sdccdn.com/fonts/webfonts-subset/fa-light-300.woff2?v=17
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 111b4158cc571c52b653321759758e7c540a6fa6b8ebd94142a3399c236d9865

Request headers

Referer: https://www.savings.com/
Origin: https://www.savings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
last-modified: Mon, 21 Aug 2023 15:00:16 GMT
server
etag: "BvQv6kzdBJ0"
access-control-allow-origin: *
cache-control: public, max-age=2593627
content-length: 1228
expires: Sun, 26 Nov 2023 18:14:46 GMT

GET
H2 200 fa-brands-400.woff2
node2.sdccdn.com/fonts/webfonts-subset/ 3 KB
3 KB 191ms
86ms Font
application/octet-stream 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://node2.sdccdn.com/fonts/webfonts-subset/fa-brands-400.woff2?v=17
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d9da2269738f8fca8a4526e5cec6f4e1cb57c26d62cc6639de1d0656608065e9

Request headers

Referer: https://www.savings.com/
Origin: https://www.savings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
last-modified: Mon, 21 Aug 2023 15:00:16 GMT
server
etag: "HbeXrxSRWgs"
access-control-allow-origin: *
cache-control: public, max-age=2593560
content-length: 3044
expires: Sun, 26 Nov 2023 18:13:39 GMT

GET
H2 200 shared.bundle.min.css
node2.sdccdn.com/dist/sdc2/ 3 KB
1 KB 94ms
81ms Stylesheet
text/css 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://node2.sdccdn.com/dist/sdc2/shared.bundle.min.css?v=8c92dea1
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a99fc0221466f5998174aa35f3dcf93ed288b94aa7b526cc0e1af975b4b9df02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
content-encoding: gzip
last-modified: Fri, 15 Apr 2022 21:00:14 GMT
server
etag: "6iH1AwO/ins-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2600014
content-length: 1009
expires: Sun, 26 Nov 2023 20:01:13 GMT

GET
H2 200 common.bundle.min.css
node2.sdccdn.com/dist/sdc2/ 108 KB
21 KB 77ms
64ms Stylesheet
text/css 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://node2.sdccdn.com/dist/sdc2/common.bundle.min.css?v=e26d4302
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4db45b4517a739f9cecf24a598c175fb3399c9d594f88229bb4bc3cdf410da81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 03:00:18 GMT
server
etag: "9VyRcSw6S7b-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2664097
content-length: 20912
expires: Mon, 27 Nov 2023 13:49:16 GMT

GET
H2 200 merchant.bundle.min.css
node2.sdccdn.com/dist/sdc2/ 16 KB
4 KB 91ms
78ms Stylesheet
text/css 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://node2.sdccdn.com/dist/sdc2/merchant.bundle.min.css?v=35be1da9
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1df2482ae8524ca1a77275b4019e1a17c556f6ddbf71452200fef1d0c53c3491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
content-encoding: gzip
last-modified: Thu, 23 Feb 2023 16:00:18 GMT
server
etag: "Afawsny9tCX-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1624886
content-length: 3573
expires: Wed, 15 Nov 2023 13:09:05 GMT

GET
H2 200 savings.svg
node2.sdccdn.com/images/theme/sdc2/logos/ 3 KB
1 KB 74ms
73ms Image
image/svg+xml 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node2.sdccdn.com/images/theme/sdc2/logos/savings.svg?width=220&v=d434b2d1
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 47ebcacff50af45640662ddbe1efd7164c11278a815d04cf98a7132705cd4352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
content-encoding: gzip
last-modified: Mon, 28 Dec 2020 16:57:56 GMT
server
etag: "9r/Lbnmtsrv-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1981781
content-length: 1122
expires: Sun, 19 Nov 2023 16:17:20 GMT

GET
H2 200 5127524.svg
node2.sdccdn.com/images/savings/logo/ 4 KB
2 KB 103ms
102ms Image
image/svg+xml 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node2.sdccdn.com/images/savings/logo/5127524.svg?width=120&height=1
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c86301ad008c5dcdd87fb16282eb38b42ec2ffd700f0af21d74ec70715d8a4eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2023 21:16:30 GMT
server
etag: "AAAAYcA4Xuw-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=6538968
content-length: 1871
expires: Thu, 11 Jan 2024 10:10:27 GMT

GET
H2 200 charity-savings-cares-bg-tag.png
node2.sdccdn.com/img/ 4 KB
4 KB 75ms
74ms Image
image/png 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node2.sdccdn.com/img/charity-savings-cares-bg-tag.png
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4bde35d3d07e7253e0b26e38ef56d755c8e0de7fa4db34cf64b07bfacf81b30d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
last-modified: Mon, 12 Jun 2023 04:39:55 GMT
server
etag: "AAAAYit50V4"
content-type: image/png
cache-control: public, max-age=2749791
content-length: 4120
expires: Tue, 28 Nov 2023 13:37:30 GMT

GET
H2 200 bcrf-logo-rectangle.png
node2.sdccdn.com/img/ 35 KB
35 KB 77ms
76ms Image
image/png 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node2.sdccdn.com/img/bcrf-logo-rectangle.png?v=1width=135
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bae9e23f7715c2ea1bf8bd215a58dd1253a6e1084aaacb97aded436a23c4097f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
last-modified: Wed, 13 Sep 2023 19:02:32 GMT
server
etag: "AAAAYqP7HFA"
content-type: image/png
cache-control: public, max-age=5471496
content-length: 35588
expires: Sat, 30 Dec 2023 01:39:15 GMT

GET
H2 200 charity-savings-cares-logo.svg
node2.sdccdn.com/img/ 4 KB
2 KB 60ms
59ms Image
image/svg+xml 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node2.sdccdn.com/img/charity-savings-cares-logo.svg
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 22b0a66bd9f327e03c3631ac8b4b3dc45177877db9689748d5b2f44c614d623a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
content-encoding: gzip
last-modified: Thu, 02 Mar 2023 04:13:53 GMT
server
etag: "AAAAYaghsfo-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3701849
content-length: 1934
expires: Sat, 09 Dec 2023 14:05:08 GMT

GET
H2 200 1x1.gif
node2.sdccdn.com/images/savings/ 43 B
193 B 102ms
101ms Image
image/gif 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node2.sdccdn.com/images/savings/1x1.gif?width=1&height=1&v=cb8abdab
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
last-modified: Mon, 28 Dec 2020 16:57:56 GMT
server
etag: "E6CU8W60fgz"
content-type: image/gif
cache-control: public, max-age=1103465
content-length: 43
expires: Thu, 09 Nov 2023 12:18:44 GMT

GET
H2 200 shared.bundle.min.js Show response
node2.sdccdn.com/dist/sdc2/ 176 KB
57 KB 94ms
94ms Script
application/x-javascript 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://node2.sdccdn.com/dist/sdc2/shared.bundle.min.js?v=5ef234fd
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe75a06eb176f5530fefb741c0b292a722b63cb6ef8d68e8c7991c29dbcf151a

Request headers

Referer: https://www.savings.com/
Origin: https://www.savings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
content-encoding: gzip
last-modified: Wed, 30 Aug 2023 15:00:16 GMT
server
etag: "EhO6A8khaTc-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2766593
content-length: 58178
expires: Tue, 28 Nov 2023 18:17:32 GMT

GET
H2 200 common.bundle.min.js Show response
node2.sdccdn.com/dist/sdc2/ 53 KB
17 KB 75ms
75ms Script
application/x-javascript 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://node2.sdccdn.com/dist/sdc2/common.bundle.min.js?v=cbbafcad
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e18fd8fb48e405a105f33fd6030a25475f4c0296cc5bea790e01b3116d18cc1a

Request headers

Referer: https://www.savings.com/
Origin: https://www.savings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
content-encoding: gzip
last-modified: Wed, 30 Aug 2023 15:00:16 GMT
server
etag: "+aDIDGNhOXL-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2766433
content-length: 17354
expires: Tue, 28 Nov 2023 18:14:52 GMT

GET
H2 200 merchant.bundle.min.js Show response
node2.sdccdn.com/dist/sdc2/ 14 KB
5 KB 91ms
91ms Script
application/x-javascript 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://node2.sdccdn.com/dist/sdc2/merchant.bundle.min.js?v=8aef5ae8
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6bc4c78e362027a1ded1abeece765c14f45f7e9dd7d9f2fb59a27eac6722a4f9

Request headers

Referer: https://www.savings.com/
Origin: https://www.savings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
content-encoding: gzip
last-modified: Wed, 30 Aug 2023 15:00:16 GMT
server
etag: "5xYHaMbHliq-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2767252
content-length: 5437
expires: Tue, 28 Nov 2023 18:28:31 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11fcbd228e7d2b1ba69bf1863b629404fc8fc3ca082e24ac9995b7ba5c7bf1cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a6758e4e57c42cf78ef07d924105cb89a426c28e2ad9a9df7d8fe5fb8b1b795

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
89 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CS0K8ZDTEZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMF4HVR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7eaa03779e9d21f8c82f72e28638a6536f304ac30f30bd6124667a10ee87baa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91473
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 27 Oct 2023 17:47:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMF4HVR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 15:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6967
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 27 Oct 2023 17:51:32 GMT

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 151ms
50ms Script
text/javascript 2606:4700::6811:616c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMF4HVR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:616c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee892f4438a985948e729d440931f0437736840888a636bdfd054244886823a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Thu, 02 Nov 2023 20:05:47 GMT
date: Fri, 27 Oct 2023 17:47:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Oct 2023 20:05:47 GMT
server: cloudflare
age: 78110
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 81ccc3f39ada03d0-FRA
alt-svc: h3=":443"; ma=86400
x-proxy-cache: HIT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 134ms
40ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1e2e5c32b1e1de0fb17834f86fb384a14e2dd0d4acd1a70221c1d27dbe0020ab

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 27 Oct 2023 17:47:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54209
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: EkJD5q72ej0+kGVfEAf4qcFgQ7++XZ5ecupy52G9NHRpfX1NGGx5EKN2mVdJ2wZ8oYSXeHuqJRhqolHzOurLGQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/454e770b85fe774de7e6d1e3b80fef4a/ 66 KB
23 KB 161ms
54ms Script
application/javascript 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/454e770b85fe774de7e6d1e3b80fef4a/latest.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f658009e628815b34872408bba0aab03d0286073eca736959bfa13876195ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 16:31:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4548
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIY5fLfSpT%2F7J9AJQy%2BM1HpZ6sCB0zeEC6BRfKuEFSPZagPp0z8n60umC3HAnQYFgGdu3Tntq8UOTNDbD8Qtal5NCAKaLrfXtSdf6sHg9iNsiHOOC%2FXB%2BohHvxLOF0GgPGHdESOU21ng"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=7200
cf-ray: 81ccc3f3a9d16955-FRA

GET
H2 200 cfLytics.js Show response
d2xu3jvg5io30s.cloudfront.net/v1/js/ 37 KB
13 KB 138ms
45ms Script
application/javascript 2600:9000:2251:d800:15:875a:d300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2xu3jvg5io30s.cloudfront.net/v1/js/cfLytics.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMF4HVR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d800:15:875a:d300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 873afacc8dc267f9eb22eb95d50e61d041d9cc376e2a7395528e65a6894511a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 01 May 2023 21:48:10 GMT
content-encoding: gzip
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
last-modified: Mon, 01 May 2023 21:45:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 15451170
etag: W/"b7751c90e7a19f951a549368fb01af6a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: 5DZd026Utuhq2WLWWSjMS0eGmTv5r_B7E4auKX9b7JTdBKS7EOGUWA==

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 131ms
39ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.savings.com
URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b452b6054c204404bb37c1eefeadca3491747bb8691e7aff05683ce5bdffaa5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 27 Oct 2023 17:47:39 GMT
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 2244
x-amz-cf-pop: FRA60-P3
age: 123
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1698426615
x-77-nzt: AsO1qhE3Nzf/xAgAANRmOJw3Nzf/AAAAAA
x-accel-expires: @1698430215
x-77-age: 2244
x-cache-lb: HIT
last-modified: Fri, 27 Oct 2023 14:48:14 GMT
server: CDN77-Turbo
etag: W/"f838acf852e46c1ddeb80db6be8f9222"
x-77-nzt-ray: 4c15622428a293d6bbf73b652f65f51a
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: ISAyPuOFdwUuZGxEHo5W3j-GceJYWKgVZjUJ2yQ1-J7d7tYgnh1tFA==

GET
H2 200 hotjar-2518157.js Show response
static.hotjar.com/c/ 10 KB
4 KB 215ms
92ms Script
application/javascript 3.162.38.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2518157.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMF4HVR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.38.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-38-31.cdg52.r.cloudfront.net

Software

Resource Hash

a169815b3efeb3bfa8023b85db98db5e3454ea927d802f6aece1b07f64b63467

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 27 Oct 2023 17:47:39 GMT
via: 1.1 9e968b24c6054f424d91e25eac7bc7ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
etag: W/00da26cd149566083d0b92f7d89f53fc
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: zlBeDfny3IISZCqJsHVQBkx5d54tIb5pnYga1POyaAqApXkybqlWtw==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 136ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CS0K8ZDTEZ&gtm=45je3ap0v885354181z877610273&_p=1263329484&_gaz=1&gcd=11l1l1l1l1&cid=975462380.1698428859&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698428859&sct=1&seg=0&dl=https%3A%2F%2Fwww.savings.com%2Fcoupons%2Ftempurpedic.com%3Fclickid%3D175440365-1698428858730-70377702988990849%26utm_campaign%3DTempur-Pedic-Dedicated_SMS_10262023%26p1%3DTempur-Pedic-Dedicated_SMS_10262023%26p2%3DTempur-Pedic%26utm_medium%3Demail%26utm_source%3Ddedicated&dt=40%25%20Off%20Tempur-Pedic%20Coupons%2C%20Promo%20Codes%20%26%20Deals%20-%20October%202023&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CS0K8ZDTEZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 17:47:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.savings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 149ms
50ms Ping
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CS0K8ZDTEZ&cid=975462380.1698428859&gtm=45je3ap0v885354181z877610273&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CS0K8ZDTEZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 17:47:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.savings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 155ms
67ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CS0K8ZDTEZ&cid=975462380.1698428859&gtm=45je3ap0v885354181z877610273&aip=1&z=44925671

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 17:47:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget_app_base_1698417958350.js Show response
cdn.userway.org/widgetapp/2023-10-27-14-45-58/ 135 KB
40 KB 160ms
77ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-10-27-14-45-58/widget_app_base_1698417958350.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 60069686a475f49fb896a179b9c08da46081803b26ed3676bf0b9e5daf80a3c9

Request headers

Referer: https://www.savings.com/
Origin: https://www.savings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 27 Oct 2023 17:47:39 GMT
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 10567
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1698418292
x-77-nzt: AsO1qhE3Nzf/RykAANRmOJw3Nzf/dwAAAA
x-accel-expires: @1724338173
x-77-age: 10686
x-cache-lb: HIT
last-modified: Fri, 27 Oct 2023 14:48:08 GMT
server: CDN77-Turbo
etag: W/"290bc5ab4df6122b860aadf459246740"
x-77-nzt-ray: 4c156224aeb20bdabbf73b65faab6422
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: jM5j8T3KkD5LaunhbuhLMaRUGZvkHai63mVTeonvCNwSCJRIsNDtXA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 48ms
47ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1263329484&t=pageview&_s=1&dl=https%3A%2F%2Fwww.savings.com%2Fcoupons%2Ftempurpedic.com%3Fclickid%3D175440365-1698428858730-70377702988990849%26utm_campaign%3DTempur-Pedic-Dedicated_SMS_10262023%26p1%3DTempur-Pedic-Dedicated_SMS_10262023%26p2%3DTempur-Pedic%26utm_medium%3Demail%26utm_source%3Ddedicated&ul=en-us&de=UTF-8&dt=40%25%20Off%20Tempur-Pedic%20Coupons%2C%20Promo%20Codes%20%26%20Deals%20-%20October%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=595659025&gjid=1992477637&cid=975462380.1698428859&tid=UA-99557-2&_gid=848644991.1698428860&_r=1&_slc=1&gtm=45He3ap0n81WMF4HVRv77610273&gcd=11l1l1l1l1&z=1884611298

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.savings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 17:47:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.savings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 454e770b85fe774de7e6d1e3b80fef4a Show response
c.lytics.io/cid/ 24 B
455 B 182ms
182ms Script
text/javascript 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/cid/454e770b85fe774de7e6d1e3b80fef4a?assign=false&callback=u_268963402076407780

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/454e770b85fe774de7e6d1e3b80fef4a/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33156f803b055bd4f3ba5ae87db987e2e3afe2d9e7b3bdec54e22cb939ed8f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 24
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WExePVfKu7aHioqocEQLfMH4%2F3sD5cikCL2MpM1GX2tImcTriTaUiA1cE6rxUF7ueKUARyOedqTdhApH7yJ9bdgWgh%2BoAnjLoNV9zoM9eIlDucB2rIbPQrFw7upML7KMHkJCio1RUHnf"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 81ccc3f45ab96955-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 modules.132f983e088e46bc619e.js Show response
script.hotjar.com/ 226 KB
55 KB 176ms
54ms Script
application/javascript 18.164.52.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.132f983e088e46bc619e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2518157.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-121.cdg50.r.cloudfront.net

Software

Resource Hash

bbeb842bd87163ca006c8603eac9bb9458ea3f05238c9fac398ae75b8c96eea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e62fdd28aecc715b248568cb8338e8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 11972
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56235
last-modified: Fri, 27 Oct 2023 14:28:06 GMT
etag: "24211094ec33cac8a2dbf78e3d341c4f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: d4v8GrNyixqLYYGtpMBzPG-Wbx_gR2OYGJoJiQ3EMoyR1R_PwWiDVA==

GET
H2 200 830316797830859 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 169ms
168ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/830316797830859?v=2.9.136&r=stable&domain=www.savings.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8a9218fdba4cb01d5e566e7a6e206606defa76589ec767006769736300095f6b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 27 Oct 2023 17:47:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: I1AV/Y20Lx4RTN4jb0vRdysQimcjUgftWJ69N9Wzvoau5Tnw28u+fBmzDrYE3jbqC9J2LKUcBoA5W0QbmXT3tA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 48ms
48ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-99557-2&cid=975462380.1698428859&jid=595659025&gjid=1992477637&_gid=848644991.1698428860&_u=YADAAEAAAAAAACAAI~&z=837006793

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.savings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 27 Oct 2023 17:47:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.savings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 156ms
65ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-99557-2&cid=975462380.1698428859&jid=595659025&_u=YADAAEAAAAAAACAAI~&z=1191750400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 17:47:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 67ms
67ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-99557-2&cid=975462380.1698428859&jid=595659025&_u=YADAAEAAAAAAACAAI~&z=1191750400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 17:47:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 AaEvLYxBlM Show response
api.userway.org/api/tunings/ 1 KB
2 KB 721ms
207ms XHR
application/json 2600:1f14:5db:eb11:9a56:ad25:21d5:260a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/AaEvLYxBlM
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-27-14-45-58/widget_app_base_1698417958350.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb11:9a56:ad25:21d5:260a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 632ac2f1d7a3ffbfcfd297f17c8dfc6b0032ca8b1c13bc3c96fb05e0b39d7ac7

Request headers

Referer: https://www.savings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 27 Oct 2023 17:47:40 GMT
etag: W/"588-1Lmkts5JwZ5pLMfC0k7EMl8fpZ8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr6e9c0c41b8cf4b4
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 1416
x-service-version: uw-pr

GET
H2 200 in.php Show response
in.getclicky.com/ 131 B
256 B 289ms
272ms Script
text/javascript 2606:4700::6811:616c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101282841&type=pageview&href=%2Fcoupons%2Ftempurpedic.com%3Fclickid%3D175440365-1698428858730-70377702988990849%26utm_campaign%3DTempur-Pedic-Dedicated_SMS_10262023%26p1%3DTempur-Pedic-Dedicated_SMS_10262023%26p2%3DTempur-Pedic%26utm_medium%3Demail%26utm_source%3Ddedicated&title=40%25%20Off%20Tempur-Pedic%20Coupons%2C%20Promo%20Codes%20%26%20Deals%20-%20October%202023&res=1600x1200&lang=en-US&tz=Europe%2FBerlin&tc=&ck=1&x=95g90n
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:616c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 81ccc3f56d6603d0-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 2a14607c-c5bd-4549-ad79-48b9091733a6 Show response
c.lytics.io/api/personalize/454e770b85fe774de7e6d1e3b80fef4a/user/_uid/ 378 B
600 B 260ms
258ms Script
application/json 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/454e770b85fe774de7e6d1e3b80fef4a/user/_uid/2a14607c-c5bd-4549-ad79-48b9091733a6?segments=true&mergestate=true&state=%7B%22_uid%22%3A%222a14607c-c5bd-4549-ad79-48b9091733a6%22%2C%22utm_campaign%22%3A%22Tempur-Pedic-Dedicated_SMS_10262023%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_source%22%3A%22dedicated%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A2%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22www.savings.com%2Fcoupons%2Ftempurpedic.com%3Fclickid%3D175440365-1698428858730-70377702988990849%26utm_campaign%3DTempur-Pedic-Dedicated_SMS_10262023%26p1%3DTempur-Pedic-Dedicated_SMS_10262023%26p2%3DTempur-Pedic%26utm_medium%3Demail%26utm_source%3Ddedicated%23d-9226564%22%2C%22_ga%22%3A%22GA1.2.975462380.1698428859%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1698428859741&callback=u_746094100897246600

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/454e770b85fe774de7e6d1e3b80fef4a/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5153f6d80259afb0e82b849184dfb59deafbea90a6909deb916407e2dc05a523

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSfTY7mRgTXT3fmV9EglBNsk%2FT%2BB85r3VaehMXMRCVdOxljHD8oKaj1TnWU8f2mS%2FHksQHrZziZG%2Fr93Jpm1GpYMR0QNiwn6K3wT0pcOIJwlXyxXEBJZyT8R2rtMA6gQB88ZKfBbIGDH"}],"group":"cf-nel","max_age":604800}
cf-ray: 81ccc3f57c276955-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 454e770b85fe774de7e6d1e3b80fef4a
c.lytics.io/c/ 35 B
314 B 171ms
170ms Image
image/gif 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/454e770b85fe774de7e6d1e3b80fef4a?_e=pv&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&utm_medium=email&utm_source=dedicated&_sesstart=1&_tz=2&_ul=en-US&_sz=1600x1200&_ts=1698428859550&_nmob=t&_device=desktop&url=www.savings.com%2Fcoupons%2Ftempurpedic.com%3Fclickid%3D175440365-1698428858730-70377702988990849%26utm_campaign%3DTempur-Pedic-Dedicated_SMS_10262023%26p1%3DTempur-Pedic-Dedicated_SMS_10262023%26p2%3DTempur-Pedic%26utm_medium%3Demail%26utm_source%3Ddedicated%23d-9226564&_ga=GA1.2.975462380.1698428859&_v=3.0.35&_uid=2a14607c-c5bd-4549-ad79-48b9091733a6&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHXqsqvcAT8CnLz%2FcozXWbyZUANginN4W6KkAKsjgTtjjOeclVvhTgHXltiaskDLeXdutqiF9LEOycjwlq0XhzZhzgsB0KE3yIxEOkdd%2FekRDBCbuDvoICN3Nq%2FvpHFJJmZOQb70igyw"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 81ccc3f57c2a6955-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 454e770b85fe774de7e6d1e3b80fef4a
c.lytics.io/c/ 35 B
403 B 167ms
166ms Image
image/gif 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/454e770b85fe774de7e6d1e3b80fef4a?_e=pv&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&utm_medium=email&utm_source=dedicated&_sesstart=1&_tz=2&_ul=en-US&_sz=1600x1200&_ts=1698428859650&_nmob=t&_device=desktop&url=www.savings.com%2Fcoupons%2Ftempurpedic.com%3Fclickid%3D175440365-1698428858730-70377702988990849%26utm_campaign%3DTempur-Pedic-Dedicated_SMS_10262023%26p1%3DTempur-Pedic-Dedicated_SMS_10262023%26p2%3DTempur-Pedic%26utm_medium%3Demail%26utm_source%3Ddedicated%23d-9226564&_ga=GA1.2.975462380.1698428859&_v=3.0.35&_uid=2a14607c-c5bd-4549-ad79-48b9091733a6&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:39 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IG758SjyGM3v5deYt9NbbHjFvxNPKCI2aK7Z2BlVeeM5E9vdP0Nxtgt4H575Xx4E5IBTLiaduS9R8fKbjGYi2%2FlPCFCiuLjZv3%2FSvficu40kK5ZNUXjE9Y51OuEy7dZg44lvtWH28nOD"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 81ccc3f57c2b6955-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 123ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=830316797830859&ev=PageView&dl=https%3A%2F%2Fwww.savings.com%2Fcoupons%2Ftempurpedic.com%3Fclickid%3D175440365-1698428858730-70377702988990849%26utm_campaign%3DTempur-Pedic-Dedicated_SMS_10262023%26p1%3DTempur-Pedic-Dedicated_SMS_10262023%26p2%3DTempur-Pedic%26utm_medium%3Demail%26utm_source%3Ddedicated%23d-9226564&rl=&if=false&ts=1698428859786&sw=1600&sh=1200&v=2.9.136&r=stable&ec=0&o=4126&fbp=fb.1.1698428859785.692892768&ler=empty&it=1698428859580&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 27 Oct 2023 17:47:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 200 v1
zekelofnbk.execute-api.us-west-2.amazonaws.com/ 0
0 687ms
222ms Preflight
application/json 52.36.168.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zekelofnbk.execute-api.us-west-2.amazonaws.com/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.36.168.171 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-168-171.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.savings.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 27 Oct 2023 17:47:40 GMT
x-amz-apigw-id: NeOlgHJbPHcEPHQ=
x-amzn-requestid: 1545c9c6-51a5-4766-9527-3ca923d24cfd

GET
H2 200 deal-detail.chunk.min.css
node2.sdccdn.com/dist/sdc2/ 2 KB
785 B 66ms
65ms Stylesheet
text/css 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://node2.sdccdn.com/dist/sdc2/deal-detail.chunk.min.css?v=170c786d6981c1894174
Requested by: Host: node2.sdccdn.com
URL: https://node2.sdccdn.com/dist/sdc2/merchant.bundle.min.js?v=8aef5ae8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48d272d6da4beab70a46a8d0bf34d279bb0cb561a4e07c87f52b03e9b59bc21e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:40 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 22:00:18 GMT
server
etag: "GXXkyrmvtJx-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=5887259
content-length: 607
expires: Wed, 03 Jan 2024 21:08:39 GMT

GET
H2 200 deal-detail.chunk.min.js Show response
node2.sdccdn.com/dist/sdc2/ 22 KB
8 KB 411ms
411ms Script
application/x-javascript 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://node2.sdccdn.com/dist/sdc2/deal-detail.chunk.min.js?v=170c786d6981c1894174
Requested by: Host: node2.sdccdn.com
URL: https://node2.sdccdn.com/dist/sdc2/merchant.bundle.min.js?v=8aef5ae8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e71d5336142a64b264a204e2715dc34c5e5e2219dc7931c1e0fddef31b9c6229

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:40 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 21:00:16 GMT
server
etag: "Hi6rggqUsA4-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7775962
content-length: 7624
expires: Thu, 25 Jan 2024 17:47:02 GMT

POST
H2 200 v1 Show response
zekelofnbk.execute-api.us-west-2.amazonaws.com/ 184 B
388 B 244ms
243ms XHR
application/json 52.36.168.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zekelofnbk.execute-api.us-west-2.amazonaws.com/v1
Requested by: Host: d2xu3jvg5io30s.cloudfront.net
URL: https://d2xu3jvg5io30s.cloudfront.net/v1/js/cfLytics.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.36.168.171 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-168-171.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a83611140e17f4aca722596d310c613dd83e4636f85e1d1269d88f55447b2ff7

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.savings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
x-api-key: GZFBNV0dYxRqctrtwVaV59nEq5ZBQkq5RH2fAb64
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 27 Oct 2023 17:47:40 GMT
x-amzn-trace-id: Root=1-653bf7bc-4106bf6333bdefa015c9305c
x-amzn-requestid: 5ce42a41-5c9d-4941-a283-a9c9cf2b9d36
content-length: 184
x-amz-apigw-id: NeOljH39vHcEjyg=
content-type: application/json

POST
H2 200 v1 Show response
zekelofnbk.execute-api.us-west-2.amazonaws.com/ 184 B
386 B 248ms
248ms XHR
application/json 52.36.168.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zekelofnbk.execute-api.us-west-2.amazonaws.com/v1
Requested by: Host: d2xu3jvg5io30s.cloudfront.net
URL: https://d2xu3jvg5io30s.cloudfront.net/v1/js/cfLytics.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.36.168.171 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-168-171.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: aec03ea4df2b2876adf0087d5485bd6cb6154943659ff68320c574012ef2d1f0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.savings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
x-api-key: GZFBNV0dYxRqctrtwVaV59nEq5ZBQkq5RH2fAb64
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 27 Oct 2023 17:47:40 GMT
x-amzn-trace-id: Root=1-653bf7bc-05a17612619761300027a241
x-amzn-requestid: c2f10164-a159-41e7-91cb-8e58e996eace
content-length: 184
x-amz-apigw-id: NeOljG6cPHcEoOw=
content-type: application/json

OPTIONS
H2 200 v1
zekelofnbk.execute-api.us-west-2.amazonaws.com/ 0
0 672ms
223ms Preflight
application/json 52.36.168.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zekelofnbk.execute-api.us-west-2.amazonaws.com/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.36.168.171 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-168-171.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.savings.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 27 Oct 2023 17:47:40 GMT
x-amz-apigw-id: NeOlgGwnPHcEBYw=
x-amzn-requestid: 4b2d66e9-e519-4f97-9831-ade252628807

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 45ms
39ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=830316797830859&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.savings.com%2Fcoupons%2Ftempurpedic.com%3Fclickid%3D175440365-1698428858730-70377702988990849%26utm_campaign%3DTempur-Pedic-Dedicated_SMS_10262023%26p1%3DTempur-Pedic-Dedicated_SMS_10262023%26p2%3DTempur-Pedic%26utm_medium%3Demail%26utm_source%3Ddedicated%23d-9226564&rl=&if=false&ts=1698428860036&cd[external_id]=2a14607c-c5bd-4549-ad79-48b9091733a6&sw=1600&sh=1200&v=2.9.136&r=stable&ec=1&o=4126&fbp=fb.1.1698428859785.692892768&ler=empty&it=1698428859580&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 27 Oct 2023 17:47:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 44ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=830316797830859&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.savings.com%2Fcoupons%2Ftempurpedic.com%3Fclickid%3D175440365-1698428858730-70377702988990849%26utm_campaign%3DTempur-Pedic-Dedicated_SMS_10262023%26p1%3DTempur-Pedic-Dedicated_SMS_10262023%26p2%3DTempur-Pedic%26utm_medium%3Demail%26utm_source%3Ddedicated%23d-9226564&rl=&if=false&ts=1698428860037&cd[all]=true&cd[smt_new]=true&cd[default_anon_seg]=true&cd[web_domains_visited_all_60_days]=true&cd[has_visited_web_last_active_past_30_days]=true&sw=1600&sh=1200&v=2.9.136&r=stable&ec=2&o=4126&fbp=fb.1.1698428859785.692892768&ler=empty&it=1698428859580&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 27 Oct 2023 17:47:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
39ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1263329484&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.savings.com%2Fcoupons%2Ftempurpedic.com%3Fclickid%3D175440365-1698428858730-70377702988990849%26utm_campaign%3DTempur-Pedic-Dedicated_SMS_10262023%26p1%3DTempur-Pedic-Dedicated_SMS_10262023%26p2%3DTempur-Pedic%26utm_medium%3Demail%26utm_source%3Ddedicated&ul=en-us&de=UTF-8&dt=40%25%20Off%20Tempur-Pedic%20Coupons%2C%20Promo%20Codes%20%26%20Deals%20-%20October%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=lytics&ea=lytics_google_integration&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=975462380.1698428859&uid=2a14607c-c5bd-4549-ad79-48b9091733a6&tid=UA-99557-2&_gid=848644991.1698428860&gtm=45He3ap0n81WMF4HVRv77610273&gcd=11l1l1l1l1&z=1486773404

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Oct 2023 03:54:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49984
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4955731.png
node2.sdccdn.com/images/savings/logo/ 2 KB
2 KB 59ms
57ms Image
image/png 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node2.sdccdn.com/images/savings/logo/4955731.png?width=120&height=120
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4a1c9fcd6a1fa1162320f76f8b6a5136e6dc50365dea4aa86dbae86c997989bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:40 GMT
last-modified: Sun, 17 Jan 2021 03:54:23 GMT
server
etag: "AAAAXcOesWY"
content-type: image/png
cache-control: public, max-age=7501421
content-length: 1744
expires: Mon, 22 Jan 2024 13:31:21 GMT

GET
H2 200 4958916.jpeg
node2.sdccdn.com/images/savings/logo/ 4 KB
4 KB 59ms
57ms Image
image/jpeg 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node2.sdccdn.com/images/savings/logo/4958916.jpeg?width=100&height=100
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3f82f86e13d01b3f7cd022233b0d2446e74ca0aefae74ab8c061995f7247235e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:40 GMT
last-modified: Tue, 02 Feb 2021 20:19:58 GMT
server
etag: "AAAAXdkZtmw"
content-type: image/jpeg
cache-control: public, max-age=5918709
content-length: 4112
expires: Thu, 04 Jan 2024 05:52:49 GMT

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2023-10-27-14-45-58/locales/ 500 B
960 B 50ms
49ms XHR
application/json 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-10-27-14-45-58/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-27-14-45-58/widget_app_base_1698417958350.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 27 Oct 2023 17:47:40 GMT
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 10566
x-amz-cf-pop: FRA60-P3
age: 25
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1698418294
x-77-nzt: AsO1qhE3Nzf/RikAANRmOJw3Nzf/XAAAAA
x-accel-expires: @1724338202
x-77-age: 10658
x-cache-lb: HIT
last-modified: Fri, 27 Oct 2023 14:48:08 GMT
server: CDN77-Turbo
etag: W/"6c501e56c0883817da65e6df9f4417ee"
x-77-nzt-ray: 4c156224aeb20bdabcf73b653205f218
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: Bklh99sss1qBAJOI2bsIwQ7Pd7Jn-yMk_WhhzYFxJ6grJ1b08d3VKQ==

GET
H2 200 dealDetail.ajax Show response
www.savings.com/ 2 KB
1 KB 165ms
165ms XHR
text/html 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.savings.com/dealDetail.ajax?id=9226564&merchantId=296501
Requested by: Host: node2.sdccdn.com
URL: https://node2.sdccdn.com/dist/sdc2/shared.bundle.min.js?v=5ef234fd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4c1514113ba5e9630c5aea98aa1c05b35cbc7150402a1f91b928c8d8e29e31e3

Request headers

Accept: */*
Referer: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-language: en-US
date: Fri, 27 Oct 2023 17:47:40 GMT
content-encoding: gzip
server
content-length: 954
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 102 KB
22 KB 53ms
53ms Script
text/javascript 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/454e770b85fe774de7e6d1e3b80fef4a/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef880693571db60a665cceffeea7d30335d5727dda98f8a9c1429352fdff8be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:40 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 17:46:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 55
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zd4%2BC86L%2BdzNmWzDIyln7A9WOIoOqBagSYULqFhwywefscbXZrbzkIC47F83tgKSjWvPM1kt24Ajl5bhNyiCDTQ5%2BLdO%2Fn2X%2FfHTxp9yUDwLYW219pusf4yJckgS3R5DMoSwz%2F0dz8Qz"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 81ccc3fa4a506955-FRA

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 51ms
51ms Stylesheet
text/css 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:40 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 16:26:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4845
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcOzlYcOBYevsOS4XvHe9TS8ae7vFCT5qxylJPv6gOYRrqeXgNjeC1P96fR1gu7luBYG%2BR23nYC7kRb07wbynzyoXtEuew2FahC6qpe%2FbTGD%2FDJekzBeWVvFuv2jNn4Y%2B%2Fk5GeIQatQY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 81ccc3faaac96955-FRA

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/454e770b85fe774de7e6d1e3b80fef4a/ 327 B
630 B 50ms
50ms Script
application/javascript 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/program/campaign/config/454e770b85fe774de7e6d1e3b80fef4a/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/454e770b85fe774de7e6d1e3b80fef4a/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

101358addf7c25ac871790d4a4fccc8665ddb56073d73247c0a5d12215e830c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:40 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 17:04:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2589
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Knit6mCFpA2OrVD73ANqs7tbHu9JTRHW7e8dil1FhjDYo137RaTSqKrExmiiA5DSYIwEJq9WGo92xha%2B31bE2Z2aC2muDSvZFXvNYTJmlbMg4dYpy29uly5B7zBhGtiX9NR41un4Nk5v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=7200
cf-ray: 81ccc3fabad66955-FRA

GET
H2 200 5127524.svg
node2.sdccdn.com/images/savings/logo/ 4 KB
2 KB 49ms
49ms Image
image/svg+xml 23.55.230.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://node2.sdccdn.com/images/savings/logo/5127524.svg?width=120&height=1
Requested by: Host: node2.sdccdn.com
URL: https://node2.sdccdn.com/dist/sdc2/shared.bundle.min.js?v=5ef234fd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.230.175 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-230-175.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c86301ad008c5dcdd87fb16282eb38b42ec2ffd700f0af21d74ec70715d8a4eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:47:40 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2023 21:16:30 GMT
server
etag: "AAAAYcA4Xuw-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=6538967
content-length: 1871
expires: Thu, 11 Jan 2024 10:10:27 GMT

GET
H2 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/free/ 24 KB
10 KB 45ms
45ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1698417958350
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-27-14-45-58/widget_app_base_1698417958350.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21899b7e56ddedfb9912a82c4c90777c26b0d317c376906c83ed4587b79a75b7

Request headers

Referer: https://www.savings.com/
Origin: https://www.savings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 27 Oct 2023 17:47:40 GMT
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 10566
x-amz-cf-pop: FRA60-P3
age: 3
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1698418294
x-77-nzt: AsO1qhE3Nzf/RikAANRmOAk3Nzf/dwAAAA
x-accel-expires: @1724338175
x-77-age: 10685
x-cache-lb: HIT
last-modified: Fri, 27 Oct 2023 14:48:13 GMT
server: CDN77-Turbo
etag: W/"c1e623cfd72c97e87b52746265700b42"
x-77-nzt-ray: 4c156224aeb20bdabcf73b65605d3236
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: dvvGhBpgRivjQ6vQ37YGpuOqVvOiVm58OTcF9zlZnyk0R8z7feuLCA==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
1 KB 39ms
39ms Image
image/svg+xml 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 27 Oct 2023 17:47:40 GMT
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 11609876
x-amz-cf-pop: DUS51-P1
age: 429
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1686818984
x-77-nzt: AcO1qhE3Nzf/FCexAA
x-accel-expires: @1712738984
x-77-age: 11609876
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray: 4c15622428a293d6bcf73b6557705c37
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: HlEGbiuH_gjCFcAGevlGHDgcrEIP6DdjdyVOZOOBsczjT9qP0nwO2g==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 40ms
40ms Image
image/svg+xml 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.savings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 27 Oct 2023 17:47:40 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 11609876
x-amz-cf-pop: DUS51-P1
age: 429
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1686818984
x-77-nzt: AcO1qhE3Nzf/FCexAA
x-accel-expires: @1712738984
x-77-age: 11609876
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 4c15622428a293d6bcf73b6561b16337
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: 3-d562hUF3b2u9thgqBziH84kLN8KO4gp6LhwwhHdJm4BZH507z6Nw==

OPTIONS
H2 200 alts.json
cdn.userway.org/api/img-dscr/v2/AaEvLYxBlM/2928732/RCbKZgsmHRxvRny0/ 0
0 198ms
198ms Preflight 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/api/img-dscr/v2/AaEvLYxBlM/2928732/RCbKZgsmHRxvRny0/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimages%2Fsavings%2F1x1.gif%22%2C%22alt%22%3A%22Savoo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimages%2Fsavings%2Flogo%2F4955731.png%22%2C%22alt%22%3A%22Verizon%20FiOS%20Promotion%20Codes%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimages%2Fsavings%2Flogo%2F4958916.jpeg%22%2C%22alt%22%3A%22Jacqueline%20Quach%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimages%2Fsavings%2Flogo%2F5127524.svg%22%2C%22alt%22%3A%22Tempur-Pedic%20Promo%20Codes%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimages%2Ftheme%2Fsdc2%2Flogos%2Fsavings.svg%22%2C%22alt%22%3A%22Savings.com%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimg%2Fbcrf-logo-rectangle.png%22%2C%22alt%22%3A%22NBCF%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimg%2Fcharity-savings-cares-bg-tag.png%22%2C%22alt%22%3A%22Savings%20charity%20tag%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimg%2Fcharity-savings-cares-logo.svg%22%2C%22alt%22%3A%22Savings%20Cares%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22FREE_QUOTA_TIER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.savings.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Fri, 27 Oct 2023 17:47:41 GMT
server: CDN77-Turbo
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-77-cache: MISS
x-77-nzt: AsO1qhE3NzcA1GY4CTc3NwA
x-77-nzt-ray: 4c156224aeb20bdabdf73b65635de41b
x-77-pop: frankfurtDE
x-amz-cf-id: ujY08wZMY-PHdaoTDGALgOzStsIhm-nW5tc-CQ1m0_PmFD9O19uQRw==
x-amz-cf-pop: FRA60-P3
x-service-version: img-dscr-srv-f045ad32

GET
H2 200 alts.json Show response
cdn.userway.org/api/img-dscr/v2/AaEvLYxBlM/2928732/RCbKZgsmHRxvRny0/ 1 KB
950 B 197ms
197ms Fetch
application/json 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/api/img-dscr/v2/AaEvLYxBlM/2928732/RCbKZgsmHRxvRny0/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimages%2Fsavings%2F1x1.gif%22%2C%22alt%22%3A%22Savoo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimages%2Fsavings%2Flogo%2F4955731.png%22%2C%22alt%22%3A%22Verizon%20FiOS%20Promotion%20Codes%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimages%2Fsavings%2Flogo%2F4958916.jpeg%22%2C%22alt%22%3A%22Jacqueline%20Quach%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimages%2Fsavings%2Flogo%2F5127524.svg%22%2C%22alt%22%3A%22Tempur-Pedic%20Promo%20Codes%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimages%2Ftheme%2Fsdc2%2Flogos%2Fsavings.svg%22%2C%22alt%22%3A%22Savings.com%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimg%2Fbcrf-logo-rectangle.png%22%2C%22alt%22%3A%22NBCF%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimg%2Fcharity-savings-cares-bg-tag.png%22%2C%22alt%22%3A%22Savings%20charity%20tag%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fnode2.sdccdn.com%2Fimg%2Fcharity-savings-cares-logo.svg%22%2C%22alt%22%3A%22Savings%20Cares%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22FREE_QUOTA_TIER%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1698417958350
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6ab741e4e8d13db1d5023e0be926b65da8f97ba825337ebcbe9356675a0526f4

Request headers

Referer: https://www.savings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Fri, 27 Oct 2023 17:47:41 GMT
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
x-77-cache: MISS
x-service-version: img-dscr-srv-f045ad32
x-77-nzt: AsO1qhE3Nzeh1GY4CTc3N6E
x-cache-lb: MISS
server: CDN77-Turbo
etag: W/"5dc-v5Vo6SMw4uNSpiuOzzQbmQJUyFk"
x-77-nzt-ray: 4c156224aeb20bdabdf73b65146cb927
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
access-control-allow-headers: *
x-amz-cf-id: Wy4lfLEcXgPwzHovUB1B3R_FxK1THQHOnzStp6ZfEQztuip0BKyR2g==

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.savings.com/	1970-01-20 15:48:35	Name: iterableEmailCampaignId Value: 8118655
.savings.com/	1970-01-20 15:48:35	Name: iterableTemplateId Value: 10789615
.savings.com/	1970-01-20 15:48:35	Name: iterableMessageId Value: c01e986779ca4ed4841b59eb722cc5c7
.savings.com/	1970-01-21 00:32:44	Name: iterableEndUserId Value: yix4058%40utulsa.edu
links.savings.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 275e6dc7f762caa26a08c17a584be5c3b2791048-1698428858397-20040dddd3ffa070577130ad
.savings.com/	1970-01-20 16:51:56	Name: ESTN Value: 1
.savings.com/	1970-01-21 00:32:44	Name: CCS Value: 31
.savings.com/	1970-01-21 00:32:44	Name: EPRAT Value: 993124783-1698428858723
.savings.com/	1969-12-31 23:59:59	Name: MPUSC Value: 993124783-1698428858723-CH
.savings.com/	1970-01-20 16:51:56	Name: MPEVTC Value: 1698428858723
.savings.com/	1970-01-20 16:51:56	Name: MPREFSRC Value: mppid%3D13005710%2Cmpsid%3Dna%2Cmptid%3Dna%2Cmpclickid%3D175440365-1698428858730-70377702988990849%2Cutm_campaign%3DTempur-Pedic-Dedicated_SMS_10262023%2Cp1%3DTempur-Pedic-Dedicated_SMS_10262023%2Cp2%3DTempur-Pedic%2Cutm_medium%3Demail%2Cpid%3D13005710%2Cutm_source%3Ddedicated%2Cx%3DnnY82m7mLbzMbib7lJGrvcHASpZGpMiv66m0TDmqRwlGVoa8%252FiPbEQ%253D%253D%2Cdid%3D9226564
.savings.com/	1970-01-20 16:51:56	Name: MPPLACEMENTCK Value: bXBjPTE3NTQ0MDM2NS0xNjk4NDI4ODU4NzMwLTcwMzc3NzAyOTg4OTkwODQ5LHAxPVRlbXB1ci1QZWRpYy1EZWRpY2F0ZWRfU01TXzEwMjYyMDIzLHAyPVRlbXB1ci1QZWRpYyx1dG1fY2FtcGFpZ249VGVtcHVyLVBlZGljLURlZGljYXRlZF9TTVNfMTAyNjIwMjMsdXRtX21lZGl1bT1lbWFpbCxwaWQ9MTMwMDU3MTAsbXBwPTEzMDA1NzEwLG1wcHViPTI0MjE0OCx4PW5uWTgybTdtTGJ6TWJpYjdsSkdydmNIQVNwWkdwTWl2NjZtMFREbXFSd2xHVm9hOCUyRmlQYkVRJTNEJTNELGZwZz1mYWxzZSxkaWQ9OTIyNjU2NCx1dG1fc291cmNlPWRlZGljYXRlZCw%3D
.savings.com/	1970-01-20 16:51:56	Name: MPIBRCC Value: 175440365-1698428858730-70377702988990849
www.savings.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: abcR_K4frLaUfhA-6pYTy
.savings.com/	1969-12-31 23:59:59	Name: MPPAGEEVENTCK Value: 175440365-1698428858877-5204440665847326590
.savings.com/	1970-01-21 01:23:08	Name: _ga_CS0K8ZDTEZ Value: GS1.1.1698428859.1.0.1698428859.60.0.0
.savings.com/	1970-01-21 01:23:08	Name: _ga Value: GA1.2.975462380.1698428859
.savings.com/	1970-01-20 15:48:35	Name: _gid Value: GA1.2.848644991.1698428860
.savings.com/	1970-01-20 15:47:08	Name: _gat_UA-99557-2 Value: 1
.www.savings.com/	1970-01-20 15:47:10	Name: seerses Value: e
.www.savings.com/	1970-01-21 01:23:08	Name: seerid Value: 2a14607c-c5bd-4549-ad79-48b9091733a6
.savings.com/	1970-01-20 17:56:44	Name: _fbp Value: fb.1.1698428859785.692892768
.savings.com/	1970-01-21 00:32:44	Name: _hjSessionUser_2518157 Value: eyJpZCI6IjE5YWZhN2NlLTBiNTktNTI2MS1hZDlkLTRiOWE4NDU5N2ZkYyIsImNyZWF0ZWQiOjE2OTg0Mjg4NTk4MzEsImV4aXN0aW5nIjpmYWxzZX0=
.savings.com/	1970-01-20 15:47:10	Name: _hjFirstSeen Value: 1
.savings.com/	1970-01-20 15:47:08	Name: _hjIncludedInSessionSample_2518157 Value: 0
.savings.com/	1970-01-20 15:47:10	Name: _hjSession_2518157 Value: eyJpZCI6IjBmYTcwZGFjLWI5ODEtNDIxYy04OWIxLTA4N2M0ZmFhYzNlMCIsImNyZWF0ZWQiOjE2OTg0Mjg4NTk4MzIsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.savings.com/	1970-01-20 15:47:10	Name: _hjAbsoluteSessionInProgress Value: 0
.lytics.io/	1970-01-21 01:23:08	Name: seerid Value: 2a14607c-c5bd-4549-ad79-48b9091733a6
node2.sdccdn.com/	1970-01-20 15:57:13	Name: AWSALBCORS Value: 7DaCOQ6i4d4iuzOcxvZMFKPWq5bk50L8ctqd2tqZcSwAGrw7TMtpwREMpgMTphWJFCMrJAIwo64nqVuLbX0XClyNQOVOsN7rpGB2qKsQbskMl5SPKN0ldsf/hTKM
www.savings.com/	1970-01-20 15:57:13	Name: AWSALB Value: NympHCScd8cN5EGpgxVHmj5UYPZpSWRdfgf6TE+W+PWCNJyH98InMy9nU7aw7dvhTAksvxic63+Nn4dohKDQnMge92KQYpvdv1OU0wcfWroJLQqkfb7Gc66/9m4y
www.savings.com/	1970-01-20 15:57:13	Name: AWSALBCORS Value: NympHCScd8cN5EGpgxVHmj5UYPZpSWRdfgf6TE+W+PWCNJyH98InMy9nU7aw7dvhTAksvxic63+Nn4dohKDQnMge92KQYpvdv1OU0wcfWroJLQqkfb7Gc66/9m4y

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
c.lytics.io
cdn.userway.org
connect.facebook.net
d2xu3jvg5io30s.cloudfront.net
in.getclicky.com
links.savings.com
node2.sdccdn.com
region1.analytics.google.com
script.hotjar.com
static.getclicky.com
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.savings.com
zekelofnbk.execute-api.us-west-2.amazonaws.com
18.164.52.121
2001:4860:4802:34::36
23.55.230.175
2600:1f14:5db:eb11:9a56:ad25:21d5:260a
2600:9000:2251:d800:15:875a:d300:21
2606:4700:20::ac43:49ec
2606:4700::6811:616c
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:81c::200e
2a00:1450:400c:c0b::9a
2a02:6ea0:c700::19
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.162.38.31
44.207.65.31
52.36.168.171
0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f
0f658009e628815b34872408bba0aab03d0286073eca736959bfa13876195ebe
101358addf7c25ac871790d4a4fccc8665ddb56073d73247c0a5d12215e830c9
111b4158cc571c52b653321759758e7c540a6fa6b8ebd94142a3399c236d9865
11fcbd228e7d2b1ba69bf1863b629404fc8fc3ca082e24ac9995b7ba5c7bf1cd
1be555ca5e351453170a3cfcf81bf803e93d16995bdf968fa527000f3d093850
1df2482ae8524ca1a77275b4019e1a17c556f6ddbf71452200fef1d0c53c3491
1e2e5c32b1e1de0fb17834f86fb384a14e2dd0d4acd1a70221c1d27dbe0020ab
21899b7e56ddedfb9912a82c4c90777c26b0d317c376906c83ed4587b79a75b7
22b0a66bd9f327e03c3631ac8b4b3dc45177877db9689748d5b2f44c614d623a
33156f803b055bd4f3ba5ae87db987e2e3afe2d9e7b3bdec54e22cb939ed8f4c
3f82f86e13d01b3f7cd022233b0d2446e74ca0aefae74ab8c061995f7247235e
47ebcacff50af45640662ddbe1efd7164c11278a815d04cf98a7132705cd4352
48d272d6da4beab70a46a8d0bf34d279bb0cb561a4e07c87f52b03e9b59bc21e
4a1c9fcd6a1fa1162320f76f8b6a5136e6dc50365dea4aa86dbae86c997989bb
4bde35d3d07e7253e0b26e38ef56d755c8e0de7fa4db34cf64b07bfacf81b30d
4c1514113ba5e9630c5aea98aa1c05b35cbc7150402a1f91b928c8d8e29e31e3
4db45b4517a739f9cecf24a598c175fb3399c9d594f88229bb4bc3cdf410da81
5153f6d80259afb0e82b849184dfb59deafbea90a6909deb916407e2dc05a523
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56
60069686a475f49fb896a179b9c08da46081803b26ed3676bf0b9e5daf80a3c9
632ac2f1d7a3ffbfcfd297f17c8dfc6b0032ca8b1c13bc3c96fb05e0b39d7ac7
65475ce49a4da735ed9defc8b1faae5290810dc23aa08c7438427d435c027dc5
6ab741e4e8d13db1d5023e0be926b65da8f97ba825337ebcbe9356675a0526f4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bc4c78e362027a1ded1abeece765c14f45f7e9dd7d9f2fb59a27eac6722a4f9
7a6758e4e57c42cf78ef07d924105cb89a426c28e2ad9a9df7d8fe5fb8b1b795
7eaa03779e9d21f8c82f72e28638a6536f304ac30f30bd6124667a10ee87baa5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
873afacc8dc267f9eb22eb95d50e61d041d9cc376e2a7395528e65a6894511a8
8a9218fdba4cb01d5e566e7a6e206606defa76589ec767006769736300095f6b
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a169815b3efeb3bfa8023b85db98db5e3454ea927d802f6aece1b07f64b63467
a83611140e17f4aca722596d310c613dd83e4636f85e1d1269d88f55447b2ff7
a99fc0221466f5998174aa35f3dcf93ed288b94aa7b526cc0e1af975b4b9df02
aec03ea4df2b2876adf0087d5485bd6cb6154943659ff68320c574012ef2d1f0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b452b6054c204404bb37c1eefeadca3491747bb8691e7aff05683ce5bdffaa5e
b6f5d61563c157daf91c76c9909e5d6410928fa9583ce04f362c3359a222af22
bae9e23f7715c2ea1bf8bd215a58dd1253a6e1084aaacb97aded436a23c4097f
bbeb842bd87163ca006c8603eac9bb9458ea3f05238c9fac398ae75b8c96eea3
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c86301ad008c5dcdd87fb16282eb38b42ec2ffd700f0af21d74ec70715d8a4eb
ce666b62ff89a7f4fbcd83e0b281b8faf1d856aaf21cdcf918496ef6bdd6675e
d2c65c5b897214b400c5b210cc21ef8551a3903175353a4380cc6951aa6fc597
d9da2269738f8fca8a4526e5cec6f4e1cb57c26d62cc6639de1d0656608065e9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0968362c3ffbcdc5fc42bb982e6fd4912aff500d6892e1c2aca3f81f749a645
e18fd8fb48e405a105f33fd6030a25475f4c0296cc5bea790e01b3116d18cc1a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71d5336142a64b264a204e2715dc34c5e5e2219dc7931c1e0fddef31b9c6229
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ee892f4438a985948e729d440931f0437736840888a636bdfd054244886823a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef880693571db60a665cceffeea7d30335d5727dda98f8a9c1429352fdff8be1
fe75a06eb176f5530fefb741c0b292a722b63cb6ef8d68e8c7991c29dbcf151a

www.savings.com Open in urlscan Pro 23.55.230.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

72 %IPv6

15 Domains

20 Subdomains

18 IPs

3 Countries

715 kBTransfer

2189 kBSize

31 Cookies

13 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.savings.com Open in urlscan Pro
23.55.230.175 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

72 %
IPv6

15
Domains

20
Subdomains

18
IPs

3
Countries

715 kB
Transfer

2189 kB
Size

31
Cookies

67 HTTP transactions
2 data transactions