urlscan.io logo urlscan.io
SecurityTrails logo

hip2save.com Open in urlscan Pro
192.0.66.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hip2save.com/
Effective URL: https://hip2save.com/
Submission: On June 15 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 68 IPs in 9 countries across 64 domains to perform 357 HTTP transactions. The main IP is 192.0.66.2, located in United States and belongs to AUTOMATTIC, US. The main domain is hip2save.com.
TLS certificate: Issued by R3 on May 11th 2021. Valid for: 3 months.
This is the only time hip2save.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 44 192.0.66.2 2635 (AUTOMATTIC)
1 2600:9000:21f... 16509 (AMAZON-02)
1 13.225.74.3 16509 (AMAZON-02)
2 34.95.69.49 15169 (GOOGLE)
10 13.224.192.34 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.79.134.84 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 192.0.76.3 2635 (AUTOMATTIC)
3 6 216.52.2.19 30282 (AS-INAPCD...)
10 99.86.4.117 16509 (AMAZON-02)
1 99.86.241.96 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a03:2880:f01... 32934 (FACEBOOK)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
8 142.250.185.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 17 185.33.220.240 29990 (ASN-APPNEX)
6 52.57.150.159 16509 (AMAZON-02)
7 23.37.38.181 16625 (AKAMAI-AS)
7 18.156.195.47 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 99.86.241.42 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.0.77.48 2635 (AUTOMATTIC)
14 52.15.129.153 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 199.232.80.84 54113 (FASTLY)
16 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
39 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
14 142.250.186.66 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
1 2 169.50.137.190 36351 (SOFTLAYER)
2 2 2620:116:800d... 16509 (AMAZON-02)
1 14 72.251.249.14 29791 (VOXEL-DOT...)
2 2 3.121.49.210 16509 (AMAZON-02)
2 3.124.165.65 16509 (AMAZON-02)
3 3 185.29.135.190 30419 (MEDIAMATH...)
3 3 185.184.8.65 204995 (RTB-HOUSE...)
1 69.173.151.90 26667 (RUBICONPR...)
2 2 198.148.27.140 19189 (PULSEPOINT)
1 1 52.7.51.190 14618 (AMAZON-AES)
2 2 193.0.160.129 54312 (ROCKETFUEL)
1 2 52.95.123.167 16509 (AMAZON-02)
1 52.209.246.140 16509 (AMAZON-02)
2 6 76.223.111.131 16509 (AMAZON-02)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 1 66.155.71.25 13768 (COGECO-PEER1)
1 1 3.215.93.225 14618 (AMAZON-AES)
4 7 172.217.18.98 15169 (GOOGLE)
1 69.173.144.139 26667 (RUBICONPR...)
4 4 213.19.147.45 26120 (RHYTHMONE)
3 2.18.233.180 16625 (AKAMAI-AS)
4 9 35.244.159.8 15169 (GOOGLE)
15 54.77.47.243 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
1 51.89.21.30 16276 (OVH)
2 2 3.65.212.7 16509 (AMAZON-02)
2 185.64.189.115 62713 (AS-PUBMATIC)
1 1 64.202.112.127 22075 (AS-OUTBRAIN)
1 54.87.192.123 14618 (AMAZON-AES)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 52.21.104.248 14618 (AMAZON-AES)
1 193.122.174.27 31898 (ORACLE-BM...)
1 169.197.150.7 398989 (DEEPINTENT)
1 1 70.42.32.191 13789 (INTERNAP-...)
2 2 52.28.69.126 16509 (AMAZON-02)
2 2 151.101.114.49 54113 (FASTLY)
1 67.202.110.24 32748 (STEADFAST)
1 18.195.155.181 16509 (AMAZON-02)
1 1 202.241.208.55 4694 (IDCF IDC ...)
2 2 37.157.4.24 198622 (ADFORM)
2 99.83.181.31 16509 (AMAZON-02)
357 68
44    192.0.66.2 (United States)

ASN2635 (AUTOMATTIC, US)
hip2save.com
1    2600:9000:21f3:e400:1b:55da:9bc0:21 (United States)

ASN16509 (AMAZON-02, US)
d14bfzriit2hkf.cloudfront.net
1    13.225.74.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-3.fra2.r.cloudfront.net
get.s-onetag.com
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
i.clean.gg
10    13.224.192.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-34.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    23.79.134.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-134-84.deploy.static.akamaitechnologies.com
chimpstatic.com
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
googleads.g.doubleclick.net
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a02:26f0:6c00:291::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.pinterest.com
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
6    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
10    99.86.4.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-117.fra6.r.cloudfront.net
onetag-geo.s-onetag.com
1    99.86.241.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-96.vie50.r.cloudfront.net
signal-beacon.s-onetag.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2606:4700:20::681a:b13 (United States)

ASN13335 (CLOUDFLARENET, US)
loader.wisepops.com
cdn.wisepops.com
8    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2600:9000:2156:e400:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-magiclinks.trackonomics.net
1    2606:4700:20::ac43:4adc (United States)

ASN13335 (CLOUDFLARENET, US)
popup.wisepops.com
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
17    185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
secure.adnxs.com
6    52.57.150.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
tlx.3lift.com
7    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
7    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
c2shb.ssp.yahoo.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    99.86.241.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-42.vie50.r.cloudfront.net
onetag-geo-grouping.s-onetag.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    192.0.77.48 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
14    52.15.129.153 (Columbus, United States)

ASN16509 (AMAZON-02, US)
pba.aws.lijit.com
6    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
8    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
1    199.232.80.84 (Marseille, France)

ASN54113 (FASTLY, US)
log.pinterest.com
16    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
googleads.g.doubleclick.net
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
39    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
14    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
25    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
14    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
2    3.121.49.210 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
2    3.124.165.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
3    185.29.135.190 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
1    69.173.151.90 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    52.7.51.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
aorta.clickagy.com
2    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    52.95.123.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    52.209.246.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-246-140.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
6    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
data.adsrvr.org
match.adsrvr.org
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    3.215.93.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
jadserve.postrelease.com
7    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
4    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
9    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
us-u.openx.net
eu-u.openx.net
15    54.77.47.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
1    51.89.21.30 (London, United Kingdom)

ASN16276 (OVH, FR)
id5-sync.com
2    3.65.212.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
sync.outbrain.com
1    54.87.192.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    52.21.104.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
1    193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    52.28.69.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    67.202.110.24 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-110.static.steadfastdns.net
ssc-cms.33across.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
1    202.241.208.55 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
Apex Domain
Subdomains		 Transfer
81 googlesyndication.com
pagead2.googlesyndication.com
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
tpc.googlesyndication.com
412 KB
44 hip2save.com
hip2save.com
1 MB
39 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
286 KB
34 lijit.com
ap.lijit.com
pba.aws.lijit.com
ce.lijit.com
24 KB
17 adnxs.com
ib.adnxs.com
secure.adnxs.com
18 KB
16 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
signal-beacon.s-onetag.com
onetag-geo-grouping.s-onetag.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
35 KB
15 gumgum.com
rtb.gumgum.com
5 KB
12 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
39 KB
10 google.com
www.google.com
adservice.google.com
931 B
9 openx.net
us-u.openx.net
eu-u.openx.net
2 KB
9 googletagservices.com
www.googletagservices.com
309 KB
8 yahoo.com
c2shb.ssp.yahoo.com
pr-bh.ybp.yahoo.com
12 KB
8 3lift.com
tlx.3lift.com
eb2.3lift.com
4 KB
7 2mdn.net
s0.2mdn.net
440 KB
7 casalemedia.com
htlb.casalemedia.com
3 KB
6 adsrvr.org
data.adsrvr.org
match.adsrvr.org
2 KB
6 gstatic.com
fonts.gstatic.com
90 KB
5 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
16 KB
4 wisepops.com
loader.wisepops.com
popup.wisepops.com
cdn.wisepops.com
371 KB
4 facebook.net
connect.facebook.net
173 KB
3 1rx.io
sync.1rx.io
1 KB
3 owneriq.net
px.owneriq.net
1 KB
3 creativecdn.com
creativecdn.com
990 B
3 mathtag.com
sync.mathtag.com
1 KB
3 google.de
www.google.de
adservice.google.de
394 B
3 pinterest.com
assets.pinterest.com
log.pinterest.com
19 KB
2 adform.net
c1.adform.net
926 B
2 everesttech.net
sync-tm.everesttech.net
650 B
2 360yield.com
ad.360yield.com
617 B
2 rfihub.com
p.rfihub.com
1 KB
2 contextweb.com
bh.contextweb.com
713 B
2 rubiconproject.com
pixel-us-east.rubiconproject.com
pixel-eu.rubiconproject.com
478 B
2 bidswitch.net
x.bidswitch.net
291 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 quantserve.com
pixel.quantserve.com
911 B
2 simpli.fi
um.simpli.fi
841 B
2 facebook.com
www.facebook.com
162 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 wp.com
stats.wp.com
pixel.wp.com
3 KB
2 clean.gg
i.clean.gg
104 B
1 socdm.com
tg.socdm.com
699 B
1 emxdgt.com
cs.emxdgt.com
1 33across.com
ssc-cms.33across.com
1 unrulymedia.com
sync.targeting.unrulymedia.com
469 B
1 zemanta.com
b1sync.zemanta.com
288 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 stackadapt.com
sync.srv.stackadapt.com
168 B
1 outbrain.com
sync.outbrain.com
626 B
1 id5-sync.com
id5-sync.com
530 B
1 turn.com
d.turn.com
418 B
1 postrelease.com
jadserve.postrelease.com
448 B
1 sitescout.com
pixel-sync.sitescout.com
270 B
1 bidr.io
match.prod.bidr.io
430 B
1 clickagy.com
aorta.clickagy.com
664 B
1 w.org
s.w.org
383 B
1 googleapis.com
fonts.googleapis.com
1004 B
1 trackonomics.net
cdn-magiclinks.trackonomics.net
19 KB
1 crazyegg.com
script.crazyegg.com
1 chimpstatic.com
chimpstatic.com
510 B
1 googletagmanager.com
www.googletagmanager.com
47 KB
1 cloudfront.net
d14bfzriit2hkf.cloudfront.net
36 KB
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
357 64
Domain Requested by
44 hip2save.com 1 redirects hip2save.com
d14bfzriit2hkf.cloudfront.net
43 pagead2.googlesyndication.com hip2save.com
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
30 tpc.googlesyndication.com 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
hip2save.com
d14bfzriit2hkf.cloudfront.net
15 rtb.gumgum.com ap.lijit.com
rtb.gumgum.com
14 ce.lijit.com 1 redirects ap.lijit.com
rtb.gumgum.com
us-u.openx.net
14 googleads4.g.doubleclick.net googleads.g.doubleclick.net
hip2save.com
14 pba.aws.lijit.com hip2save.com
14 ib.adnxs.com hip2save.com
10 onetag-geo.s-onetag.com d14bfzriit2hkf.cloudfront.net
10 c.amazon-adsystem.com d14bfzriit2hkf.cloudfront.net
c.amazon-adsystem.com
9 googleads.g.doubleclick.net d14bfzriit2hkf.cloudfront.net
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
hip2save.com
9 www.googletagservices.com d14bfzriit2hkf.cloudfront.net
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
hip2save.com
8 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com d14bfzriit2hkf.cloudfront.net
8 www.google.com hip2save.com
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
d14bfzriit2hkf.cloudfront.net
8 securepubads.g.doubleclick.net d14bfzriit2hkf.cloudfront.net
securepubads.g.doubleclick.net
7 cm.g.doubleclick.net 4 redirects ap.lijit.com
rtb.gumgum.com
us-u.openx.net
7 s0.2mdn.net hip2save.com
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
7 c2shb.ssp.yahoo.com hip2save.com
7 htlb.casalemedia.com hip2save.com
6 us-u.openx.net 3 redirects ap.lijit.com
us-u.openx.net
6 fonts.gstatic.com fonts.googleapis.com
6 tlx.3lift.com hip2save.com
6 ap.lijit.com 3 redirects hip2save.com
d14bfzriit2hkf.cloudfront.net
ap.lijit.com
5 match.adsrvr.org 2 redirects rtb.gumgum.com
us-u.openx.net
4 connect.facebook.net d14bfzriit2hkf.cloudfront.net
3 eu-u.openx.net 1 redirects us-u.openx.net
3 ads.pubmatic.com ap.lijit.com
rtb.gumgum.com
3 sync.1rx.io 3 redirects
3 px.owneriq.net 2 redirects ap.lijit.com
3 creativecdn.com 3 redirects
3 secure.adnxs.com 2 redirects ap.lijit.com
3 sync.mathtag.com 3 redirects
2 c1.adform.net 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ad.360yield.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 eb2.3lift.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ap.lijit.com
2 p.rfihub.com 2 redirects
2 bh.contextweb.com 2 redirects
2 x.bidswitch.net ap.lijit.com
rtb.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 pixel.quantserve.com 2 redirects
2 um.simpli.fi 1 redirects ap.lijit.com
2 adservice.google.com d14bfzriit2hkf.cloudfront.net
2 adservice.google.de d14bfzriit2hkf.cloudfront.net
2 onetag-geo-grouping.s-onetag.com d14bfzriit2hkf.cloudfront.net
2 cdn.wisepops.com d14bfzriit2hkf.cloudfront.net
hip2save.com
2 www.facebook.com hip2save.com
connect.facebook.net
2 www.google-analytics.com d14bfzriit2hkf.cloudfront.net
www.google-analytics.com
2 assets.pinterest.com hip2save.com
d14bfzriit2hkf.cloudfront.net
2 i.clean.gg d14bfzriit2hkf.cloudfront.net
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com rtb.gumgum.com
1 ssc-cms.33across.com rtb.gumgum.com
1 sync.targeting.unrulymedia.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 sync.srv.stackadapt.com rtb.gumgum.com
1 sync.outbrain.com 1 redirects
1 id5-sync.com hip2save.com
1 d.turn.com 1 redirects
1 pixel-eu.rubiconproject.com ap.lijit.com
1 jadserve.postrelease.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 data.adsrvr.org ap.lijit.com
1 match.prod.bidr.io ap.lijit.com
1 aorta.clickagy.com 1 redirects
1 pixel-us-east.rubiconproject.com ap.lijit.com
1 log.pinterest.com hip2save.com
1 s.w.org hip2save.com
1 fonts.googleapis.com d14bfzriit2hkf.cloudfront.net
1 www.google.de hip2save.com
1 popup.wisepops.com loader.wisepops.com
1 cdn-magiclinks.trackonomics.net d14bfzriit2hkf.cloudfront.net
1 stats.g.doubleclick.net www.google-analytics.com
1 pixel.wp.com hip2save.com
1 loader.wisepops.com d14bfzriit2hkf.cloudfront.net
1 script.crazyegg.com d14bfzriit2hkf.cloudfront.net
1 signal-beacon.s-onetag.com d14bfzriit2hkf.cloudfront.net
1 stats.wp.com hip2save.com
1 chimpstatic.com d14bfzriit2hkf.cloudfront.net
1 www.googletagmanager.com d14bfzriit2hkf.cloudfront.net
1 get.s-onetag.com hip2save.com
1 d14bfzriit2hkf.cloudfront.net hip2save.com
0 ums.acuityplatform.com Failed ap.lijit.com
357 91
Subject Issuer Validity Valid
hip2save.com
R3		 2021-05-11 -
2021-08-09		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2021-05-01 -
2021-07-30		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert SHA2 Secure Server CA		 2021-01-11 -
2022-01-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2020-07-16 -
2021-08-04		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-09 -
2022-05-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.trackonomics.net
Go Daddy Secure Certificate Authority - G2		 2020-12-22 -
2022-01-23		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA		 2019-12-19 -
2021-12-18		 2 years crt.sh
*.aws.lijit.com
Amazon		 2021-05-10 -
2022-06-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.id5-sync.com
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
*.srv.stackadapt.com
Amazon		 2020-12-09 -
2022-01-07		 a year crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh

This page contains 42 frames:

Primary Page: https://hip2save.com/
Frame ID: ABE8E18417C6837E47D96CF7EE657575
Requests: 168 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Frame ID: 5DB82E14FAEDF59E2A55FA5A2CAA239D
Requests: 1 HTTP requests in this frame

Frame: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1FE0E55176A72D7D540DE3A891D4C33A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXR3AEQhdqXxwIYx6T5rAEwAQ&v=APEucNVZv5E7GVZ-iw7auEtaPOdpLB4f6hejmd2L5K8ZWjnzQHgE1XFs4leqprXqEZlTBtJ8VpMBr89ZJe0RCBtcK67tMliOlg
Frame ID: 5618A29A5874BD12F689E10AE0767B83
Requests: 1 HTTP requests in this frame

Frame: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D81B95DE1B2A85D081C9C0450566D707
Requests: 13 HTTP requests in this frame

Frame: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B7C281D47C4F9B1726FFD2913DF25594
Requests: 1 HTTP requests in this frame

Frame: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EB87FE349813534FA06B1EF5559622D9
Requests: 15 HTTP requests in this frame

Frame: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A6CF6C3DCD84A4C38D532CD936B3E488
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQ95m_zAIYutSMqAEwAQ&v=APEucNUMlNNoxZFJDb4tWEQJCCy8tU1K2fWTfrb9xdf6DcPgYdmlLzp_5gYVspVE1lg5XfjpzrqsglMlSt6fZadDOVDVy_mj_Q
Frame ID: EE12D1C6EDAA684545DF2E04C2C60385
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLv8NQCEOfe79UCGKzKkq0BMAE&v=APEucNWf5ODjmkZL-wvr5GVyAgGB7r13i_ZdYdLwnYNYL4Fp5Bo-JewsgaFa1D2PP923hNH32QUX7bXMY4X5ATHxW4NXsZmVBA
Frame ID: BD1D4298A2C714CC98A5E628C965EE6C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js
Frame ID: 507BBCDAC3255549BA0532F8914FE8CD
Requests: 13 HTTP requests in this frame

Frame: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3C2C084C55AA66246A5249DDED43BA2D
Requests: 14 HTTP requests in this frame

Frame: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 158BB74097C260DF7C5DC08FDDB2487E
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ACF875B7C4F30626A88CDDDDC6CFD7B1
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPP37q8CENWPgdMCGLnRo6wBMAE&v=APEucNXR3Nxscgf4vmpUdbcbC5J6jRUKHdbQwLqcEHxollXw5bQ0sDzOIlgUzD2In0XFdsYJES4VrfkFMtMDj48Q0NVGXmvUow
Frame ID: 28E45E01E7CF2F020A6B3024F2856089
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A37FF13D65F14049ED6666C495D36BDF
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLv8NQCEOfe79UCGLv8tawBMAE&v=APEucNWdGNJEZh0iwbSI5p8Wg76NxCVHxhVgobD_SY9F1E1uZeAoMvxmcz99BY-NTZMHya2GlCcCELBbtZLoukei006mvp4hHQ
Frame ID: 82307424D38D7F701618932AC46FBB06
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 170DDC49B131742EA6E10B89C8B41513
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D1AF1EA15C9771C6C95E68F8A2A0B2CC
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLv8NQCEOfe79UCGK3Akq0BMAE&v=APEucNVnwZkQtuVtiQIlShhpikHF4_2vjoX-TOzsIeQWIXrF6UsvRZOlAyfbPMfOr5y6YL4wLLNYkMIgDt_IIvJ9b1WCmfBh_Q
Frame ID: 967C1D6DDAAAF8B71CBCB0CE4498AAC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLv8NQCEOfe79UCGLPntawBMAE&v=APEucNVZj_tY-8z-Z4glcSNEUcNDq2fpZB1KrM9BdCSSxo6cxbfvQg885_XSkFHACRhvlgUcCO7qFwBOoJ3_IJ3y8f9MvSH4xg
Frame ID: 95BCB75F54C2A933FDD80241CAB7C635
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6DE624144602C1239685D17224037D1B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 10330F762162C3AD8B217BD195D6E280
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 60E11F7759392395DA0D3324F7A7D252
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Frame ID: C71F4A90D3C237DB457FBB532920530E
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 9230AC65AD7C00F14969AC7B6A08320C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 331A69720445CB6399F734198565A535
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: E4250CC3780C73590491446EC5C822FA
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Frame ID: 6E6674F339B6C430932DE7678BB80D65
Requests: 8 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 4611ED9182BF0AE34ED0FEC6FAF64962
Requests: 15 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=7246318798650462018&gdpr=1&gdpr_consent=
Frame ID: D39E0F298C4FD1A63B71268647001F1D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Frame ID: 5536D975E9DD39DAF26BE09A861984D4
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=366b60c8-b39b-4b00-be64-5d50f59ac44d&gdpr=1&gdpr_consent=
Frame ID: 1BF389E32B2A34BA21EF1CA9B69692AE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YMizmwABuseZJQAC&gdpr=1&gdpr_consent=&_test=YMizmwABuseZJQAC
Frame ID: B6506AEEC6E0B6C9CAD17EEA69F71596
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80YmZhZGQ4My0xYjk1LTRmNzEtOWNiYi1iYWY3ZmI2ODA2ZGM=&gdpr=1&gdpr_consent=
Frame ID: 2824EC658550098AD39FBDAAD7594C1B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: 4181857E5C96314B8EF11795BD12BC19
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 97FB7C2C87AE50924C0A306AAF91B484
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 00CCD8407A2C82B3A30BB5E0C945FD29
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: A70BF24EF92970C01C91C525F22435DE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YMizncCo5soAAFVfuaUAAAAA
Frame ID: BEC8773E691CF4A5D50EE874EEBA360F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1870471595941945680
Frame ID: 9A9B56F79BCEAD2973B0559C95D2A8EC
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=v6d1ieAxIj0YdAEB75tU&pi=gumgum
Frame ID: 0B412362670FF2F6039AF75489639DAC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://hip2save.com/ HTTP 301
    https://hip2save.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

357
Requests

99 %
HTTPS

34 %
IPv6

64
Domains

91
Subdomains

68
IPs

9
Countries

3560 kB
Transfer

7616 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hip2save.com/ HTTP 301
    https://hip2save.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 282
  • https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy= HTTP 302
  • https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Request Chain 288
  • https://um.simpli.fi/lj_match?r=1623765915029&gdpr=1&gdpr_consent= HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 289
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=V2w8oANvZvpMaGyhWDhyrFA_aa9MOGasVTmhhOdR
Request Chain 290
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=9fecadf6-60c9-4b3c-aa13-8623dfe756be
Request Chain 292
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=1773a5ecbdb1e39485f6492b&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=366b60c8-b39b-4b00-be64-5d50f59ac44d&gdpr=1&gdpr_consent=
Request Chain 294
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=v6d1ieAxIj0YdAEB75tU&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Request Chain 296
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=tBrd0vxM8ZHn&ev=1&pid=558511&gdpr_consent=&gdpr=1
Request Chain 297
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=1773a5ecbdb1e39485f6492b&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:4cd2e3791b87cf58effade2b75c1d3b3 HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c%3A4cd2e3791b87cf58effade2b75c1d3b3&dnr=1
Request Chain 299
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=1870471595941945680
Request Chain 300
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Request Chain 303
  • https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent= HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6770523151177022105&ref=%2Feucm%2Fp%2Fsv HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 304
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Request Chain 305
  • https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=%3CPARTNER_UNIQUE_IDENTIFIER%3E?param=NTV_USER_ID&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=90&3pid=%3CPARTNER_UNIQUE_IDENTIFIER%3E?param=NTV_USER_ID&gdpr=1&gdpr_consent=
Request Chain 306
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=MTc3M2E1ZWNiZGIxZTM5NDg1ZjY0OTJi&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=MTc3M2E1ZWNiZGIxZTM5NDg1ZjY0OTJi&gdpr=1&google_tc= HTTP 302
  • https://ap.lijit.com/dsp/google/reporting?gdpr=1
Request Chain 308
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MTc3M2E1ZWNiZGIxZTM5NDg1ZjY0OTJi&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MTc3M2E1ZWNiZGIxZTM5NDg1ZjY0OTJi&gdpr=1&google_tc=
Request Chain 309
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Request Chain 311
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Request Chain 313
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=7246318798650462018&gdpr=1&gdpr_consent=
Request Chain 317
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 321
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=6533026198420339972
Request Chain 323
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28ITcx9bGr9nb4RtOwVmYr1AhlihrtOe0O22vcGxC-k3DgthXZpedFgypI3tHbFZOb%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28ITcx9bGr9nb4RtOwVmYr1AhlihrtOe0O22vcGxC-k3DgthXZpedFgypI3tHbFZOb%29
Request Chain 324
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=6706f920-607b-0c25-1f19-a3c81f70a008
Request Chain 326
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-eqeJjk1E2pfSUyYBw7hpUrN7YoXC7T8aaU98~A
Request Chain 327
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=b5e070f4-cde2-11eb-b0c9-ab9b4f01ea39
Request Chain 330
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4bfadd83-1b95-4f71-9cbb-baf7fb6806dc&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Request Chain 331
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=d9a2d35c-5cdf-4b8b-9969-7432da249235
Request Chain 332
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=251763380 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=251763380 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/84d41236-737b-46bf-98d9-38446d05fbd4 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ece9cba5-b72d-4ee4-a564-c50be5a8c74e-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-ece9cba5-b72d-4ee4-a564-c50be5a8c74e-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-ece9cba5-b72d-4ee4-a564-c50be5a8c74e-003
Request Chain 333
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=0RKjXkwAWISY&ev=1&pid=558355
Request Chain 335
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=366b60c8-b39b-4b00-be64-5d50f59ac44d&gdpr=1&gdpr_consent=
Request Chain 336
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YMizmwABuseZJQAC HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YMizmwABuseZJQAC&gdpr=1&gdpr_consent=&_test=YMizmwABuseZJQAC
Request Chain 342
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YMizncCo5soAAFVfuaUAAAAA
Request Chain 343
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1870471595941945680
Request Chain 344
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=v6d1ieAxIj0YdAEB75tU&pi=gumgum
Request Chain 346
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=366b60c8-b39b-4b00-be64-5d50f59ac44d HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=366b60c8-b39b-4b00-be64-5d50f59ac44d
Request Chain 347
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=bSdZCzkkA1F2IwkKYnMXB2p0DAR2cwMHb3Lh8XRc
Request Chain 348
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2213873559386699443
Request Chain 351
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHeEzhnulA7tWQOICArl49M&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEHeEzhnulA7tWQOICArl49M&google_cver=1

357 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hip2save.com/
Redirect Chain
  • http://hip2save.com/
  • https://hip2save.com/
427 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
ac651b816fd61d87f69998fcde2ba2307fe1c8eb397d8331a4f292cd515a8ffe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
hip2save.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Tue, 15 Jun 2021 14:05:10 GMT
content-type
text/html; charset=UTF-8
x-powered-by
WordPress VIP <https://wpvip.com>
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://hip2save.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/a0pJS>; rel=shortlink
content-encoding
gzip
x-rq
hhn2 116 54 3250
cache-control
max-age=300, must-revalidate
age
0
x-cache
miss
vary
Accept-Encoding
accept-ranges
bytes
strict-transport-security
max-age=31536000

Redirect headers

Server
nginx
Date
Tue, 15 Jun 2021 14:05:09 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://hip2save.com/
fa-brands-400.woff2
hip2save.com/wp-content/themes/hip2save/assets/fonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/wp-content/themes/hip2save/assets/fonts/fa-brands-400.woff2
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
835914c1ccc20d0d7eeef572c3652004d87400aa1221f3a0c3455135b8cf629d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/themes/hip2save/assets/fonts/fa-brands-400.woff2
pragma
no-cache
origin
https://hip2save.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://hip2save.com
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:10 GMT
x-rq
hhn2 113 171 3189
last-modified
Mon, 05 Apr 2021 20:59:37 GMT
server
nginx
age
1089
etag
"606b7a39-1239c"
strict-transport-security
max-age=31536000
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
74652
expires
Wed, 15 Jun 2022 14:05:10 GMT
fa-regular-400.woff2
hip2save.com/wp-content/themes/hip2save/assets/fonts/ 		149 KB
149 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/wp-content/themes/hip2save/assets/fonts/fa-regular-400.woff2
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e689270b831964b3fbff3e17fdc3be952cd831cef717bd5ef39bcf0199c4feae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/themes/hip2save/assets/fonts/fa-regular-400.woff2
pragma
no-cache
origin
https://hip2save.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://hip2save.com
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:10 GMT
x-rq
hhn2 116 184 3245
last-modified
Tue, 13 Oct 2020 17:01:23 GMT
server
nginx
age
1644
etag
"5f85dd63-25280"
strict-transport-security
max-age=31536000
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
152192
expires
Wed, 15 Jun 2022 14:05:10 GMT
fa-solid-900.woff2
hip2save.com/wp-content/themes/hip2save/assets/fonts/ 		120 KB
120 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/wp-content/themes/hip2save/assets/fonts/fa-solid-900.woff2
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
550f1ae5d566afed493ab8b5f1dd1b4d5a777ef19d1b3c57bf7b01025fefd38c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/themes/hip2save/assets/fonts/fa-solid-900.woff2
pragma
no-cache
origin
https://hip2save.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://hip2save.com
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:10 GMT
x-rq
hhn2 116 184 3245
last-modified
Tue, 13 Oct 2020 17:01:23 GMT
server
nginx
age
1741
etag
"5f85dd63-1e0fc"
strict-transport-security
max-age=31536000
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
123132
expires
Wed, 15 Jun 2022 14:05:10 GMT
OpenSans-Regular.ttf
hip2save.com/wp-content/themes/hip2save/assets/fonts/googleFonts/Open_Sans/ 		95 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/wp-content/themes/hip2save/assets/fonts/googleFonts/Open_Sans/OpenSans-Regular.ttf
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/themes/hip2save/assets/fonts/googleFonts/Open_Sans/OpenSans-Regular.ttf
pragma
no-cache
origin
https://hip2save.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://hip2save.com
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:10 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1091
x-cache
hit
content-length
59615
x-rq
hhn2 113 171 3189
last-modified
Mon, 05 Apr 2021 20:59:37 GMT
server
nginx
etag
W/"606b7a39-17aa4"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
application/font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 14:05:10 GMT
OpenSans-Regular.woff
hip2save.com/wp-content/themes/hip2save/assets/fonts/googleFonts/Open_Sans/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/wp-content/themes/hip2save/assets/fonts/googleFonts/Open_Sans/OpenSans-Regular.woff
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8b60dd2463b4616d15dc422dfc8a07438565c3a6cf23b7dc55e3255f8b3ad831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/themes/hip2save/assets/fonts/googleFonts/Open_Sans/OpenSans-Regular.woff
pragma
no-cache
origin
https://hip2save.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://hip2save.com
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:10 GMT
x-rq
hhn2 116 54 3250
last-modified
Mon, 05 Apr 2021 21:23:11 GMT
server
nginx
age
229
etag
"606b7fbf-e9dc"
strict-transport-security
max-age=31536000
x-cache
hit
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
59868
expires
Wed, 15 Jun 2022 14:05:10 GMT
OpenSans-Bold.ttf
hip2save.com/wp-content/themes/hip2save/assets/fonts/googleFonts/Open_Sans/ 		102 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/wp-content/themes/hip2save/assets/fonts/googleFonts/Open_Sans/OpenSans-Bold.ttf
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/themes/hip2save/assets/fonts/googleFonts/Open_Sans/OpenSans-Bold.ttf
pragma
no-cache
origin
https://hip2save.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://hip2save.com
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:10 GMT
content-encoding
gzip
vary
Accept-Encoding
age
801
x-cache
hit
content-length
62213
x-rq
hhn2 116 184 3245
last-modified
Fri, 08 Jan 2021 17:07:37 GMT
server
nginx
etag
W/"5ff89159-196b8"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
application/font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 14:05:10 GMT
OpenSans-Bold.woff
hip2save.com/wp-content/themes/hip2save/assets/fonts/googleFonts/Open_Sans/ 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/wp-content/themes/hip2save/assets/fonts/googleFonts/Open_Sans/OpenSans-Bold.woff
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
897020259db9d7087fdb3066d8bb5a83dc1116b86681721786ddf19654347250
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/themes/hip2save/assets/fonts/googleFonts/Open_Sans/OpenSans-Bold.woff
pragma
no-cache
origin
https://hip2save.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://hip2save.com
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:10 GMT
x-rq
hhn2 113 171 3189
last-modified
Mon, 05 Apr 2021 20:59:37 GMT
server
nginx
age
1084
etag
"606b7a39-f430"
strict-transport-security
max-age=31536000
x-cache
hit
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
62512
expires
Wed, 15 Jun 2022 14:05:10 GMT
script.js
d14bfzriit2hkf.cloudfront.net/ 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d14bfzriit2hkf.cloudfront.net/script.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:e400:1b:55da:9bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4caf8ec4b149983b9d7590412472fccdc1f9ce605915ababe9b5193c38592801

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:10 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 12:09:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"8f81c4737a349e50563a21a1364a4c2d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
P-2jadDaGpnnxOXX_umGfU32hAIpV7ZHopkCZdyxKMn53X0vVi2iIg==
tag.min.js
get.s-onetag.com/c7e7570b-6cb5-4e76-ab34-c91ef450ee2f/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/c7e7570b-6cb5-4e76-ab34-c91ef450ee2f/tag.min.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-3.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae4aea230fa5ef525d9ebb5bb35bf2983c17d73582b422ecc8a1911b86c8c82d

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ivqI5KWHTv40xW4P385u2hg8lrNErHFv
content-encoding
gzip
last-modified
Fri, 07 May 2021 19:05:01 GMT
server
AmazonS3
age
8186
etag
W/"90c7648ced05e6d26d48a353ef414f84"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Tue, 15 Jun 2021 11:48:45 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
CHH-SGQSxUEb33ZkBf8LSgazmTt4n5w-Kl_SR-BgGbq4cRBWjlYkhA==
/
hip2save.com/_static/ 		599 KB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/_static/??-eJyVkdFqwzAMRX9ojmg2SvpQ9ilDsUWi1rZMZDfk7+e0hVG20fTNwvceHRDMyXC0vjhSsKrgWDP0XuzZeO4nnBbQvHhqAsemBt5gQyOPFB4bVmKmmG8/CiOnVvFCd/azFKpSVuhRN2fR1fVXPyslSdRfxVBM8mXgqHCinLD6H5oOgrjiK3BmN6wgKrUhZybjcX7N98dBw8v7dcSJHDq3XJ8ch62Er3oeULGM3ngZRB+GP8/yD2lVv89r5TMcd/v2vf3YtV33Dbqg0mA=
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
64e043b7068d1768ac64de5e8ba024ba35704125819b088e6637b21953bc1450
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/??-eJyVkdFqwzAMRX9ojmg2SvpQ9ilDsUWi1rZMZDfk7+e0hVG20fTNwvceHRDMyXC0vjhSsKrgWDP0XuzZeO4nnBbQvHhqAsemBt5gQyOPFB4bVmKmmG8/CiOnVvFCd/azFKpSVuhRN2fR1fVXPyslSdRfxVBM8mXgqHCinLD6H5oOgrjiK3BmN6wgKrUhZybjcX7N98dBw8v7dcSJHDq3XJ8ch62Er3oeULGM3ngZRB+GP8/yD2lVv89r5TMcd/v2vf3YtV33Dbqg0mA=
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:10 GMT
content-encoding
gzip
x-rq
hhn2 116 184 3245
last-modified
Wed, 09 Jun 2021 12:21:22 GMT
server
nginx
age
406410
vary
Accept-Encoding
x-cache
hit
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
90643
/
hip2save.com/_static/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZkYGFmbGlhWUWAK+LIiw=
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7eb243627ed4013b84418c9fe94ee3b9907906ace4de00965ff3b3b33a9f151c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZkYGFmbGlhWUWAK+LIiw=
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:10 GMT
content-encoding
gzip
x-rq
hhn2 116 54 3250
last-modified
Wed, 12 May 2021 23:59:49 GMT
server
nginx
age
406419
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
34537
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://hip2save.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Tue, 15 Jun 2021 14:05:10 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
apstag.js
c.amazon-adsystem.com/aax2/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
sWCsRsvwWkSFZMQxDYXuCmbidBHsB_Lq
content-encoding
gzip
server
Server
age
760
etag
c457e964d47ff007ca9e04843536c474
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Tue, 15 Jun 2021 13:52:30 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ubqgCE8HspembVr0LJ6eeRDonblOxxBi1c3HkNhmhcR0NWufCJfM4A==
wp-emoji-release.min.js
hip2save.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:10 GMT
content-encoding
gzip
x-rq
hhn2 116 54 3250
last-modified
Wed, 12 May 2021 23:59:49 GMT
server
nginx
age
406401
etag
W/"609c6bf5-3795"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
4712
expires
Wed, 15 Jun 2022 14:05:10 GMT
gtm.js
www.googletagmanager.com/ 		128 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MM92M2
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e5706ffb17edbbf0f3891598060055b924b58040bd53b3a6beb742c884d191aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47523
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 15 Jun 2021 14:05:10 GMT
204152113cddfcd245d34a519.js
chimpstatic.com/mcjs-connected/js/users/ea51a5e94bca56d3e3831ef65/ 		50 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/ea51a5e94bca56d3e3831ef65/204152113cddfcd245d34a519.js
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.79.134.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-134-84.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 14:05:10 GMT
Last-Modified
Fri, 25 Jan 2019 14:10:42 GMT
Server
AmazonS3
x-amz-request-id
56212CCF3E337B8A
ETag
"104d46a3208b40e8ded389332f5a78a3"
Content-Type
application/javascript
Cache-Control
max-age=176
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50
x-amz-id-2
Qws4HIbJSrvQHoHkvttKkaDWTLgerb6oDG6rIzYLFsxEroYg5qml9jMkEnBdgSli8Gz3WjOD5fA=
Expires
Tue, 15 Jun 2021 14:08:06 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
gpt.js
www.googletagservices.com/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03ae5397a298a2257c903716f780f104bea1eb5f85b4555c10951ff5fc5a2826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"903 / 386 of 1000 / last-modified: 1623755360"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21516
x-xss-protection
0
expires
Tue, 15 Jun 2021 14:05:10 GMT
prebid.min.js
hip2save.com/wp-content/themes/hip2save/inc/ads/ 		209 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
27038b229faf8d60622d46dc8599772d5fc33445bd4eb3e08e7f5485f957785a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
content-encoding
gzip
x-rq
hhn2 113 120 3097
last-modified
Fri, 30 Apr 2021 14:23:27 GMT
server
nginx
age
406400
etag
W/"608c12df-345a9"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
67718
expires
Wed, 15 Jun 2022 14:05:11 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56550cea9c95117681336af68eafe25c75c10f5dda70ecb350d86438a9c1001e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48376
x-xss-protection
0
server
cafe
etag
7086845543493924683
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 15 Jun 2021 14:05:10 GMT
/
hip2save.com/_static/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/_static/??-eJyNjtEOgjAMRX/IUcBo5MH4KWaMCoNtbWyHv+8eNOFJeWpyc85J4cXGUVJMCjEbDnn0SWBGZesW01UXuPvkoM8+DMATKaXPqaJP1SwH2CS+vi7mYVd6ekUBK4JamgKc++DdD0nIeRtMoDL89XTCWPKT51bsihveMu+HJ4q4ny6vjTgYylqcW7w257Ztjt2pruc3rgl6VQ==
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ac62dbb93fc41fdc6c685f0e6de8af5d7c97b8a6783b6620632b0058b80bd36a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/??-eJyNjtEOgjAMRX/IUcBo5MH4KWaMCoNtbWyHv+8eNOFJeWpyc85J4cXGUVJMCjEbDnn0SWBGZesW01UXuPvkoM8+DMATKaXPqaJP1SwH2CS+vi7mYVd6ekUBK4JamgKc++DdD0nIeRtMoDL89XTCWPKT51bsihveMu+HJ4q4ny6vjTgYylqcW7w257Ztjt2pruc3rgl6VQ==
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
content-encoding
gzip
x-rq
hhn2 119 87 3137
last-modified
Thu, 27 May 2021 18:18:18 GMT
server
nginx
age
361855
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
31376
pinit.js
assets.pinterest.com/js/ 		361 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:291::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=293
accept-ranges
bytes
content-length
203
access-control-expose-headers
X-CDN
/
hip2save.com/_static/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/_static/??/wp-content/themes/hip2save/assets/js/pinterest.js,/wp-content/mu-plugins/jetpack-9.8/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js?m=1622139500j
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b5f56e4cc886a2979e5036c002b66cf369f3daccce8c852ad9c56b97f806d664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/??/wp-content/themes/hip2save/assets/js/pinterest.js,/wp-content/mu-plugins/jetpack-9.8/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js?m=1622139500j
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
content-encoding
gzip
x-rq
hhn2 116 184 3245
last-modified
Thu, 27 May 2021 18:18:22 GMT
server
nginx
age
406415
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1289
sharing.min.js
hip2save.com/wp-content/mu-plugins/jetpack-9.8/_inc/build/sharedaddy/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/wp-content/mu-plugins/jetpack-9.8/_inc/build/sharedaddy/sharing.min.js?ver=9.8.1
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/mu-plugins/jetpack-9.8/_inc/build/sharedaddy/sharing.min.js?ver=9.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
content-encoding
gzip
x-rq
hhn2 116 184 3245
last-modified
Thu, 27 May 2021 18:18:22 GMT
server
nginx
age
406417
etag
W/"60afe26e-2f6d"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
3825
expires
Wed, 15 Jun 2022 14:05:11 GMT
/
hip2save.com/_static/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hip2save.com/_static/??-eJy1jVsOgjAQRTdkGcBo5MO4ltKOMNhXOlMMrt6aGMMG/LzPA8+kTAyCQUBm9MgwU+pZrwiaGYVBW08BFgYTS5Bm4QPsRr6o5MpEgWFBSdo81NBcYMVgYwZdJHotQuaXOv3aFHk9VRRn8zmmepUZjVAMcWTMK2aVotvu5FxT6f+A7qw9goJxxdZarVSJfkT7zW/+2p37vjsOp7Zd3sEOdAM=
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
98e80c7ac5d9690cf1335cf1e1bbf383e58038c76940baae616cd8b951e3c5f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/??-eJy1jVsOgjAQRTdkGcBo5MO4ltKOMNhXOlMMrt6aGMMG/LzPA8+kTAyCQUBm9MgwU+pZrwiaGYVBW08BFgYTS5Bm4QPsRr6o5MpEgWFBSdo81NBcYMVgYwZdJHotQuaXOv3aFHk9VRRn8zmmepUZjVAMcWTMK2aVotvu5FxT6f+A7qw9goJxxdZarVSJfkT7zW/+2p37vjsOp7Zd3sEOdAM=
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
content-encoding
gzip
x-rq
hhn2 119 87 3137
last-modified
Thu, 27 May 2021 18:18:18 GMT
server
nginx
age
361853
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
6956
e-202124.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202124.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn
date
Tue, 15 Jun 2021 14:05:11 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 05 Jun 2022 22:00:16 GMT
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13409955
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 14:05:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 20:06:40 GMT
Server
nginx
ETag
W/"5e8cdd50-17e9"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Cache-Control
max-age=604800, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap4ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Credentials
true
Expires
Tue, 22 Jun 2021 14:05:11 GMT
sidebar-pattern.png
hip2save.com/wp-content/themes/hip2save/assets/img/ 		425 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/themes/hip2save/assets/img/sidebar-pattern.png
Requested by
Host: hip2save.com
URL: https://hip2save.com/_static/??-eJyVkdFqwzAMRX9ojmg2SvpQ9ilDsUWi1rZMZDfk7+e0hVG20fTNwvceHRDMyXC0vjhSsKrgWDP0XuzZeO4nnBbQvHhqAsemBt5gQyOPFB4bVmKmmG8/CiOnVvFCd/azFKpSVuhRN2fR1fVXPyslSdRfxVBM8mXgqHCinLD6H5oOgrjiK3BmN6wgKrUhZybjcX7N98dBw8v7dcSJHDq3XJ8ch62Er3oeULGM3ngZRB+GP8/yD2lVv89r5TMcd/v2vf3YtV33Dbqg0mA=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8dc486e2d3a08898bb95552eb67498bf6ee2dafa8257a5a81b3ef3b0a0636b80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/themes/hip2save/assets/img/sidebar-pattern.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/_static/??-eJyVkdFqwzAMRX9ojmg2SvpQ9ilDsUWi1rZMZDfk7+e0hVG20fTNwvceHRDMyXC0vjhSsKrgWDP0XuzZeO4nnBbQvHhqAsemBt5gQyOPFB4bVmKmmG8/CiOnVvFCd/azFKpSVuhRN2fR1fVXPyslSdRfxVBM8mXgqHCinLD6H5oOgrjiK3BmN6wgKrUhZybjcX7N98dBw8v7dcSJHDq3XJ8ch62Er3oeULGM3ngZRB+GP8/yD2lVv89r5TMcd/v2vf3YtV33Dbqg0mA=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/_static/??-eJyVkdFqwzAMRX9ojmg2SvpQ9ilDsUWi1rZMZDfk7+e0hVG20fTNwvceHRDMyXC0vjhSsKrgWDP0XuzZeO4nnBbQvHhqAsemBt5gQyOPFB4bVmKmmG8/CiOnVvFCd/azFKpSVuhRN2fR1fVXPyslSdRfxVBM8mXgqHCinLD6H5oOgrjiK3BmN6wgKrUhZybjcX7N98dBw8v7dcSJHDq3XJ8ch62Er3oeULGM3ngZRB+GP8/yD2lVv89r5TMcd/v2vf3YtV33Dbqg0mA=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 116 54 3227
last-modified
Mon, 05 Apr 2021 21:23:11 GMT
server
nginx
age
3493238
etag
"606b7fbf-1a9"
strict-transport-security
max-age=31536000
x-cache
hit
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
425
expires
Wed, 15 Jun 2022 14:05:11 GMT
/
onetag-geo.s-onetag.com/ 		555 B
968 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
/
Resource Hash
0c71fdd78bb3052782ef5da92dee58140a8604d54c781944f3a1d70598e1f2ab

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 22:24:25 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront), 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
age
56446
x-amzn-requestid
03067a29-55bc-41c8-b2fd-69e2e79bd603
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1, FRA6-C1
x-amz-apigw-id
A76MFHB-CYcFiIg=
content-length
555
x-amz-cf-id
qgy7ZWjboQ0STB40TTPCzrjoMqRSSBpB-qknoxb84l496JvGzO_aQw==
beacon.min.js
signal-beacon.s-onetag.com/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-96.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37f424eea05384463f70a2ecb799c322c916e2b9323653727f4cc5568c1b0742

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
IrrACI0BmelTxIZLhvSEXy.JNq1bnCUG
content-encoding
gzip
etag
W/"3e418fc39dad0c90aff6d17eadfe9519"
last-modified
Mon, 19 Apr 2021 09:44:52 GMT
server
AmazonS3
age
40057
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 96b3f0ca359697e92cd090a37a2e3bf4.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Tue, 15 Jun 2021 02:57:34 GMT
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
QL8mWl0-VvMDhhrpWKeiXMFGYBEzj66k8OIW4TVhdEUwXHoA-WlZBw==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6031
date
Tue, 15 Jun 2021 12:24:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 15 Jun 2021 14:24:40 GMT
7378.js
script.crazyegg.com/pages/scripts/0089/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0089/7378.js
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Jun 2021 15:17:29 GMT
server
cloudflare
age
82062
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
65fc5a104b2d4df4-FRA
content-length
0
cf-request-id
0ab1969e2e00004df453b37000000001
fbevents.js
connect.facebook.net/en_US/ 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
12f11845f6a61c8dc85cfa82c4a17ac6dceed4d9941fcc3ebed7bb9dee40f814
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24516
x-fb-rlafr
0
pragma
public
x-fb-debug
77RlFF+k/CHhHhdO2odUzqL59wBZ+wA4lJkO4TUa0o6/t7N1nTHTYg9IXxrIsxM819zIb1OsIkm9TxTRsAWKoA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 15 Jun 2021 14:05:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
get-loader.js
loader.wisepops.com/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loader.wisepops.com/get-loader.js?v=1&site=QwD3B7JUJ2
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7d189e701d2d9dd88560240eb767ca8ed78329a205e9d10daca4d94ddb76b8d

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
352
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c43ryBjirn9HMmVqOYnk15e8M8W%2FAJ6WC0E%2Bf3rlHEjwj%2FRYTHsiB4tQx4voUpzrpNZ%2FJvu3DciaM6KgZsb7OxvEL27UPes0MlBHp9TaNaAhgdgijbWp9b%2B39q%2F%2BOEcNOH%2FdxgnNF3v6R%2BFC"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
x-cloud-trace-context
fc0346ba130ece9d54bb2afdb6ade89d
cache-control
private, max-age=1800
cf-ray
65fc5a108e5a4e2b-FRA
cf-request-id
0ab1969e5300004e2b9b92a000000001
pubads_impl_2021060901.js
securepubads.g.doubleclick.net/gpt/ 		326 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061457
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 08:43:05 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116890
x-xss-protection
0
expires
Tue, 15 Jun 2021 14:05:11 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=df18b975-8e47-400d-bc6f-0c5dbb93388c&u=https%3A%2F%2Fhip2save.com%2F
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://hip2save.com
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
7wFo-6F4cXUuj3ghHQLFNZjXmD6cpLUndpYFwCacf29dfcEFG7uVgg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
5386
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Tue, 15 Jun 2021 12:53:07 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
AEM_dSCHhQHGWGziSdbfVN-HMD7MU87Z5NL0pxTf0Xd1nszZOfmebA==
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/ Frame 5DB8 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210607/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hip2save.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hip2save.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 15 Jun 2021 08:20:10 GMT
expires
Tue, 29 Jun 2021 08:20:10 GMT
content-type
text/html; charset=UTF-8
etag
3869991350818612685
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4515
x-xss-protection
0
age
20701
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pinit_main.js
assets.pinterest.com/js/ 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.07152638895955743
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:291::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eb51506c619bb5ea0d447dc5a08683c9b73ecbe1e65dce794674622cd2e56f58

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"2424d1362506bd5cb853b5162df0158b"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=293
accept-ranges
bytes
content-length
18804
access-control-expose-headers
X-CDN
collect
www.google-analytics.com/j/ 		2 B
31 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1335210326&t=pageview&_s=1&dl=https%3A%2F%2Fhip2save.com%2F&ul=en-us&de=UTF-8&dt=Hot%20Deals%2C%2075%25%20Off%20Coupons%2C%20%26%20Exclusive%20Discounts%20%7C%20Hip2Save&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1593673649&gjid=1147310506&cid=557139032.1623765911&tid=UA-4801823-1&_gid=1172972663.1623765911&_r=1&gtm=2wg690MM92M2&z=1670113683
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hip2save.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
857783744231935
connect.facebook.net/signals/config/ 		261 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/857783744231935?v=2.9.41&r=stable
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7586b9612dfe906fbf43249085ccf5ad36d1a0f49ac64ed0e3030653bc7f4964
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
Cj/T7HYvVbJWnW4DMzHLZRBRstW0y/TkKT/cG7WMvLFHcf/A1ouOle6VPafNN+AoLsfHAsTboecCulTMufvFRA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 15 Jun 2021 14:05:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.8.1&blog=147862304&post=0&tz=-6&srv=hip2save.com&host=hip2save.com&ref=&fcp=1492&rand=0.6923676214239844
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
collect
stats.g.doubleclick.net/j/ 		4 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-4801823-1&cid=557139032.1623765911&jid=1593673649&gjid=1147310506&_gid=1172972663.1623765911&_u=YEBAAEAAAAAAAC~&z=1835178735
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 15 Jun 2021 14:05:11 GMT
content-type
text/plain
access-control-allow-origin
https://hip2save.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
hip2save_c4db4_hip2save.js
cdn-magiclinks.trackonomics.net/client/static/v2/ 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/hip2save_c4db4_hip2save.js
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:e400:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
997e73491fb848330be46358830d6a361e321bb445a5c70b8d7a488f62da4503

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 17:37:22 GMT
content-encoding
gzip
last-modified
Sun, 30 May 2021 10:49:38 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
age
73669
etag
W/"100eb-5c389dd8ffd96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
8sgSGoblW38g0bFqHTv_aUbNWKUQva7TbLwzx4EAJPzvaak56nKhHw==
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae255258629f037aba9ff8206bc215ceabc0e9157d17bbdc0b8538a353d04528
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
M1vSBejp5yXzFdVsdEZA5g==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
x-fb-rlafr
0
x-fb-debug
X+6Ypd/Yscxr8eiATLAqmuLSckJuoFvnmXp4/hmQ17RgEv900xqi6naZUHiucfvssr9/ZMW6XVvrfwfit+iGlQ==
x-fb-content-md5
a67753b0dac63aa4793101daf7a3e47e
x-frame-options
DENY
date
Tue, 15 Jun 2021 14:05:11 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"c933a0b7345039607745c2db1e7cda23"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 15 Jun 2021 14:08:49 GMT
my-wisepop
popup.wisepops.com/ 		289 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://popup.wisepops.com/my-wisepop
Requested by
Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=QwD3B7JUJ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f7a7b768ac850908ff502921a16ee3e639bd3afac3167ee012b3f8f4454ab04

Request headers

Accept
application/json
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
OPTIONS, POST, GET
cf-request-id
0ab196a0bc00004a741b325000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FcME%2FhGh4r5Vda56YgsY%2BOpSaXHvdXxjdlAQnATdMQ3p9wkuB7GfSgJfhfNKP4ZM9rba%2FWDP6ARI1o%2BnyUyHIIKi7tzKgNTeirJj%2FOV8vx85juSI6nE0Cw3cBzY0TI%2BC91AlGlHhOh4%2FKdI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
5bc89b5906747837fd74dd10f19f01fa
cache-control
private
cf-ray
65fc5a145c644a74-FRA
access-control-allow-headers
*
/
onetag-geo.s-onetag.com/ 		555 B
959 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
/
Resource Hash
0c71fdd78bb3052782ef5da92dee58140a8604d54c781944f3a1d70598e1f2ab

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 22:24:25 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront), 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
age
56446
x-amzn-requestid
03067a29-55bc-41c8-b2fd-69e2e79bd603
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1, FRA6-C1
x-amz-apigw-id
A76MFHB-CYcFiIg=
content-length
555
x-amz-cf-id
chCd_JFNwAWxhNQ0ClcL80zTQhDzPXUEWmVuFHZskCiVZ1mv7PPZog==
amazon-logo.png
hip2save.com/wp-content/uploads/2018/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2018/10/amazon-logo.png?fit=150%2C150&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1af008a04814fa1375dd93a5544a8a1e3a81ccd196928bdd1b096897a00f3ebf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2018/10/amazon-logo.png?fit=150%2C150&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 32 443
last-modified
Thu, 05 Nov 2020 11:35:52 GMT
server
nginx
etag
"da51507aae4bb88f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
4342
expires
Fri, 05 Nov 2021 11:35:52 GMT
Screen-Shot-2021-02-23-at-2.43.48-PM.png
hip2save.com/wp-content/uploads/2021/02/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2021/02/Screen-Shot-2021-02-23-at-2.43.48-PM.png?fit=150%2C118&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ed51c8a5b77681e462650d7f925ebb5a2e23bc05e22e38483efa1a364622a4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2021/02/Screen-Shot-2021-02-23-at-2.43.48-PM.png?fit=150%2C118&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 32 443
last-modified
Tue, 23 Feb 2021 22:29:08 GMT
server
nginx
etag
"1308566514879eaa"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
7734
expires
Wed, 23 Feb 2022 22:29:08 GMT
target-logo.png
hip2save.com/wp-content/uploads/2018/10/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2018/10/target-logo.png?fit=150%2C150&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0c88ef406b03094c31fd74839a919ea8c9d60ee2850a4771ca4e33c6ddbb549b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2018/10/target-logo.png?fit=150%2C150&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 139 443
last-modified
Tue, 23 Feb 2021 22:29:08 GMT
server
nginx
etag
"236a5d59b9fe2047"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
5700
expires
Wed, 23 Feb 2022 22:29:08 GMT
142-1423043_cvs-pharmacy-logo-stacked-cvs-pharmacy-logo.png
hip2save.com/wp-content/uploads/2021/02/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2021/02/142-1423043_cvs-pharmacy-logo-stacked-cvs-pharmacy-logo.png?fit=150%2C80&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
febf0e24287098a32290c7998bddd486a37b87a294991da74cb9c28d1f72aa47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2021/02/142-1423043_cvs-pharmacy-logo-stacked-cvs-pharmacy-logo.png?fit=150%2C80&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 84 443
last-modified
Thu, 18 Feb 2021 04:51:11 GMT
server
nginx
etag
"6818c06b8ccf24c1"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
10642
expires
Fri, 18 Feb 2022 04:51:11 GMT
142-1423043_cvs-pharmacy-logo-stacked-cvs-pharmacy-logo-2.png
hip2save.com/wp-content/uploads/2021/02/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2021/02/142-1423043_cvs-pharmacy-logo-stacked-cvs-pharmacy-logo-2.png?fit=150%2C80&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
996bc0b854b0d3f096a315ab53c836b70afddf3ecb31c0004a408f4c5df8e603
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2021/02/142-1423043_cvs-pharmacy-logo-stacked-cvs-pharmacy-logo-2.png?fit=150%2C80&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 86 443
last-modified
Thu, 18 Feb 2021 10:56:25 GMT
server
nginx
etag
"791fb396a4728eec"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
4236
expires
Fri, 18 Feb 2022 10:56:25 GMT
screen-shot-2017-07-11-at-11-32-32-am.png
hip2save.com/wp-content/uploads/2017/07/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2017/07/screen-shot-2017-07-11-at-11-32-32-am.png?fit=150%2C111&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c0b5928460cb3d1ecfb83324adc7aaf696d88bfab791c6ee7e6acf20fc47d5d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2017/07/screen-shot-2017-07-11-at-11-32-32-am.png?fit=150%2C111&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 140 443
last-modified
Thu, 05 Nov 2020 11:35:53 GMT
server
nginx
etag
"ad568b98bb491b40"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
7266
expires
Fri, 05 Nov 2021 11:35:53 GMT
Screen-Shot-2020-06-25-at-3.36.23-PM.png
hip2save.com/wp-content/uploads/2020/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2020/06/Screen-Shot-2020-06-25-at-3.36.23-PM.png?fit=150%2C81&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ea98855f624ea3674706f150040a0b36f401d566bb67b1a0d8283b7b5b1b236
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2020/06/Screen-Shot-2020-06-25-at-3.36.23-PM.png?fit=150%2C81&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 86 443
last-modified
Sun, 06 Dec 2020 19:57:59 GMT
server
nginx
etag
"ab456cf3b8f50cd3"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
3976
expires
Mon, 06 Dec 2021 19:57:59 GMT
Screen-Shot-2020-06-25-at-3.31.44-PM.png
hip2save.com/wp-content/uploads/2020/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2020/06/Screen-Shot-2020-06-25-at-3.31.44-PM.png?fit=150%2C58&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1ea635a628e817eb27aff1144fa7d61b78c88fb93b066de09e333b8513b93923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2020/06/Screen-Shot-2020-06-25-at-3.31.44-PM.png?fit=150%2C58&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 88 443
last-modified
Sun, 31 Jan 2021 22:12:22 GMT
server
nginx
etag
"2f314ca20f6cfe9b"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
3748
expires
Mon, 31 Jan 2022 22:12:22 GMT
kohls-logo.png
hip2save.com/wp-content/uploads/2018/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2018/10/kohls-logo.png?fit=150%2C75&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
72b49b4be5c41b1b48390b88bf323afc92a4d3c1419074b7c4767655eb1179d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2018/10/kohls-logo.png?fit=150%2C75&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 28 443
last-modified
Thu, 05 Nov 2020 16:39:12 GMT
server
nginx
etag
"1bf6a12384823181"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1792
expires
Fri, 05 Nov 2021 16:39:12 GMT
sams-club-logo-rev.png
hip2save.com/wp-content/uploads/2020/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2020/10/sams-club-logo-rev.png?fit=150%2C34&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
05b4109b9e18361085d73b10695e08d5ac6f1cfbc3fce48e5d7fb5da1516b5ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2020/10/sams-club-logo-rev.png?fit=150%2C34&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 86 443
last-modified
Wed, 09 Jun 2021 06:00:12 GMT
server
nginx
etag
"c9f2b004cc900d9e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
3134
expires
Thu, 09 Jun 2022 06:00:12 GMT
Screen-Shot-2020-06-25-at-2.52.30-PM.png
hip2save.com/wp-content/uploads/2020/06/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2020/06/Screen-Shot-2020-06-25-at-2.52.30-PM.png?fit=150%2C60&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
22126efa32388c8d823f85ba7d6607a18007b398fe07a94f76559df788a97d7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2020/06/Screen-Shot-2020-06-25-at-2.52.30-PM.png?fit=150%2C60&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 27 443
last-modified
Tue, 18 May 2021 22:29:16 GMT
server
nginx
etag
"5aa11180d89ab85e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
2368
expires
Wed, 18 May 2022 22:29:16 GMT
Screen-Shot-2020-06-25-at-3.17.34-PM.png
hip2save.com/wp-content/uploads/2020/06/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2020/06/Screen-Shot-2020-06-25-at-3.17.34-PM.png?fit=150%2C134&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3fb1a494c1dda2423ad4a14d5604fbe3f3e1747b07826e2f7750fa047946f85d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2020/06/Screen-Shot-2020-06-25-at-3.17.34-PM.png?fit=150%2C134&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 200 443
last-modified
Mon, 15 Feb 2021 07:34:10 GMT
server
nginx
etag
"903215e2d5bfbaba"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
6558
expires
Tue, 15 Feb 2022 07:34:10 GMT
1024px-JCPenney_logo.svg_.png
hip2save.com/wp-content/uploads/2020/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2020/12/1024px-JCPenney_logo.svg_.png?fit=150%2C35&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
56f6591feaa462f4953013a56868b3ffd1c687c6d45d7c610e88d0319e5ea66c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2020/12/1024px-JCPenney_logo.svg_.png?fit=150%2C35&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 28 443
last-modified
Mon, 14 Dec 2020 21:25:47 GMT
server
nginx
etag
"213a4c18a4a14ece"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
3136
expires
Tue, 14 Dec 2021 21:25:47 GMT
chewy.png
hip2save.com/wp-content/uploads/2021/05/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2021/05/chewy.png?fit=150%2C83&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ba86cbf2347f8fa52b2777685c029f4b455fd56fe8a0af53beaa393e90e4badf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2021/05/chewy.png?fit=150%2C83&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 28 443
last-modified
Wed, 12 May 2021 18:06:03 GMT
server
nginx
etag
"c80a078d6ac97861"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
3790
expires
Thu, 12 May 2022 18:06:03 GMT
Screen-Shot-2020-06-25-at-3.19.47-PM.png
hip2save.com/wp-content/uploads/2020/06/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2020/06/Screen-Shot-2020-06-25-at-3.19.47-PM.png?fit=150%2C95&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8b466448a0e6cec90d26e76e7569cf015de97f8f05442f1956b539fae0d2b30e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2020/06/Screen-Shot-2020-06-25-at-3.19.47-PM.png?fit=150%2C95&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 198 443
last-modified
Sun, 31 Jan 2021 22:12:22 GMT
server
nginx
etag
"ddfb4093c72217cd"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
5728
expires
Mon, 31 Jan 2022 22:12:22 GMT
Screen-Shot-2020-06-25-at-3.08.11-PM.png
hip2save.com/wp-content/uploads/2020/06/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2020/06/Screen-Shot-2020-06-25-at-3.08.11-PM.png?fit=150%2C131&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d3bbf328f1a81f184d44b5e32e4593079fd17368780857e727e61f3613a33a93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2020/06/Screen-Shot-2020-06-25-at-3.08.11-PM.png?fit=150%2C131&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 88 443
last-modified
Sun, 31 Jan 2021 19:09:02 GMT
server
nginx
etag
"ab8816570690e473"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
2560
expires
Mon, 31 Jan 2022 19:09:02 GMT
rite_aid-svg.png
hip2save.com/wp-content/uploads/2017/07/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2017/07/rite_aid-svg.png?fit=150%2C130&strip=all
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0095606010b437d71d110090a82daac8fedf1f1635c06f76743deffc40ff56a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2017/07/rite_aid-svg.png?fit=150%2C130&strip=all
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 83 443
last-modified
Tue, 15 Jun 2021 14:05:11 GMT
server
nginx
etag
"a6ca0ac07b101a48"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
6576
expires
Wed, 15 Jun 2022 14:05:11 GMT
Krispy-Kreme-Iced-Coffee.jpg
hip2save.com/wp-content/uploads/2021/06/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2021/06/Krispy-Kreme-Iced-Coffee.jpg?resize=500,250
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0f80c2d43d1e2a09d3b2175b41bcddae159e1767479568898f3caa917c5fa37f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2021/06/Krispy-Kreme-Iced-Coffee.jpg?resize=500,250
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 28 443
last-modified
Tue, 15 Jun 2021 14:05:11 GMT
server
nginx
etag
"922181580ec6ecc8"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
17604
expires
Wed, 15 Jun 2022 14:05:11 GMT
Alcohol-Wipes-Staples.jpg
hip2save.com/wp-content/uploads/2021/03/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2021/03/Alcohol-Wipes-Staples.jpg?resize=500,250
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4c1c7de5fba01be56335c0ee71a0f1ccbab8969bf8abf2df4ad256e091a84cec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2021/03/Alcohol-Wipes-Staples.jpg?resize=500,250
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 30 443
last-modified
Tue, 15 Jun 2021 14:05:11 GMT
server
nginx
etag
"1b172cc8e471a8cc"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
26054
expires
Wed, 15 Jun 2022 14:05:11 GMT
Stacys-Pita-Chips.jpg
hip2save.com/wp-content/uploads/2021/06/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2021/06/Stacys-Pita-Chips.jpg?resize=500,250
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b4e6657ac1ece8adc8238f25e465640b193a6aff7662a88dc82fde02584f0234
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2021/06/Stacys-Pita-Chips.jpg?resize=500,250
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 144 443
last-modified
Tue, 15 Jun 2021 14:05:11 GMT
server
nginx
etag
"6f5a051e196b2ee6"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
21858
expires
Wed, 15 Jun 2022 14:05:11 GMT
storage-bins-4.jpg
hip2save.com/wp-content/uploads/2021/06/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2021/06/storage-bins-4.jpg?resize=500,250
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
638d1c331b8046c1ee4acf3ebe2d83d2acb8c75635e1951fc8a5f118f447c94a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2021/06/storage-bins-4.jpg?resize=500,250
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 198 443
last-modified
Tue, 15 Jun 2021 13:36:14 GMT
server
nginx
etag
"d6ccefe6cb89f01e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
8262
expires
Wed, 15 Jun 2022 13:36:14 GMT
Wag-Training-Treats.jpg
hip2save.com/wp-content/uploads/2021/06/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2021/06/Wag-Training-Treats.jpg?resize=500,250
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e94d58c6493e3356a8d68b03ae4b155485d3691f5b40f2c99010b7cfbcf7383d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2021/06/Wag-Training-Treats.jpg?resize=500,250
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 200 443
last-modified
Tue, 15 Jun 2021 13:36:14 GMT
server
nginx
etag
"b1fc0240f4996ebb"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
22902
expires
Wed, 15 Jun 2022 13:36:14 GMT
Lovepop-Happy-Fathers-Day.jpg
hip2save.com/wp-content/uploads/2021/06/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2021/06/Lovepop-Happy-Fathers-Day.jpg?resize=500,250
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
64a438166da3b1c56b47157583a454dc72b1293285a688f13e5d2bdf37450239
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2021/06/Lovepop-Happy-Fathers-Day.jpg?resize=500,250
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
x-rq
hhn2 109 88 443
last-modified
Thu, 03 Jun 2021 19:42:35 GMT
server
nginx
etag
"3708230d4b45e896"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
21720
expires
Fri, 03 Jun 2022 19:42:35 GMT
ga-audiences
www.google.com/ads/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-4801823-1&cid=557139032.1623765911&jid=1593673649&_u=YEBAAEAAAAAAAC~&z=497833321
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-4801823-1&cid=557139032.1623765911&jid=1593673649&_u=YEBAAEAAAAAAAC~&z=497833321
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
958 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
/
Resource Hash
0c71fdd78bb3052782ef5da92dee58140a8604d54c781944f3a1d70598e1f2ab

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 22:24:25 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront), 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
age
56446
x-amzn-requestid
03067a29-55bc-41c8-b2fd-69e2e79bd603
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1, FRA6-C1
x-amz-apigw-id
A76MFHB-CYcFiIg=
content-length
555
x-amz-cf-id
nw3O2D4lsJegqdACBKPeHHYpcXUmb5tZAVFQwR5z1NY1a7dN5BIA2A==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fhip2save.com%2F&pid=JWrdTljGx8qFV&cb=0&ws=1600x1200&v=7.66.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F9782337%2Fh2s_sb_h2g_1%22%7D%5D&cfgv=0&pubid=df18b975-8e47-400d-bc6f-0c5dbb93388c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://hip2save.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
z1WQMNdPlKc7pVFfUs6nQtQbEeMXhPdPOfcpZzU32GTz9hWW4h2aqA==
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c45b9137db6a700783ac8ecbcad4c2510bc31595789b42484dcefc14a3929ef9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:11 GMT
X-Proxy-Origin
37.120.211.156; 37.120.211.156; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.122:80
AN-X-Request-Uuid
8eb6877c-a455-4680-aa0d-51c4b3b3546b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hip2save.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f490cf2b1d6511278cf50df908de6372503badf9ffb398db3b136abe9a4845d1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:12 GMT
X-Proxy-Origin
37.120.211.156; 37.120.211.156; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.231:80
AN-X-Request-Uuid
93463bd7-bfb6-4c1a-b973-34d69f72bf0c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hip2save.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.34.0&referrer=https%3A%2F%2Fhip2save.com%2F&tmax=2000
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.150.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:12 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://hip2save.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		24 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=255665&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227e8f7bd6de0f82%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fhip2save.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.34.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22888d300d6b136%22%2C%22ext%22%3A%7B%22siteID%22%3A%22255665%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9918398004bba8aee93d6481ad9c50ceaf0d219a70453d4fd331af03c91b6e44

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:12 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[PL], RC:[], CN:[EU], CIP:[37.120.211.156], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hip2save.com
x-cs-client-geo
09
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
09
expires
Tue, 15 Jun 2021 14:05:12 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96954f01747430358b31a9885d01fc&pos=4774782&cmd=bid&secure=1
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
3bd15261ef0da57e5fad15ead5b55a89520c26d49f2c9166a6495d8c98ab0c87

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 15 Jun 2021 14:05:12 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://hip2save.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fhip2save.com%2F&pid=JWrdTljGx8qFV&cb=1&ws=1600x1200&v=7.66.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F9782337%2FGV_2_728x90%22%7D%5D&cfgv=0&pubid=df18b975-8e47-400d-bc6f-0c5dbb93388c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://hip2save.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
HN8hbTGhILHS2fBnvgGu8IaY7WQEwYB-yDtcH4CbRHX1AawFQgPpig==
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e8ca2bf8dc1f55cb9a2e6e1028cdcc0d88d8e8844bd2d25bdf7ba679c0a6f40f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:12 GMT
X-Proxy-Origin
37.120.211.156; 37.120.211.156; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.48:80
AN-X-Request-Uuid
de9bdc72-3d2e-4378-88c7-e07a3a7b00b9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hip2save.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96954f01747430358b31a9885d01fc&pos=4774778&cmd=bid&secure=1
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
96077f2b9cb442eae0cf3dc0322e0321c29c6c630234cdd8c5277f7bc93e7140

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 15 Jun 2021 14:05:12 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://hip2save.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
16366991bbe8eac9dee8fad7efdf7a0205c0409de30f2538480a2357141cf46a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:12 GMT
X-Proxy-Origin
37.120.211.156; 37.120.211.156; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.56:80
AN-X-Request-Uuid
5de719a9-ef5d-4d7a-ba14-3e8050824c36
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hip2save.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		24 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=255666&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22179107308bbb0b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fhip2save.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.34.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2218faa76c620eff3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22255666%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ba5943007e289720ed82a791a7757d2b13f044c5b8dc77d025486c334382ee95

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:12 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[PL], RC:[], CN:[EU], CIP:[37.120.211.156], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hip2save.com
x-cs-client-geo
09
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
09
expires
Tue, 15 Jun 2021 14:05:12 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fhip2save.com%2F&pid=JWrdTljGx8qFV&cb=2&ws=1600x1200&v=7.66.00&t=2000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F9782337%2Fh2s_sb_4cluster_1%22%7D%5D&cfgv=0&pubid=df18b975-8e47-400d-bc6f-0c5dbb93388c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://hip2save.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
y-WsJ7Z_g8R0VtOeIe6iLiURn4NRBo9kQXljTQRFJZjzRXhWZnwG8A==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fhip2save.com%2F&pid=JWrdTljGx8qFV&cb=3&ws=1600x1200&v=7.66.00&t=2000&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F9782337%2FNew_SB_1_300x600%22%7D%5D&cfgv=0&pubid=df18b975-8e47-400d-bc6f-0c5dbb93388c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://hip2save.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
vPTie_X2X3KX5GcsGn63wAQ3RPZ2dlHlAP2RL0A1gmafy7kUUmp2IQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fhip2save.com%2F&pid=JWrdTljGx8qFV&cb=4&ws=1600x1200&v=7.66.00&t=2000&slots=%5B%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F9782337%2FNew_SB_2_300x250%22%7D%5D&cfgv=0&pubid=df18b975-8e47-400d-bc6f-0c5dbb93388c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://hip2save.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
96QUvdxgh84USqr5o9atdte9XvTPB98CaEu8L_0T5smnkCzyB-DunA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fhip2save.com%2F&pid=JWrdTljGx8qFV&cb=5&ws=1600x1200&v=7.66.00&t=2000&slots=%5B%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F9782337%2FNew_SB_3_300x250%22%7D%5D&cfgv=0&pubid=df18b975-8e47-400d-bc6f-0c5dbb93388c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://hip2save.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
fV0IQNNX25Y_ox4A0c8odGwdBzzzjxVhgRkWW3fiJN_Z8dfEY1Bufg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fhip2save.com%2F&pid=JWrdTljGx8qFV&cb=6&ws=1600x1200&v=7.66.00&t=2000&slots=%5B%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F9782337%2FH2S_728x90_adhesion%22%7D%5D&cfgv=0&pubid=df18b975-8e47-400d-bc6f-0c5dbb93388c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://hip2save.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
YsB8_e9vrkaANUaMfFd7_qSfxwY62TpOqgXd6tWAHfNelwRiEWr44Q==
sdk.js
connect.facebook.net/en_US/ 		247 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f379b62dc042a46fad494a713692fd87&ua=modern_es6
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
75f5d9d3016a8eea49584781e578868e5a00a1bcd2a98ff8f50ace5f57a046a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://hip2save.com
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
WgZU9oP0GlJtG3DpPq2PGw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
74559
x-fb-rlafr
0
x-fb-debug
tVWmWtTI6+1xP88YV7fU/OGdwzupT0CVdxxNVRb+PRBVVBxucLfbG9nTzKIgQALu5mQSIUb8+fv7wK8XofRzng==
x-fb-content-md5
944ade267412375c487a360b079ac0cb
x-frame-options
DENY
date
Tue, 15 Jun 2021 14:05:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"3ad512bee50fd714926ce2e5ce431398"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 15 Jun 2022 13:03:58 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=857783744231935&ev=PageView&dl=https%3A%2F%2Fhip2save.com%2F&rl=&if=false&ts=1623765911948&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1623765911946.916833594&it=1623765911363&coo=false&rqm=GET
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 15 Jun 2021 14:05:11 GMT
vets-best-flea-tick-home-spray.jpg
hip2save.com/wp-content/uploads/2021/05/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2021/05/vets-best-flea-tick-home-spray.jpg?resize=500,250
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2c8699bc715ace8604c3519926e0d9310aeff80dec5f7bb26019723fdcc3c466
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2021/05/vets-best-flea-tick-home-spray.jpg?resize=500,250
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.1.1623765911946.916833594
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:12 GMT
x-rq
hhn2 109 144 443
last-modified
Tue, 15 Jun 2021 14:05:12 GMT
server
nginx
etag
"04d9b0bfaa259539"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
52342
expires
Wed, 15 Jun 2022 14:05:12 GMT
lowes-gift-card.jpg
hip2save.com/wp-content/uploads/2018/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2018/01/lowes-gift-card.jpg?resize=500,250
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a38f620f06e862fc4285acf1c0a6899fabffcf3a346250ea58f3ee44f14e248f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2018/01/lowes-gift-card.jpg?resize=500,250
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.1.1623765911946.916833594
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:12 GMT
x-rq
hhn2 109 88 443
last-modified
Tue, 15 Jun 2021 14:05:12 GMT
server
nginx
etag
"1a876f455ba357c0"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
15898
expires
Wed, 15 Jun 2022 14:05:12 GMT
woman-wearing-black-dress.png
hip2save.com/wp-content/uploads/2020/06/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hip2save.com/wp-content/uploads/2020/06/woman-wearing-black-dress.png?resize=500,250
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9c979034049c13c69f7043ed1dd9c9a20e8b52f2934b8063789af91e1d6e221f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/uploads/2020/06/woman-wearing-black-dress.png?resize=500,250
pragma
no-cache
cookie
_ga=GA1.2.557139032.1623765911; _gid=GA1.2.1172972663.1623765911; _gat_UA-4801823-1=1; wisepops=%7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A3%2C%22cid%22%3A%2248296%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D; wisepops_visits=%5B%222021-06-15T14%3A05%3A11.092Z%22%5D; wisepops_session=%7B%22arrivalOnSite%22%3A%222021-06-15T14%3A05%3A11.092Z%22%2C%22mtime%22%3A1623765911687%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.1.1623765911946.916833594
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hip2save.com
referer
https://hip2save.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:12 GMT
x-rq
hhn2 109 86 443
last-modified
Tue, 15 Jun 2021 14:05:12 GMT
server
nginx
etag
"ff25dc977fff398b"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
58980
expires
Wed, 15 Jun 2022 14:05:12 GMT
276048.js
cdn.wisepops.com/shared/wisepops/a9d0cf6ca1a3544dc15033beed56ab5e/ 		244 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.wisepops.com/shared/wisepops/a9d0cf6ca1a3544dc15033beed56ab5e/276048.js?v=1623758201000
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c188438d59810a75bcc17ceb388444f140055fd6b1153778a4e202ea7f21be9

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=Y6l7aQ==, md5=NOdGakAbAJbf4/Q/9K4h6Q==
date
Tue, 15 Jun 2021 14:05:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7654
x-guploader-uploadid
ABg5-Uz3UffdHtNYvd-k0WzIuxfOxzKFvBXmL5MwHQ8sVigDy71l5yrjL-J0TktTV0aaMr1s1RZmeIGQEJYx_QJ_X3FLBXAONw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript
cf-request-id
0ab196a1d400004e2b31326000000001
last-modified
Tue, 01 Jun 2021 19:09:02 GMT
server
cloudflare
etag
W/"34e7466a401b0096dfe3f43ff4ae21e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1DG2AQ5ztlmHie3yTkiW5ST4cS96m3xOTVJMiM%2F2mHBQ7fAPaLUR15wnY6g%2FKvykMU54ZcySHol9Jn6GQCt5Q6irqkhvxSch9vMUY4Uw2lAp2zd4bijT5OaEg%2FHZZu1P9JXTkTE3rYxj"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1622574542335555
cache-control
public, max-age=31536000
x-goog-stored-content-length
249685
cf-ray
65fc5a162e814e2b-FRA
expires
Tue, 15 Jun 2021 12:57:37 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1d704e6441a12861f2c693ad3760d907ecba967f2f45f6d00fd4b932e32fd467
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:12 GMT
X-Proxy-Origin
37.120.211.156; 37.120.211.156; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.247:80
AN-X-Request-Uuid
70464c3b-9327-41a9-93c6-c2c7c92ce7c8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hip2save.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96954f01747430358b31a9885d01fc&pos=4774786&cmd=bid&secure=1
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
f43d14b8d54e4267927359fc900703bf2f03bb7f0c90702591873e3b3bb51521

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 15 Jun 2021 14:05:12 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://hip2save.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2840
auction
tlx.3lift.com/header/ 		19 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.34.0&referrer=https%3A%2F%2Fhip2save.com%2F&tmax=2000
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.150.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:12 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://hip2save.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=255661&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22250f3620bcd4c13%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fhip2save.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.34.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222620004bbf2648e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22255661%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a49c83dce444d33271dfa5cddf858002f49bada7c7d897790bf0b04f2b49c541

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:12 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[PL], RC:[], CN:[EU], CIP:[37.120.211.156], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hip2save.com
x-cs-client-geo
09
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
09
expires
Tue, 15 Jun 2021 14:05:12 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
74b48933e40308b61c8dfff44ddb1d0bd1405e75453babe6754aa621e4acc297
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:12 GMT
X-Proxy-Origin
37.120.211.156; 37.120.211.156; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.107:80
AN-X-Request-Uuid
9ce2b716-ba26-4af2-8383-0f855cf9d63d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hip2save.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ 		1 KB
835 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-42.vie50.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 11:11:31 GMT
content-encoding
gzip
server
restify
age
10421
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://hip2save.com
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
cqsk0Us5OW5qhrpNM_BmSI0HzdLso0RwRI4jM3qvTmItzaOs8rdOHw==
via
1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
/
onetag-geo.s-onetag.com/ 		555 B
958 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
/
Resource Hash
0c71fdd78bb3052782ef5da92dee58140a8604d54c781944f3a1d70598e1f2ab

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 22:24:25 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront), 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
age
56447
x-amzn-requestid
03067a29-55bc-41c8-b2fd-69e2e79bd603
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1, FRA6-C1
x-amz-apigw-id
A76MFHB-CYcFiIg=
content-length
555
x-amz-cf-id
BqPI0b0ehva0m2LwGX-uQuz_xFHXggUa9r70nTkcymtJBf0XyK_jQg==
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
00e82aada0e37c104ae9eba97c582f97e3fdf62346b3a5e53b7fea1f2942f1f6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:12 GMT
X-Proxy-Origin
37.120.211.156; 37.120.211.156; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.155:80
AN-X-Request-Uuid
fcf79cff-1362-4f82-886b-95fe7362fc41
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hip2save.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=255664&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223191ad331d5ae52%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fhip2save.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.34.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22324a22f18322ecd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22255664%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2ff474ee525c8cb58d9e5f93b55c2cd62ca140a4b0b14163819b1cc1f5932f8f

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:12 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[PL], RC:[], CN:[EU], CIP:[37.120.211.156], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hip2save.com
x-cs-client-geo
09
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
09
expires
Tue, 15 Jun 2021 14:05:12 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a32fefac261e193f67e10550e26db686ae8a979884dabe148d61fd6d31bf8311
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:12 GMT
X-Proxy-Origin
37.120.211.156; 37.120.211.156; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.232:80
AN-X-Request-Uuid
92d1c110-f01c-426e-8065-3cd3f3b1bf89
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hip2save.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96954f01747430358b31a9885d01fc&pos=4774775&cmd=bid&secure=1
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
c18cfa83bf728bf8c6da61427687a4a3ee30fdaf5c9454fda4ebdc86bb6d6545

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 15 Jun 2021 14:05:12 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://hip2save.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2841
auction
tlx.3lift.com/header/ 		19 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.34.0&referrer=https%3A%2F%2Fhip2save.com%2F&tmax=2000
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.150.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:12 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://hip2save.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
958 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
/
Resource Hash
0c71fdd78bb3052782ef5da92dee58140a8604d54c781944f3a1d70598e1f2ab

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 22:24:25 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront), 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
age
56447
x-amzn-requestid
03067a29-55bc-41c8-b2fd-69e2e79bd603
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1, FRA6-C1
x-amz-apigw-id
A76MFHB-CYcFiIg=
content-length
555
x-amz-cf-id
WmV-AKw4xqLbArmsOhQvd67ftYfQXl8nJYGq_4R3isb9Fg0gMpiEMA==
css
fonts.googleapis.com/ 		12 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CRoboto:300,400,700
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
018ba5b976baafd33b2b6732436f8f22a8ef112ede845ca36bab21f693496dfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 13:37:32 GMT
server
ESF
date
Tue, 15 Jun 2021 14:05:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Jun 2021 14:05:12 GMT
37096e87d778a544705fdf205af6e341.png
cdn.wisepops.com/shared/images/wisepops/276048/ 		282 KB
282 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.wisepops.com/shared/images/wisepops/276048/37096e87d778a544705fdf205af6e341.png
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50587db89db1d10adf0b948b226ff9fe22afb7fbbcd186f18ed798e8b274198a

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=5wrItA==, md5=d7aiyGjwb1e1uc0BIsgeFw==
date
Tue, 15 Jun 2021 14:05:12 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7652
cf-polished
origFmt=png, origSize=434246
x-guploader-uploadid
ABg5-Uy3oomaTGpkHROl0K-XerHKVIcMYlCBDzsvXxGD3dBsus1jb4EwqaBN66ZSPCOufka7FfBvdo7XlCg2KNeqSQpP17W0ow
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="37096e87d778a544705fdf205af6e341.webp"
content-type
image/webp
content-length
288300
cf-request-id
0ab196a2ca00004e2bada2f000000001
last-modified
Wed, 26 May 2021 18:06:31 GMT
server
cloudflare
etag
"77b6a2c868f06f57b5b9cd0122c81e17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=x9uH7UNpGEjiT5A5INj2bSvmnkM6h7SUBcH45JwKWBFFmWY7iEgQoLsElljngvWCzD58omSXWyxzEyDlsDAMZhGZa%2BQkr6XafLEzyfrL9HKsBm4KM%2FAcjnZEnx%2Bh0G97KClYeTJkWRr7"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1622052391926051
expires
Tue, 15 Jun 2021 12:57:39 GMT
cache-control
public, max-age=31536000
x-goog-stored-content-length
434246
accept-ranges
bytes
cf-ray
65fc5a17aa924e2b-FRA
cf-bgj
imgq:85,h2pri
1f4f1.svg
s.w.org/images/core/emoji/13.0.1/svg/ 		184 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/13.0.1/svg/1f4f1.svg
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
331d62f00a03f10e07dc3a7660891469b6b76e57d78b57a865645a5ae5378486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 15 Jun 2021 14:05:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Oct 2020 16:13:32 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=315360000
accept-ranges
bytes
content-length
184
expires
Thu, 31 Dec 2037 23:55:55 GMT
cygnus
htlb.casalemedia.com/ 		25 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=255667&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2239b84d729a8223e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fhip2save.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.34.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22404e5639954736%22%2C%22ext%22%3A%7B%22siteID%22%3A%22255667%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
69f06850e336e78017221b8b1e9048114d5e28aa1405eecadf0766867b2a5d09

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:12 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[PL], RC:[], CN:[EU], CIP:[37.120.211.156], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hip2save.com
x-cs-client-geo
09
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
09
expires
Tue, 15 Jun 2021 14:05:12 GMT
auction
tlx.3lift.com/header/ 		19 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.34.0&referrer=https%3A%2F%2Fhip2save.com%2F&tmax=2000
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.150.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:12 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://hip2save.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96954f01747430358b31a9885d01fc&pos=4774777&cmd=bid&secure=1
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
0054e84563af8e38c11d23d0a0c79e55b6f1b5e3c10b1e138e93c3ab08da1a10

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 15 Jun 2021 14:05:12 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://hip2save.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9d38e3f1159346cd4e95e59006c006d12a23dbd46a2d38733632d2f835302ae3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:12 GMT
X-Proxy-Origin
37.120.211.156; 37.120.211.156; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.9:80
AN-X-Request-Uuid
a867fbb7-2f1f-4f28-9b8f-e1d0d7d68e67
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hip2save.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
6b762c420ce758e904a962ef26849c8f4b55c6332d593c729547d69247454f1e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:12 GMT
X-Proxy-Origin
37.120.211.156; 37.120.211.156; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.37:80
AN-X-Request-Uuid
5bc35f44-19bd-4655-a34e-766b0c6e1036
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hip2save.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
analytics
pba.aws.lijit.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Protocol
H2
Server
52.15.129.153 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://hip2save.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Jun 2021 14:05:12 GMT
server
nginx/1.14.1
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type
analytics
pba.aws.lijit.com/ 		0
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.15.129.153 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 15 Jun 2021 14:05:12 GMT
server
nginx/1.14.1
x-powered-by
Express
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CRoboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hip2save.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 06:09:53 GMT
x-content-type-options
nosniff
age
287719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 06:09:53 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CRoboto:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hip2save.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 09:26:30 GMT
x-content-type-options
nosniff
age
275922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 09:26:30 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hip2save.com
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 14:05:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hip2save.com
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 14:05:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2736475609371151&correlator=1567113311501129&output=ldjh&impl=fifs&eid=31061223%2C31061457%2C31061143%2C31060840&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210615&iu_parts=9782337%2Ch2s_sb_4cluster_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D69c788a92cbc0c%26hb_bidder%3Donemobile&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623765912&dt=1623765912411&dlt=1623765910644&idt=1105&frm=20&biw=1600&bih=1200&oid=3&adxs=272&adys=2605&adks=1612234273&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhip2save.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=972x90&msz=728x-1&ga_vid=557139032.1623765911&ga_sid=1623765912&ga_hid=1335210326&ga_fc=false&fws=4&ohw=972&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061457
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a886c51aa73b2fd454fc7f6e5f88ff46efec2ab9f700262081aeef5209ca3597
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23046
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hip2save.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
onetag-geo.s-onetag.com/ 		555 B
957 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
/
Resource Hash
0c71fdd78bb3052782ef5da92dee58140a8604d54c781944f3a1d70598e1f2ab

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 22:24:25 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront), 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
age
56447
x-amzn-requestid
03067a29-55bc-41c8-b2fd-69e2e79bd603
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1, FRA6-C1
x-amz-apigw-id
A76MFHB-CYcFiIg=
content-length
555
x-amz-cf-id
j1IRhwb100pXQyi_lzB24_hPgl1vsq-I3rsGjrTFttuaPXFAFKaKYQ==
analytics
pba.aws.lijit.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Protocol
H2
Server
52.15.129.153 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://hip2save.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Jun 2021 14:05:12 GMT
server
nginx/1.14.1
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type
auction
tlx.3lift.com/header/ 		19 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.34.0&referrer=https%3A%2F%2Fhip2save.com%2F&tmax=2000
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.150.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:12 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://hip2save.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
696faa4fa69e770413d80142af12761068e1a0458acea3a50f905153601bbd47
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:12 GMT
X-Proxy-Origin
37.120.211.156; 37.120.211.156; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.180:80
AN-X-Request-Uuid
5d5448f5-7e6a-4bbf-b021-b18acbdd673b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hip2save.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96954f01747430358b31a9885d01fc&pos=4774783&cmd=bid&secure=1
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
1ddf66f4804259937aca04845d6305a8fa753420f6d943ac2a5507598f802abf

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 15 Jun 2021 14:05:12 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://hip2save.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2837
cygnus
htlb.casalemedia.com/ 		25 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=255669&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2255934381029e1f2%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fhip2save.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.34.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2256c555240f01246%22%2C%22ext%22%3A%7B%22siteID%22%3A%22255669%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e808c289b32a5e3ca4f0777b22775f8dd5c5643cc5e37f465fe797cf7c24d0ba

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:12 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[PL], RC:[], CN:[EU], CIP:[37.120.211.156], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hip2save.com
x-cs-client-geo
09
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
09
expires
Tue, 15 Jun 2021 14:05:12 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
af90774d8fb2d73c3cd8b10e1480d601d1328fe603ada9a713cc78532ca67ec5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:12 GMT
X-Proxy-Origin
37.120.211.156; 37.120.211.156; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.141:80
AN-X-Request-Uuid
77e65267-eb9c-4ca7-9602-d201b6388f27
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hip2save.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
analytics
pba.aws.lijit.com/ 		0
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.15.129.153 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 15 Jun 2021 14:05:12 GMT
server
nginx/1.14.1
x-powered-by
Express
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2736475609371151&correlator=261809454808003&output=ldjh&impl=fifs&eid=31061223%2C31061457%2C31061143%2C31060840&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210615&iu_parts=9782337%2CGV_2_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623765912&dt=1623765912457&dlt=1623765910644&idt=1105&frm=20&biw=1600&bih=1200&oid=3&adxs=272&adys=1455&adks=1541048200&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhip2save.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=972x90&msz=728x-1&ga_vid=557139032.1623765911&ga_sid=1623765912&ga_hid=1335210326&ga_fc=false&fws=4&ohw=972&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061457
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
c823c8b668737c1b2c82f792c886946e751cf38fbc85f7efb11994dded1826db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23174
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hip2save.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics
pba.aws.lijit.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Protocol
H2
Server
52.15.129.153 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://hip2save.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Jun 2021 14:05:12 GMT
server
nginx/1.14.1
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type
analytics
pba.aws.lijit.com/ 		0
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.15.129.153 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 15 Jun 2021 14:05:12 GMT
server
nginx/1.14.1
x-powered-by
Express
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2736475609371151&correlator=2730894857145702&output=ldjh&impl=fifs&eid=31061223%2C31061457%2C31061143%2C31060840&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210615&iu_parts=9782337%2Ch2s_sb_h2g_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623765912&dt=1623765912492&dlt=1623765910644&idt=1105&frm=20&biw=1600&bih=1200&oid=3&adxs=272&adys=621&adks=3135445327&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhip2save.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=972x90&msz=728x-1&ga_vid=557139032.1623765911&ga_sid=1623765912&ga_hid=1335210326&ga_fc=false&fws=4&ohw=972&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061457
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
85c97d3202c0d4c1501cc6213f03218f12c44e49d627a293fc69a04353627fe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7516
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hip2save.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics
pba.aws.lijit.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Protocol
H2
Server
52.15.129.153 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://hip2save.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Jun 2021 14:05:12 GMT
server
nginx/1.14.1
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type
analytics
pba.aws.lijit.com/ 		0
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.15.129.153 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 15 Jun 2021 14:05:12 GMT
server
nginx/1.14.1
x-powered-by
Express
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2736475609371151&correlator=4473096008270464&output=ldjh&impl=fifs&eid=31061223%2C31061457%2C31061143%2C31060840&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210615&iu_parts=9782337%2CNew_SB_1_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.03%26hb_adid%3D70870036f4bbe7e%26hb_bidder%3Donemobile&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623765912&dt=1623765912596&dlt=1623765910644&idt=1105&frm=20&biw=1600&bih=1200&oid=3&adxs=1143&adys=267&adks=3825300125&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhip2save.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=298x600&msz=300x-1&ga_vid=557139032.1623765911&ga_sid=1623765912&ga_hid=1335210326&ga_fc=false&fws=4&ohw=298&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061457
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
5a4ccd281581eee77843a24125ba227ecae309785e1d4e3b8a1ed62d2ae1e31d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24302
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hip2save.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=585314&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2259fb56c525283d4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fhip2save.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.34.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22605627009e7d424%22%2C%22ext%22%3A%7B%22siteID%22%3A%22585314%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1cb7fabf02e9576fc31822e7f59aedf6e9b1aa2756cdb05cbb3c2e64b478042a

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:12 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[PL], RC:[], CN:[EU], CIP:[37.120.211.156], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hip2save.com
x-cs-client-geo
09
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
09
expires
Tue, 15 Jun 2021 14:05:12 GMT
auction
tlx.3lift.com/header/ 		19 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.34.0&referrer=https%3A%2F%2Fhip2save.com%2F&tmax=2000
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.150.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:12 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://hip2save.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
991 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b379caae46bcd4dac9f8d69b3e63f1e8259de97be4f0bb4a1b11f218405a9590
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:12 GMT
X-Proxy-Origin
37.120.211.156; 37.120.211.156; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.140:80
AN-X-Request-Uuid
3a262752-2aef-4f8b-950f-63b9b2a163f9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hip2save.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1445b32501cf20ac649e1e57c15668a98c222a296bef68b0d97cfd74ff1ba997
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:12 GMT
X-Proxy-Origin
37.120.211.156; 37.120.211.156; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.236:80
AN-X-Request-Uuid
d3963804-2040-424d-ba69-21ad669699df
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hip2save.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96954f01747430358b31a9885d01fc&pos=5256271&cmd=bid&secure=1
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
86619f89db406aa2624c3a8c0363d33a926336b48aea4ce8b8fb0153b0a8a470

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 15 Jun 2021 14:05:12 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://hip2save.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryDEYhef1y0yUBjaUx

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 15 Jun 2021 14:05:12 GMT
content-type
text/plain
access-control-allow-origin
https://hip2save.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
analytics
pba.aws.lijit.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Protocol
H2
Server
52.15.129.153 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://hip2save.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Jun 2021 14:05:12 GMT
server
nginx/1.14.1
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type
analytics
pba.aws.lijit.com/ 		0
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.15.129.153 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 15 Jun 2021 14:05:12 GMT
server
nginx/1.14.1
x-powered-by
Express
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2736475609371151&correlator=4043738285740269&output=ldjh&impl=fifs&eid=31061223%2C31061457%2C31061143%2C31060840&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210615&iu_parts=9782337%2CNew_SB_2_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623765912&dt=1623765912692&dlt=1623765910644&idt=1105&frm=20&biw=1600&bih=1200&oid=3&adxs=1143&adys=897&adks=233627267&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhip2save.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=298x250&msz=300x-1&ga_vid=557139032.1623765911&ga_sid=1623765912&ga_hid=1335210326&ga_fc=false&fws=4&ohw=298&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061457
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
feb834f05ad0360cd5b2832e734ffc32e43985b300d378b6d3c7bd9e21e00a23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23264
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hip2save.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
958 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
/
Resource Hash
0c71fdd78bb3052782ef5da92dee58140a8604d54c781944f3a1d70598e1f2ab

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 22:24:25 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront), 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
age
56447
x-amzn-requestid
03067a29-55bc-41c8-b2fd-69e2e79bd603
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1, FRA6-C1
x-amz-apigw-id
A76MFHB-CYcFiIg=
content-length
555
x-amz-cf-id
AUg0eGSr_fmFAQ1Nlr_ElnNH8gdNPNIYFZ3Uey5AKA__zzoMaFMecA==
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CRoboto:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hip2save.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 05:37:01 GMT
x-content-type-options
nosniff
age
289691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14992
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 05:37:01 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CRoboto:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hip2save.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 12:05:05 GMT
x-content-type-options
nosniff
age
266407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 12:05:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CRoboto:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hip2save.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 07:18:32 GMT
x-content-type-options
nosniff
age
283600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 07:18:32 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700%7CRoboto:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hip2save.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 04:50:35 GMT
x-content-type-options
nosniff
age
292477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 04:50:35 GMT
analytics
pba.aws.lijit.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Protocol
H2
Server
52.15.129.153 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://hip2save.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Jun 2021 14:05:12 GMT
server
nginx/1.14.1
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type
analytics
pba.aws.lijit.com/ 		0
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.15.129.153 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 15 Jun 2021 14:05:13 GMT
server
nginx/1.14.1
x-powered-by
Express
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2736475609371151&correlator=685629520029490&output=ldjh&impl=fifs&eid=31061223%2C31061457%2C31061143%2C31060840&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210615&iu_parts=9782337%2CNew_SB_3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D7168f02dc3921fc%26hb_bidder%3Donemobile&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623765912&dt=1623765912732&dlt=1623765910644&idt=1105&frm=20&biw=1600&bih=1200&oid=3&adxs=1143&adys=1177&adks=689520005&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhip2save.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=298x250&msz=300x-1&ga_vid=557139032.1623765911&ga_sid=1623765912&ga_hid=1335210326&ga_fc=false&fws=4&ohw=298&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061457
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
0288156db90a5f16249a0bc1b226f7338574a3f05ba0d58e044640bec73d4e6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23107
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hip2save.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
log.pinterest.com/ 		0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=AJzAhiGAjyxk&tv=2021040501&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fhip2save.com%2F&viaSrc=canonical
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:13 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
1
x-cache-hits
0
content-length
0
x-served-by
cache-mrs10576-MRS
pragma
no-cache
server
envoy
x-timer
S1623765913.924945,VS0,VE89
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid
1506564537630187
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
958 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
/
Resource Hash
0c71fdd78bb3052782ef5da92dee58140a8604d54c781944f3a1d70598e1f2ab

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 22:24:25 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront), 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
age
56447
x-amzn-requestid
03067a29-55bc-41c8-b2fd-69e2e79bd603
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1, FRA6-C1
x-amz-apigw-id
A76MFHB-CYcFiIg=
content-length
555
x-amz-cf-id
4asgvdv_mQMxi7zi1EoMFzFc_WptYuBCQMdPlPxYT3gQYJRrRv91DA==
analytics
pba.aws.lijit.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Protocol
H2
Server
52.15.129.153 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://hip2save.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Jun 2021 14:05:12 GMT
server
nginx/1.14.1
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type
analytics
pba.aws.lijit.com/ 		0
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pba.aws.lijit.com/analytics
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.15.129.153 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 15 Jun 2021 14:05:13 GMT
server
nginx/1.14.1
x-powered-by
Express
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hip2save.com
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 14:05:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hip2save.com
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 14:05:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2736475609371151&correlator=2698887867618598&output=ldjh&impl=fifs&eid=31061223%2C31061457%2C31061143%2C31060840&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210615&iu_parts=9782337%2CH2S_728x90_adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623765912&dt=1623765912810&dlt=1623765910644&idt=1105&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1085&adks=121892516&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhip2save.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=557139032.1623765911&ga_sid=1623765912&ga_hid=1335210326&ga_fc=false&fws=516&ohw=728&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061457
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
bf7f9a95c7286b7ef5e3e24d7b86326901b007e1da61a7158a8b83788517fd79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23710
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hip2save.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
959 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
/
Resource Hash
0c71fdd78bb3052782ef5da92dee58140a8604d54c781944f3a1d70598e1f2ab

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 22:24:25 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront), 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
age
56447
x-amzn-requestid
03067a29-55bc-41c8-b2fd-69e2e79bd603
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1, FRA6-C1
x-amz-apigw-id
A76MFHB-CYcFiIg=
content-length
555
x-amz-cf-id
Kmf7WvLMX5qXOmV5PQRxPjj7Sc0afUMDaPstTiUMvrPSvGTxOuykvQ==
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ 		1 KB
825 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-42.vie50.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 11:11:31 GMT
content-encoding
gzip
server
restify
age
10421
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://hip2save.com
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
9o18W-8WnkFEy1ayN5oIugthVCs98hsgFAF8Ep8BYFxoCuMDl0KHLQ==
via
1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
/
onetag-geo.s-onetag.com/ 		555 B
958 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
/
Resource Hash
0c71fdd78bb3052782ef5da92dee58140a8604d54c781944f3a1d70598e1f2ab

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 22:24:25 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront), 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
age
56447
x-amzn-requestid
03067a29-55bc-41c8-b2fd-69e2e79bd603
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1, FRA6-C1
x-amz-apigw-id
A76MFHB-CYcFiIg=
content-length
555
x-amz-cf-id
dkyz1t-LsJj9yMePCJykZIrA_bXaWGI5Kg6C_S6jnE-ZcRncahG2bg==
container.html
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1FE0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hip2save.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hip2save.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 15 Jun 2021 14:05:12 GMT
expires
Wed, 15 Jun 2022 14:05:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:13 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410781212720"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28237
x-xss-protection
0
expires
Tue, 15 Jun 2021 14:05:13 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5618 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXR3AEQhdqXxwIYx6T5rAEwAQ&v=APEucNVZv5E7GVZ-iw7auEtaPOdpLB4f6hejmd2L5K8ZWjnzQHgE1XFs4leqprXqEZlTBtJ8VpMBr89ZJe0RCBtcK67tMliOlg
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNXR3AEQhdqXxwIYx6T5rAEwAQ&v=APEucNVZv5E7GVZ-iw7auEtaPOdpLB4f6hejmd2L5K8ZWjnzQHgE1XFs4leqprXqEZlTBtJ8VpMBr89ZJe0RCBtcK67tMliOlg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 15 Jun 2021 14:05:13 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkKkgR3i0m_uZp-RjbyGxsB7INFyCiOKjKEtbma24K9QhEGqtDOySkiC9sK; expires=Sun, 10-Jul-2022 14:05:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 15 Jun 2021 14:05:13 GMT
cache-control
private
ad
googleads.g.doubleclick.net/dbm/ Frame 1FE0 		39 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8yYq424s5RlshmTe--rMJO7ef21u4PQAGC6QQvPhMaapBAAZ8dEMezwMCiFALweY5uLOG3tF4MaHBWXV_e6744Y2TcY3uQiGYEaV-O_R6JSeaEToYFmISbjtglLXUO38OXUYj-DqYwZzgmGLHDXp2DfzG-A&dbm_d=AKAmf-D_OajqjEr0LciJKUKVUGvOpyDJ4boUUjNULzLhjoGx6CTiOz4u-ZHJpa1QdDYzNzBaiwW58yCRnvlOCHGW3Ysa95CQiSoc7E3nv6z_W5vLGYGubueujCcLQ8ujaL7TzvUkV3Nn95SJOfVFYdV6ZHf6jB77gok0FmBmR91dxaesdzM9xRy7ELCztotzVW7iw0njvbvfgbk5QxN7l-EPKngWPNXkdX-w5r0wH4i0FuSK0J2U8RezuhS7I43kdTnbxHW7_HtijZ0OYeCkAIEDHhNiTHfUn88xSwt70sjGv0Koput8pDbYoCUJBLYwHclT0bSpPd0BR18mABtrR1nJ6zqwfaZEPlNKDfmQoMkjlJSeBgnTBzSJZHJDYpv5j7vm8grS5uDbBmEo5ksOoDCPGoFjNcwQjUE4jAYOELt0_8Fp0DiKfW8gbfDpirHdheQ7NDzqOxxc91JRXFbjT06pHkK4wc81G8ef0JB_KwplRC6JMBqTiddVXyjsxrq-q2-frOw9jJUZ92A0tZyAG0itCMW2epvMloSJsQAY_4HdC3TG_L5Bs63rjQOvQPbe9hNoELbwvgFIdPPOC4n-M0wQIWJEM0ThUJ6Nzcu32Tkrs_-TtGCSZTx1stN7cCZejcayRneqm8SOHGSaBPDqGmLs_1wmgEwKZfYiw_sI4l-j53YyuioE_J0xw-WxM9l0W1rVaTvSLcHV7DogS6dr2Ur8vuGepJLKJlbP38IIuFwT5DFpicD7MyP45NdA9nx0lZczg04jZ02MnZIIj-2NeRVxTbmrDyhhMyKaLe2FLcyv-7IjyCvxa8hBdIMPIEknvIQK8odVdghx5OLl0YULxb7f8CQRbTxp9uedXrfkEYcVEkfw5FOG0n7UN_SfsdmKSMV__rJE-51BLSjz_9d8HvwqXY_15rKKiMjNV87gkTd9zlBSvGWt9IaopM15gSF-9HDb_TfhrKoy61tODBbqbRjCbEPOlf5C_xKBZBuipDYIemqHGzFIOf_eOqrNsaHa8v201RjSALyhl61DVZtdWKBn6TFdCqzq6oSBaBYDmR1kWAMXGDmtO78lG-yGWW9jAn6zK_xLOJ6oTS-kE3lRUUaUBVL58e1mkbVyAYDBxIrbKqdFqo_wnWIFnL4v_SlpHs4iNK7FHufRvVjjRKcbIbZo4gWevN9Zg6yezMqyc3sxA2dUpcKMM6lAr15VNruTw-Zwb7FsazS5SH5QCpLKDoAOmSjy92Hn5dSbpGTtGSieATYGVwLFQFNcGxIRyeSuRvRMxKqw60tdyyZEPNsRRCB0w-l5O2GWg2VhEhFS-wk0fT0mvE-tL8-52E0xqaYVoqgotUMEZXjM3BQdjay3HENbz7z9_35GfsZmKlR8u-iOy9kRynB4foTKZZaLapnKD_QwEx_gROaMHd3wyoN9nmrIjfwnc3UjdhnpRqUZ3htQFc7fv6LXN9u5Z7RSFKagsue36oaQwJ9gDJnXaK_fLAAXCTJzB3uggTRSKMzrarclfpTkrPTouuHSu0EVcnE0NVW4a1tpo2fN-2DFtnQe1CPkkKGUJ0zHu-N6a9cFa2YYH76r_xP3vmqSuEYos2Y57Wc6ugDXF6oXhuk66HDBPS3Ub-x06Eu5gDprP5_57zO1NM7vuqToRDna_0_2JR6alOvP9_RW0aIC53GnZbvIVb4BQ1X1h0jidZDvFOLcotle1ZyqGUhil0Q8qfVMirCVjsARClzT70o8ZWbC1aLDs5KsCr6Xjxd8Uubi3D5HsO8pu62BoHZn5MXfpJwCUbUfA3EFIuTKa0I6hiyeTZDHOlfM_cg2KBvAhAHdPba77m39_6dJf-L990DEAS7a43twGu_GZjbmtEvKvcvFEq0r6aVcR3hmTi5hNJHlN6prkUeNWYrfaNQJkLZcsZeUyf82nvhKsitcnanWPPTUWvW2AhD4_OjfkcpDrkMhhp87mljjgOKJ0U0R8lYhjbRtkXo7cAbG-1YksohB4v8OM-Zp7co5dd_oplclMInIrQ8NSIpdlb4VRZHRus7NUjllQlln6DrtIRMZ_QOixJO3oPfOyXIBFwsSJGwjQY05lNMRZUas9bxsoKDIjQ3gZG6_XJBLnlEM45tsjt44nBk4a9d5X_S5PohxzLJEAyv4IuSv0Ax5pC6-a0U7cLSZAV-O4RUnk7gRDEFrTpzEYQFE4exOBUEGiNjmStYbNXQ2srQ_l2MDTfRF_QWkz7vJu61zxLUBzOihnga72_bT9_b4zUuhi99owB2nEZTMafmMaPmaIWNb6wJWmxK_EotmyPWJm8oJN96COOzIGRuIuhu3SR5pgUStX7gkUTUs8R3Xargdh_sNcVoA_VaOTp_qzxMC57sXKi6gqG9scFzXiWbwSvNYsA4KP8jMLe6oFgxuxlJgAqMYMgapn-Bbv1zShcoX6JShMkm2lSyrivk1yP6zcAtRTEFXPZCwU1xgT1vqCQggHq9FhgpdTx-aqx-ZRpKMyDM68O07uWHx-nSkxOr9qXm-f4_h4469h1w9FiC4HkQysmpM14qu2nH4Zv7HIzWjX9co7pNPiam0ZPcTNhkKrtIE3X552h7Y9Fqbbx10Rh57eYj_k30LuNwMFNmrtvqZvu36Fu0LmY06iWnTwqYN9HMj7BkdOIvSSJd5gbYMAqQ9bP_5lXxacvQCp-TPOzTPernZrAgjtJHIRL6eLKsOioodds4GrhgAHcMyQHZ4SGmQVB9VLzNXR1VVV3DW5S6FU6-j3w0gSW2VEgbgStLetKgAMSVL5sBYCJo_XCRBT3KbMGgKEPetjPMFomQhPNHIh2wkAILanOsG7-5gMmh1qrSG3iF5D6Ig86kT1aD6n_RVQlevggwEvi1S2stMSEgMMDBOV7P77ZvT3EE5qEl7-Xp-Yv5-Mpp8M9XoD6SInY7XlttLz-E-UZSUJcdGp9KEdV4I0HQ9O5dTsJEgNh7NWT_87B_As1wvsxKZbUNq5e8cWtrD7lcyDGs_P1bwZ8NIuV7zAN_Q29Y_TIDlKFKEeJizm5xogT8HirDdHjlbLB0LxtXnt8hR5_juzTH76CkkmvoKmqXSV806f3tMuvakb4oqkTkt_I8d2Mledg&cid=CAASPeRoQOfRLsGlONZ17e3lhT83WVtFftt9XqM8dR0lpybolCkMFW_d0mBczzowesEdikHPQHc0eIz6-oK04HI&rfl=1%2Chttps%253A%252F%252Fhip2save.com%252F%240
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fd19711556f6976393fb9f58f570d9d3481a0bfffce678d694bf2e8c823ddb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19665
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FE0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CJ0pbQK8Rt34NVZNP6I-SB577Nb0Sn4KujWdIVycneZ6dCXW2OeBAspSsoyUxngTPE4r71oN396RoRbtVnz4zoMpWtT4EJpVYVZwsQ_XENq_2j3R8
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 1FE0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1FE0 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:13 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410775224219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38028
x-xss-protection
0
expires
Tue, 15 Jun 2021 14:05:13 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 1FE0 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:01:37 GMT
l
www.google.com/ads/measurement/ Frame 1FE0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQySdlvM_P5GDNhSiyICazpk5BApdfhwIKeOp8YpeRa6a89S2hsaBXwpD8WNEXpSzd9zFpO
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D81B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hip2save.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hip2save.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 15 Jun 2021 14:05:12 GMT
expires
Wed, 15 Jun 2022 14:05:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B7C2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hip2save.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hip2save.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 15 Jun 2021 14:05:12 GMT
expires
Wed, 15 Jun 2022 14:05:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB87 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hip2save.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hip2save.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 15 Jun 2021 14:05:12 GMT
expires
Wed, 15 Jun 2022 14:05:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
f131344e-0927-44c1-a684-d12ec66ce712
https://hip2save.com/ 		131 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://hip2save.com/f131344e-0927-44c1-a684-d12ec66ce712
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b58ee3d7b8cf7715cb2efcc2910ced1fbeeac027b23a5f5b600cd8c07c100b1f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
131
Content-Type
text/javascript
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 1FE0 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cabbde8502a6598896a3c812c89ecd99ecfb3e9ca68f632c8c9b3f2a7f6e0046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8601
x-xss-protection
0
server
cafe
etag
18280575870105241958
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:03:34 GMT
4806631725427302382
s0.2mdn.net/simgad/ Frame 1FE0 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4806631725427302382
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2f000784707e7bb8758be5aa61ec51dd76be69e2ed204582bc7e7eb677a2fa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 12:23:06 GMT
x-content-type-options
nosniff
age
6127
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45344
x-xss-protection
0
last-modified
Mon, 10 May 2021 09:38:59 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 12:23:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 1FE0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:03:40 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1FE0 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvV8Z5oDOXLhKnOxhyZPNSRLevl_q3du-ObMHZTrz5R6MF5rls0roOEfXgnkbvEPM8CXRrfQcf9MEcfqPDERrpJ5Si3uOLgz3nM8JgtWFXsW6kDxFfHyzmXRV3_-9vCroBbANUV7UXE57vkX5OjawZOP4jNCIFKGddQMQgKJPmWU-heHCAgNtJOnogqkCXb9R6-Q3huM4SPsLTqwOcZfUFhtgS013cf7GzUgRFOxjaV3aoquJP6gwwB2LXyNyNWQwBf-4dcWbFzAx6TgqIuMVmsp7azt0lgh6__18QnrBbVu5F16BHOm966QajjhsF7TF1_3PHoSknwOcjo5FtzchBJ6jxYbzy00L4LIr6RQIyp5lOWb2nwnggRJehqYaQkTcarLyySOQ9ELgjowyWiir7cQMJvTEdEaMyYHpv6xuwxBeHuTH3SV7Z3w0NrcKwa0BgQlEvzsF_AoRNJX7V34RDOV3uboi_Kju052xC7sQw83xag7uAumTYRuvtmb4QTyUzWNYx7qnoQVf7KSoPAq_3dDdQc0b0_ygfyNOp34umCTxum0ZlMfdqk8aiWFkoZrwVbUgzm6GWHgq11Hpwtj2Zi18Z1a5AgTVJY3uC3nIHhdU8b8uffnCXzketdBm6Vm1IkDCzKFXBrJeoN1452BKUXAETzdCpCpRNlfIc6Sm3HBpLxmboykQgcfAjdN3NgHKbSaIBlI2ZjyRZ3McIXRDxgJESLirr30ndj6dIPVMBcTu8Gdmfeur21d3pHl23KsjRV3eQV63wBBi_u8rMGiSKRkeR4fYJ0pw_9aKhEV0tgGZo7JChn1qoUyzEuzBgukianRFyc7Lq9ZLdPt-aXDp_rIS3XXa6rcMjEcLjgeSfVrh_DCsuoWNiMkOeikWR1ndFJslSVYsca1RcxUZ8Kwe3zixQiX4xkuCMVy_w7EhDybaj74U0L1vPZBfirEZRYbPmeUhF0LVnkTxoZITPAAJo-8_sS4cgUwbDZkbgRQiYTzdJmpKwxtN4y-YTpzvEq1Ee_RjWghvjAZNXuoRuVATIaYqnIeF8BLj202l9DdSWIrRifHVaQiLYDWeuOLKsNnQt50nBSROwuJ65FUfkupe9cwHWxwwqFr_heiDoMQ84SpMlr7y-FiO155uWe3QM&sai=AMfl-YTFg-KOM2d6wYiD7LhMdweKJvpZuptnXeArBhM8T1H_lGaAtJ6LjMGqtWTkviuosJn6Uz2n6ltuQVrRh7MhqG6hLvrSAnsKZaEQBngVJ5VAZWgULTqCQ0VSfc1Q-V8PZTQVuRr2w5mknZtDpD9nSNbDa-Ro9vaZsNgMOpAs1VuOmk4BnHJfXux83l4HrEuroLPmRLp_FbuL3hIUbvJ-9X63sQ5vwSRrbmoAZRo-jg&sig=Cg0ArKJSzFsagvOiTNfXEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.62001&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8yYq424s5RlshmTe--rMJO7ef21u4PQAGC6QQvPhMaapBAAZ8dEMezwMCiFALweY5uLOG3tF4MaHBWXV_e6744Y2TcY3uQiGYEaV-O_R6JSeaEToYFmISbjtglLXUO38OXUYj-DqYwZzgmGLHDXp2DfzG-A&dbm_d=AKAmf-D_OajqjEr0LciJKUKVUGvOpyDJ4boUUjNULzLhjoGx6CTiOz4u-ZHJpa1QdDYzNzBaiwW58yCRnvlOCHGW3Ysa95CQiSoc7E3nv6z_W5vLGYGubueujCcLQ8ujaL7TzvUkV3Nn95SJOfVFYdV6ZHf6jB77gok0FmBmR91dxaesdzM9xRy7ELCztotzVW7iw0njvbvfgbk5QxN7l-EPKngWPNXkdX-w5r0wH4i0FuSK0J2U8RezuhS7I43kdTnbxHW7_HtijZ0OYeCkAIEDHhNiTHfUn88xSwt70sjGv0Koput8pDbYoCUJBLYwHclT0bSpPd0BR18mABtrR1nJ6zqwfaZEPlNKDfmQoMkjlJSeBgnTBzSJZHJDYpv5j7vm8grS5uDbBmEo5ksOoDCPGoFjNcwQjUE4jAYOELt0_8Fp0DiKfW8gbfDpirHdheQ7NDzqOxxc91JRXFbjT06pHkK4wc81G8ef0JB_KwplRC6JMBqTiddVXyjsxrq-q2-frOw9jJUZ92A0tZyAG0itCMW2epvMloSJsQAY_4HdC3TG_L5Bs63rjQOvQPbe9hNoELbwvgFIdPPOC4n-M0wQIWJEM0ThUJ6Nzcu32Tkrs_-TtGCSZTx1stN7cCZejcayRneqm8SOHGSaBPDqGmLs_1wmgEwKZfYiw_sI4l-j53YyuioE_J0xw-WxM9l0W1rVaTvSLcHV7DogS6dr2Ur8vuGepJLKJlbP38IIuFwT5DFpicD7MyP45NdA9nx0lZczg04jZ02MnZIIj-2NeRVxTbmrDyhhMyKaLe2FLcyv-7IjyCvxa8hBdIMPIEknvIQK8odVdghx5OLl0YULxb7f8CQRbTxp9uedXrfkEYcVEkfw5FOG0n7UN_SfsdmKSMV__rJE-51BLSjz_9d8HvwqXY_15rKKiMjNV87gkTd9zlBSvGWt9IaopM15gSF-9HDb_TfhrKoy61tODBbqbRjCbEPOlf5C_xKBZBuipDYIemqHGzFIOf_eOqrNsaHa8v201RjSALyhl61DVZtdWKBn6TFdCqzq6oSBaBYDmR1kWAMXGDmtO78lG-yGWW9jAn6zK_xLOJ6oTS-kE3lRUUaUBVL58e1mkbVyAYDBxIrbKqdFqo_wnWIFnL4v_SlpHs4iNK7FHufRvVjjRKcbIbZo4gWevN9Zg6yezMqyc3sxA2dUpcKMM6lAr15VNruTw-Zwb7FsazS5SH5QCpLKDoAOmSjy92Hn5dSbpGTtGSieATYGVwLFQFNcGxIRyeSuRvRMxKqw60tdyyZEPNsRRCB0w-l5O2GWg2VhEhFS-wk0fT0mvE-tL8-52E0xqaYVoqgotUMEZXjM3BQdjay3HENbz7z9_35GfsZmKlR8u-iOy9kRynB4foTKZZaLapnKD_QwEx_gROaMHd3wyoN9nmrIjfwnc3UjdhnpRqUZ3htQFc7fv6LXN9u5Z7RSFKagsue36oaQwJ9gDJnXaK_fLAAXCTJzB3uggTRSKMzrarclfpTkrPTouuHSu0EVcnE0NVW4a1tpo2fN-2DFtnQe1CPkkKGUJ0zHu-N6a9cFa2YYH76r_xP3vmqSuEYos2Y57Wc6ugDXF6oXhuk66HDBPS3Ub-x06Eu5gDprP5_57zO1NM7vuqToRDna_0_2JR6alOvP9_RW0aIC53GnZbvIVb4BQ1X1h0jidZDvFOLcotle1ZyqGUhil0Q8qfVMirCVjsARClzT70o8ZWbC1aLDs5KsCr6Xjxd8Uubi3D5HsO8pu62BoHZn5MXfpJwCUbUfA3EFIuTKa0I6hiyeTZDHOlfM_cg2KBvAhAHdPba77m39_6dJf-L990DEAS7a43twGu_GZjbmtEvKvcvFEq0r6aVcR3hmTi5hNJHlN6prkUeNWYrfaNQJkLZcsZeUyf82nvhKsitcnanWPPTUWvW2AhD4_OjfkcpDrkMhhp87mljjgOKJ0U0R8lYhjbRtkXo7cAbG-1YksohB4v8OM-Zp7co5dd_oplclMInIrQ8NSIpdlb4VRZHRus7NUjllQlln6DrtIRMZ_QOixJO3oPfOyXIBFwsSJGwjQY05lNMRZUas9bxsoKDIjQ3gZG6_XJBLnlEM45tsjt44nBk4a9d5X_S5PohxzLJEAyv4IuSv0Ax5pC6-a0U7cLSZAV-O4RUnk7gRDEFrTpzEYQFE4exOBUEGiNjmStYbNXQ2srQ_l2MDTfRF_QWkz7vJu61zxLUBzOihnga72_bT9_b4zUuhi99owB2nEZTMafmMaPmaIWNb6wJWmxK_EotmyPWJm8oJN96COOzIGRuIuhu3SR5pgUStX7gkUTUs8R3Xargdh_sNcVoA_VaOTp_qzxMC57sXKi6gqG9scFzXiWbwSvNYsA4KP8jMLe6oFgxuxlJgAqMYMgapn-Bbv1zShcoX6JShMkm2lSyrivk1yP6zcAtRTEFXPZCwU1xgT1vqCQggHq9FhgpdTx-aqx-ZRpKMyDM68O07uWHx-nSkxOr9qXm-f4_h4469h1w9FiC4HkQysmpM14qu2nH4Zv7HIzWjX9co7pNPiam0ZPcTNhkKrtIE3X552h7Y9Fqbbx10Rh57eYj_k30LuNwMFNmrtvqZvu36Fu0LmY06iWnTwqYN9HMj7BkdOIvSSJd5gbYMAqQ9bP_5lXxacvQCp-TPOzTPernZrAgjtJHIRL6eLKsOioodds4GrhgAHcMyQHZ4SGmQVB9VLzNXR1VVV3DW5S6FU6-j3w0gSW2VEgbgStLetKgAMSVL5sBYCJo_XCRBT3KbMGgKEPetjPMFomQhPNHIh2wkAILanOsG7-5gMmh1qrSG3iF5D6Ig86kT1aD6n_RVQlevggwEvi1S2stMSEgMMDBOV7P77ZvT3EE5qEl7-Xp-Yv5-Mpp8M9XoD6SInY7XlttLz-E-UZSUJcdGp9KEdV4I0HQ9O5dTsJEgNh7NWT_87B_As1wvsxKZbUNq5e8cWtrD7lcyDGs_P1bwZ8NIuV7zAN_Q29Y_TIDlKFKEeJizm5xogT8HirDdHjlbLB0LxtXnt8hR5_juzTH76CkkmvoKmqXSV806f3tMuvakb4oqkTkt_I8d2Mledg&cid=CAASPeRoQOfRLsGlONZ17e3lhT83WVtFftt9XqM8dR0lpybolCkMFW_d0mBczzowesEdikHPQHc0eIz6-oK04HI&rfl=1%2Chttps%253A%252F%252Fhip2save.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 15 Jun 2021 14:05:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1FE0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 09:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15811
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 09:41:42 GMT
container.html
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A6CF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hip2save.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hip2save.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 15 Jun 2021 14:05:12 GMT
expires
Wed, 15 Jun 2022 14:05:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame EE12 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPrKkwEQ95m_zAIYutSMqAEwAQ&v=APEucNUMlNNoxZFJDb4tWEQJCCy8tU1K2fWTfrb9xdf6DcPgYdmlLzp_5gYVspVE1lg5XfjpzrqsglMlSt6fZadDOVDVy_mj_Q
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPrKkwEQ95m_zAIYutSMqAEwAQ&v=APEucNUMlNNoxZFJDb4tWEQJCCy8tU1K2fWTfrb9xdf6DcPgYdmlLzp_5gYVspVE1lg5XfjpzrqsglMlSt6fZadDOVDVy_mj_Q
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkjGsMBFSi70V2huGGjX5IPftI2TX97bmdhnxa6Phpe6wseDHmOmTOHcfbFAvw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 15 Jun 2021 14:05:13 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 15 Jun 2021 14:05:13 GMT
cache-control
private
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame D81B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:58:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
399
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7010
x-xss-protection
0
server
cafe
etag
16168581138844513892
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 13:58:34 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame D81B 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
754
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2661
x-xss-protection
0
server
cafe
etag
7752240862628680351
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 13:52:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D81B 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuG7UUaOfFTzbI0YlXTbWjehCtqC-ao9OxHnhq4rS9S0y53my_W2yvwPtUhIeiMTLShTpUxuos54ByW88B7YTbyb_8K3bUmlDcloGb2BkCPMc8gpfrYrJyAEaV027w-caGRzbLvhHN_ubLcyivT-7LV2nuHGDHeDu0yBftrHuJqOImwOMqRczg759GbRD_kYoDGTBayAgcVMwWDqRkAlZqYaqDGIaeWMhH1DBinLSoeUdaIMYF412H005Lads5Pr8pe7PxfWm0WgrMvSs6s1AvUQeF1jRsVgjYexi7vSzAjAleCQb0jQWP8aKpe0ao1rD___HeGQ2MEP7_1yC_JvjWvlJcbYyJPJjWBX9KLTR3nv_WXowrOsecP-lbN-Np8rBmqODL6JCJt5CbXI8pVMt55gNIkfw9IWS-DusDFKr6khfOd_RaV8OjSY5NH2I9sDqLAUmi57jCWh54rmipWl-PG4krrmyL1hB3GRkMaKtrz0F5jtW-K8SF7PorrV6c7jat3nQ7-lYsqWuwlQ5_zkVT3-NMl3NIleEFsJ4f2XoF6lNIRSbbcHUSi9RUm29lwW-H-22rDXAk7NDxTHoYCklK0EZUktD0uUqUpbwxFGx6tacjD8TFHrzvEkbjflLh91kWj6Uyz5QR5N64lpHFJ6bfIA2hndVlu33RXI3i0-6936pZPFzkXLVhqikoZ6dN3I18RHCnaql6I7mOAnbwxvaEXTjwadcSOomMvbMiZG6w7ewNEly-9tBMqa_bE5iU5W2L_SC3Nc-GXMg-0TiHAMt6Dv5PSVXLFa695tTCW4h2Ad0sFwZPjXaQXlAAEPEYeDp1ar2aqcfaiNlUsgIFlR4JWY22P6eH5SNuATnfe6xaV4jX8XC64APSd1j_8-GU0Ww8Q2glp1q2sHLkJ3VAbrf2CzAosgA7DelOB5AkJ2dKbl9K85fYcE8dRJHc1G_Wjnm49H77vaDLY9PjmLJJj2tIcThnuBb_svKLEAAG-yrVFM8mU2eQ4WHTzXf53cpEO-cMkUQnCXiC83dUefP9AjYx9lvgUgHIpceBr60SrNFrfrwH_YsGF&sai=AMfl-YRJCKSwj93cdYNoqS-hUuf2oW2XWdbTMY0UQLTkctkRZOwjCCf29RtFWDq3_DwTZ9bOYxCjw86cENdavrOaN-VPzRadMl-vujYszKNN5jGgZqahBTYVA6UHxOUycqMzsb2pnNxO0LGPnI_X9mPmIGp5JqSR5ErhV4np1WTDNfRXfRuqp-kyIE2_S3CZglefl1hU1BVG3pQYm5M8R0614ZP9sKVwjhPE2_F_PMUTojkF2AnyKsvNs3BptS7V4KLml1B7r9ZqbAUjvlinAGasXEBwPiGHhGHDgK9DASaySn--LhGD_TOglyOdZr8P-u8VPPfiTBFEuvvUmulM4fxJKmRv2x4CtaqfDyOiXzENH3OBKl2MwEFxDYKXFpef0yEuISuh8Epn&sig=Cg0ArKJSzNXFW9X-KBMkEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20210607.67803&adurl=
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 15 Jun 2021 14:05:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D81B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 09:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15811
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 09:41:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D81B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dn4PlZASWU-gCKdxB8m0t9I16vrDwAspdgDlolIBJGIXGBnf4ZSCkfaxTQDLudXU8x1yghHBgzbtMDPGEywtYzScPxS-yExNUqxDbJZGbmOgsiGO8
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame D81B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D81B 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:13 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410775224219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38028
x-xss-protection
0
expires
Tue, 15 Jun 2021 14:05:13 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame D81B 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:01:37 GMT
l
www.google.com/ads/measurement/ Frame D81B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSa-lqW1fRHX3WU-JgJohP_lC7rGAweUFajiZRthO1cSotCgJ31Uc4Ic9EZVbeK-GQ2rrig
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1688557494040297848
s0.2mdn.net/simgad/ Frame D81B 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1688557494040297848
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0025a744c37f33533410f746c6693b101d34fec465c1de4ddc1f2db491c1028
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 13:40:16 GMT
x-content-type-options
nosniff
age
260697
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47350
x-xss-protection
0
last-modified
Thu, 06 May 2021 07:13:23 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 13:40:16 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1FE0 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvV8Z5oDOXLhKnOxhyZPNSRLevl_q3du-ObMHZTrz5R6MF5rls0roOEfXgnkbvEPM8CXRrfQcf9MEcfqPDERrpJ5Si3uOLgz3nM8JgtWFXsW6kDxFfHyzmXRV3_-9vCroBbANUV7UXE57vkX5OjawZOP4jNCIFKGddQMQgKJPmWU-heHCAgNtJOnogqkCXb9R6-Q3huM4SPsLTqwOcZfUFhtgS013cf7GzUgRFOxjaV3aoquJP6gwwB2LXyNyNWQwBf-4dcWbFzAx6TgqIuMVmsp7azt0lgh6__18QnrBbVu5F16BHOm966QajjhsF7TF1_3PHoSknwOcjo5FtzchBJ6jxYbzy00L4LIr6RQIyp5lOWb2nwnggRJehqYaQkTcarLyySOQ9ELgjowyWiir7cQMJvTEdEaMyYHpv6xuwxBeHuTH3SV7Z3w0NrcKwa0BgQlEvzsF_AoRNJX7V34RDOV3uboi_Kju052xC7sQw83xag7uAumTYRuvtmb4QTyUzWNYx7qnoQVf7KSoPAq_3dDdQc0b0_ygfyNOp34umCTxum0ZlMfdqk8aiWFkoZrwVbUgzm6GWHgq11Hpwtj2Zi18Z1a5AgTVJY3uC3nIHhdU8b8uffnCXzketdBm6Vm1IkDCzKFXBrJeoN1452BKUXAETzdCpCpRNlfIc6Sm3HBpLxmboykQgcfAjdN3NgHKbSaIBlI2ZjyRZ3McIXRDxgJESLirr30ndj6dIPVMBcTu8Gdmfeur21d3pHl23KsjRV3eQV63wBBi_u8rMGiSKRkeR4fYJ0pw_9aKhEV0tgGZo7JChn1qoUyzEuzBgukianRFyc7Lq9ZLdPt-aXDp_rIS3XXa6rcMjEcLjgeSfVrh_DCsuoWNiMkOeikWR1ndFJslSVYsca1RcxUZ8Kwe3zixQiX4xkuCMVy_w7EhDybaj74U0L1vPZBfirEZRYbPmeUhF0LVnkTxoZITPAAJo-8_sS4cgUwbDZkbgRQiYTzdJmpKwxtN4y-YTpzvEq1Ee_RjWghvjAZNXuoRuVATIaYqnIeF8BLj202l9DdSWIrRifHVaQiLYDWeuOLKsNnQt50nBSROwuJ65FUfkupe9cwHWxwwqFr_heiDoMQ84SpMlr7y-FiO155uWe3QM&sai=AMfl-YTFg-KOM2d6wYiD7LhMdweKJvpZuptnXeArBhM8T1H_lGaAtJ6LjMGqtWTkviuosJn6Uz2n6ltuQVrRh7MhqG6hLvrSAnsKZaEQBngVJ5VAZWgULTqCQ0VSfc1Q-V8PZTQVuRr2w5mknZtDpD9nSNbDa-Ro9vaZsNgMOpAs1VuOmk4BnHJfXux83l4HrEuroLPmRLp_FbuL3hIUbvJ-9X63sQ5vwSRrbmoAZRo-jg&sig=Cg0ArKJSzFsagvOiTNfXEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=180&vt=11&dtpt=179&dett=2&cstd=0&cisv=r20210607.62001&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8yYq424s5RlshmTe--rMJO7ef21u4PQAGC6QQvPhMaapBAAZ8dEMezwMCiFALweY5uLOG3tF4MaHBWXV_e6744Y2TcY3uQiGYEaV-O_R6JSeaEToYFmISbjtglLXUO38OXUYj-DqYwZzgmGLHDXp2DfzG-A&dbm_d=AKAmf-D_OajqjEr0LciJKUKVUGvOpyDJ4boUUjNULzLhjoGx6CTiOz4u-ZHJpa1QdDYzNzBaiwW58yCRnvlOCHGW3Ysa95CQiSoc7E3nv6z_W5vLGYGubueujCcLQ8ujaL7TzvUkV3Nn95SJOfVFYdV6ZHf6jB77gok0FmBmR91dxaesdzM9xRy7ELCztotzVW7iw0njvbvfgbk5QxN7l-EPKngWPNXkdX-w5r0wH4i0FuSK0J2U8RezuhS7I43kdTnbxHW7_HtijZ0OYeCkAIEDHhNiTHfUn88xSwt70sjGv0Koput8pDbYoCUJBLYwHclT0bSpPd0BR18mABtrR1nJ6zqwfaZEPlNKDfmQoMkjlJSeBgnTBzSJZHJDYpv5j7vm8grS5uDbBmEo5ksOoDCPGoFjNcwQjUE4jAYOELt0_8Fp0DiKfW8gbfDpirHdheQ7NDzqOxxc91JRXFbjT06pHkK4wc81G8ef0JB_KwplRC6JMBqTiddVXyjsxrq-q2-frOw9jJUZ92A0tZyAG0itCMW2epvMloSJsQAY_4HdC3TG_L5Bs63rjQOvQPbe9hNoELbwvgFIdPPOC4n-M0wQIWJEM0ThUJ6Nzcu32Tkrs_-TtGCSZTx1stN7cCZejcayRneqm8SOHGSaBPDqGmLs_1wmgEwKZfYiw_sI4l-j53YyuioE_J0xw-WxM9l0W1rVaTvSLcHV7DogS6dr2Ur8vuGepJLKJlbP38IIuFwT5DFpicD7MyP45NdA9nx0lZczg04jZ02MnZIIj-2NeRVxTbmrDyhhMyKaLe2FLcyv-7IjyCvxa8hBdIMPIEknvIQK8odVdghx5OLl0YULxb7f8CQRbTxp9uedXrfkEYcVEkfw5FOG0n7UN_SfsdmKSMV__rJE-51BLSjz_9d8HvwqXY_15rKKiMjNV87gkTd9zlBSvGWt9IaopM15gSF-9HDb_TfhrKoy61tODBbqbRjCbEPOlf5C_xKBZBuipDYIemqHGzFIOf_eOqrNsaHa8v201RjSALyhl61DVZtdWKBn6TFdCqzq6oSBaBYDmR1kWAMXGDmtO78lG-yGWW9jAn6zK_xLOJ6oTS-kE3lRUUaUBVL58e1mkbVyAYDBxIrbKqdFqo_wnWIFnL4v_SlpHs4iNK7FHufRvVjjRKcbIbZo4gWevN9Zg6yezMqyc3sxA2dUpcKMM6lAr15VNruTw-Zwb7FsazS5SH5QCpLKDoAOmSjy92Hn5dSbpGTtGSieATYGVwLFQFNcGxIRyeSuRvRMxKqw60tdyyZEPNsRRCB0w-l5O2GWg2VhEhFS-wk0fT0mvE-tL8-52E0xqaYVoqgotUMEZXjM3BQdjay3HENbz7z9_35GfsZmKlR8u-iOy9kRynB4foTKZZaLapnKD_QwEx_gROaMHd3wyoN9nmrIjfwnc3UjdhnpRqUZ3htQFc7fv6LXN9u5Z7RSFKagsue36oaQwJ9gDJnXaK_fLAAXCTJzB3uggTRSKMzrarclfpTkrPTouuHSu0EVcnE0NVW4a1tpo2fN-2DFtnQe1CPkkKGUJ0zHu-N6a9cFa2YYH76r_xP3vmqSuEYos2Y57Wc6ugDXF6oXhuk66HDBPS3Ub-x06Eu5gDprP5_57zO1NM7vuqToRDna_0_2JR6alOvP9_RW0aIC53GnZbvIVb4BQ1X1h0jidZDvFOLcotle1ZyqGUhil0Q8qfVMirCVjsARClzT70o8ZWbC1aLDs5KsCr6Xjxd8Uubi3D5HsO8pu62BoHZn5MXfpJwCUbUfA3EFIuTKa0I6hiyeTZDHOlfM_cg2KBvAhAHdPba77m39_6dJf-L990DEAS7a43twGu_GZjbmtEvKvcvFEq0r6aVcR3hmTi5hNJHlN6prkUeNWYrfaNQJkLZcsZeUyf82nvhKsitcnanWPPTUWvW2AhD4_OjfkcpDrkMhhp87mljjgOKJ0U0R8lYhjbRtkXo7cAbG-1YksohB4v8OM-Zp7co5dd_oplclMInIrQ8NSIpdlb4VRZHRus7NUjllQlln6DrtIRMZ_QOixJO3oPfOyXIBFwsSJGwjQY05lNMRZUas9bxsoKDIjQ3gZG6_XJBLnlEM45tsjt44nBk4a9d5X_S5PohxzLJEAyv4IuSv0Ax5pC6-a0U7cLSZAV-O4RUnk7gRDEFrTpzEYQFE4exOBUEGiNjmStYbNXQ2srQ_l2MDTfRF_QWkz7vJu61zxLUBzOihnga72_bT9_b4zUuhi99owB2nEZTMafmMaPmaIWNb6wJWmxK_EotmyPWJm8oJN96COOzIGRuIuhu3SR5pgUStX7gkUTUs8R3Xargdh_sNcVoA_VaOTp_qzxMC57sXKi6gqG9scFzXiWbwSvNYsA4KP8jMLe6oFgxuxlJgAqMYMgapn-Bbv1zShcoX6JShMkm2lSyrivk1yP6zcAtRTEFXPZCwU1xgT1vqCQggHq9FhgpdTx-aqx-ZRpKMyDM68O07uWHx-nSkxOr9qXm-f4_h4469h1w9FiC4HkQysmpM14qu2nH4Zv7HIzWjX9co7pNPiam0ZPcTNhkKrtIE3X552h7Y9Fqbbx10Rh57eYj_k30LuNwMFNmrtvqZvu36Fu0LmY06iWnTwqYN9HMj7BkdOIvSSJd5gbYMAqQ9bP_5lXxacvQCp-TPOzTPernZrAgjtJHIRL6eLKsOioodds4GrhgAHcMyQHZ4SGmQVB9VLzNXR1VVV3DW5S6FU6-j3w0gSW2VEgbgStLetKgAMSVL5sBYCJo_XCRBT3KbMGgKEPetjPMFomQhPNHIh2wkAILanOsG7-5gMmh1qrSG3iF5D6Ig86kT1aD6n_RVQlevggwEvi1S2stMSEgMMDBOV7P77ZvT3EE5qEl7-Xp-Yv5-Mpp8M9XoD6SInY7XlttLz-E-UZSUJcdGp9KEdV4I0HQ9O5dTsJEgNh7NWT_87B_As1wvsxKZbUNq5e8cWtrD7lcyDGs_P1bwZ8NIuV7zAN_Q29Y_TIDlKFKEeJizm5xogT8HirDdHjlbLB0LxtXnt8hR5_juzTH76CkkmvoKmqXSV806f3tMuvakb4oqkTkt_I8d2Mledg&cid=CAASPeRoQOfRLsGlONZ17e3lhT83WVtFftt9XqM8dR0lpybolCkMFW_d0mBczzowesEdikHPQHc0eIz6-oK04HI&rfl=1%2Chttps%253A%252F%252Fhip2save.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 14:05:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame BD1D 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLv8NQCEOfe79UCGKzKkq0BMAE&v=APEucNWf5ODjmkZL-wvr5GVyAgGB7r13i_ZdYdLwnYNYL4Fp5Bo-JewsgaFa1D2PP923hNH32QUX7bXMY4X5ATHxW4NXsZmVBA
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMLv8NQCEOfe79UCGKzKkq0BMAE&v=APEucNWf5ODjmkZL-wvr5GVyAgGB7r13i_ZdYdLwnYNYL4Fp5Bo-JewsgaFa1D2PP923hNH32QUX7bXMY4X5ATHxW4NXsZmVBA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkjGsMBFSi70V2huGGjX5IPftI2TX97bmdhnxa6Phpe6wseDHmOmTOHcfbFAvw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 15 Jun 2021 14:05:13 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 507B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:50:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
867
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7010
x-xss-protection
0
server
cafe
etag
16168581138844513892
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 13:50:46 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 507B 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:50:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
902
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2661
x-xss-protection
0
server
cafe
etag
7752240862628680351
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 13:50:11 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 507B 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUJ_O7Xx99ZExZJMl-mobfxrYgtfKITTU2L_szDSplQPLlwzh4KN4eBGtoPjHtx2mieMBY49AQ3PnInkdQlNk8FrS5_RSvuc9vA6vNu2NaBpjE-1Q2PKQsqNP8pq5GdOfVjnUwf0rk6WQBCbN1zqaIsjTriHLlVrb94wL3eQsSE8r61mn5kr4zzzu0z1Ls5MDj2rECCTw19fdqw_XsxoPg6NMX_espUUHMb8ZiPjhHrZPvXomNf4zrxujrB71AG57nnGGDZ0DWonUyd7CoXyqG-MdL5Zu6rBm7YQ1d0xIeimjCfVs5aGfaZLNxyTDR5xzOXrAZ8nbKa6OtX5i2l5wzHoMGsTxPADGnm1ZOJPPff4IVS5UaNx_99qQwfxn_RQ6ND4pqvT2hduE1Rh8X7LKI9kbkKCxY1ND3l-SimplVsxZ-qV1AgldrFVD0g1es8uigkWxR2EAkoL5iEyLrizfvvd-KF9O2eT6vacd_O5CdPVDHnHbxS0fQ2O2vTANgp7iNpPqTOk8fq_3WHLvGbs7R5e-1hYYnsbaVTDjHdIZCL0dnSksCcHZaybnC43hMTOW_KoEjyLEtC8Ro8S3vVoobcrQtLXvFsRs9JzMvVuKVc3ecvafE0xCCtdvLe2t6TW6JCz9tW8HVYABEDJw5itgcJ4G6bLHjrUO-oBE24UZTj4H6P6LoR3X21rHcMYlGCGCTFmlAzpHraXu9zQ7ySkZsY9vG1AV8pYZ6fLTJI4QEtFtqNuw6G8TplSnFLeahNfVO9Nv7N5iGlercpH6zmIswJM2Ep-aUpi7SHXVAzezvaxI_tyo9N3o28yP85saR8oCz-hMfINXEUnblrrfspqHxljy1XDdYkmoQFeuaI4R5t5JGCRD_oy77NSlH11Vb1V4UU9sdiiPM7v-QWy3MjNLTNtwZpnwqUq7-sFdDffCICjmnA6pT_Il26IArSiN-Yq3B2ezwKqY8d-EmEyzD0iPfVgyW4AF1rxUOoDAUz-s6CqigoVKj-9f0ptBpILW7srqJBf81YpZjwV0CYBYtQkWQFJFGtJ41AlDnKrDjN0a_Qr3_wyMasB3zQtFNjXkh&sai=AMfl-YQCj0KZCjX5JuP1YJOUXTq1GWha0X35b2Gqfp8riSYCWpHK-0DBsbB2oVAwXQ1nfvTPR4srGyxoQbcRB938_McaqFPRwTkcFobWNRWsCX6ydOzPmvhNjs0DhJhI2rY9Ee1EbMsB5SIzmmLA_zEmwnv2jK_Sw-A51LwJY5n3-BnTM9b5exCXMNG2oj52vj8ZqslUVJoFzzH9l5-IfCpD4ZkVgFr7PUAFhSztpu5iFmJCSfYk7AfL8sV8wxa8z-IWFH9VbzxQpfxiZVujID-BDpYgnrTkPf_BjMEe-kZEvAfO8CPlLfZti4x0kCJu4MvCWK78NOFCCl_OcOtXaie6LyQlCy67MYvalomYx9wneHS1PWOfo5AqwjOktVE6DkcENQ&sig=Cg0ArKJSzPp9y63WWZCbEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.30166&adurl=
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 15 Jun 2021 14:05:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 507B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 09:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15811
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 09:41:42 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 507B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 507B 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:13 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410775224219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38028
x-xss-protection
0
expires
Tue, 15 Jun 2021 14:05:13 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 507B 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:01:37 GMT
l
www.google.com/ads/measurement/ Frame 507B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIk2kRpPFcdnynty0xZEqfeDV38mjZ05Nx-wz9fDSVQguIy_tQszlPJxW5Zh9Ce4L-BT6I
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 507B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3ChkOn7gpgROJm6SwGyPp7iwyjkVoiPQriN3WsG19PUSpyc1TwrJhRFaQ-BQbq8u61yHZtZyR65U-dQHoqvg5CltNU-Z95lTAM7nljDPD44oiOd0
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3863183378770797927
s0.2mdn.net/simgad/ Frame 507B 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3863183378770797927
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67b7eea8ce72deebcc9dfebd108083bc40b631547e20e6c6196a4ed65414a597
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 13:47:26 GMT
x-content-type-options
nosniff
age
87467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102226
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 10:57:19 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Jun 2022 13:47:26 GMT
container.html
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3C2C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hip2save.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hip2save.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 15 Jun 2021 14:05:12 GMT
expires
Wed, 15 Jun 2022 14:05:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame EB87 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:58:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
399
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7010
x-xss-protection
0
server
cafe
etag
16168581138844513892
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 13:58:34 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame EB87 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
754
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2661
x-xss-protection
0
server
cafe
etag
7752240862628680351
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 13:52:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EB87 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwo9uwWqZUUmk-yY1cZCMjZJK84Xtt7S2_pgjgNiU90_bFsN2BGDKymLH2Vjb436wg1yGjwAQ5167RmwAP2kJl6nMs4G-d9Oj0MsAcmA7JpaCsL6Kc5A83wqnUiIAEiO61h6WvtpVUkGrBns1x3zWyyFq-JPdh7268boknf-oJoIcMhLkvkJWLc8XMbrYvfHsoVy7ypK9lnT1IMcNE4KTkOhvxN73FrTXc7Yly5m9QZHAwls4p7NlmVwtFQAKU3rRCye0Tss7GRUCZzUCYAWYVkkZKf4GDM69_ovJrYppJlqsx-j-ncUNTriabcR_mUmoU1duz5OO_ckXZpvtR_46q8QjK3dFAuTfB4bH9sturJteh3I18RCLhZXX79tUoqkQ8q9Ml1xuXt_4klS9ilauYUGQx5HQrnU6lpzVC6cVX3BWES_tcS_HslKV5VoOPT0UtKB6Vtyua2lXm_1aagAEOmz6901Bj6YhWz9g_XrbciJNEi56U-r7tlMd0351Pm3YgfqEuqdTHVIYDNu5YvZRKu7gPTBoZYjfHKNEDQajyxwpsY95bJuTD1n0gD13MGOIL8-mFldekd2YdAWLwHRg-thA69ah4uALsh5JCL2ELqoSqKJM-imo5OCNC10PKc5u83-Ev37Llgx8lcUtx9KcgJhSeBcVQ6r0PgcCiQiStzHwdgXfo-vu27AI-0VAz8ojSmRmTDKoxJ7-QOzEtBEffHIKJpOha1Ni4fGDDCyd_EpXHDYi13XaXbDcQWvKiiGYvB_TC4VDVHaGvsGAzhr2DlBOh4sX9OlXn3ki5dlZScPtBULuGxTbDlU28HZcT7LzeItchh0Ffcq6sW5DLY4Ev6ctiadT0z9vU1J7j0zkr7EkvIAxNbB71WbLlrd211ie8XZMYqOktZZMF3esa2LtMiXC80q9iY6gMO_gR_boruubwn_yig9aJYuGfA6NEvkX5_baTuseoL0cqSLfWdYZbYqQhcTYW__3rnaKSE6_dJ_BniJ9lLi4kgbfDfsLoTEx25fRYe6Bcr__DHlPi749YreAeKb1s33cXBNYX3vyxOkcpesPVM4RqhK0bDtvCpYJi&sai=AMfl-YTnqtPyqYU2TRzuCScL8Kne5A4SZU-XiNNwmhnKOpGCnX0y99GGosr5vFOTFKUHEmyddQq7_JJsAWk6yfWe7MH2L361PkkDgOMio2UZ68s99HI9Kl5jnAoKQVEBWP4CpWfq9G9jKLa74Ajn_Az0ofryH1Lyehq1IBnXJZPGPqisGdP1Uitjm1QbwTgSOfAHUEnSyRrwTEJEGWz7TkuPK7clprM3Buihs43f_YhKwmLi7epAd9gg1TEOs98xaSDw74XZ4dME7n1gItfGGFcsvLR5QRmf8Yn24T_sBBZphEn270Ozp4dXqkwAYKo_v0Zv5kGVbs5LCZGNt_S011E4t6_2FLFMgreoQ6Nq4rxheUH63Wy7T6u3bn1mhRVtK2nFlw&sig=Cg0ArKJSzGlUQ22XEuRgEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.38015&adurl=
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 15 Jun 2021 14:05:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EB87 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 09:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15811
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 09:41:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EB87 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_voXxxv8cDFwtY13RWjif4wSXasIcx2NxDw1a64LEYvtrBYqfTqXGGh_pOzMOGwrA48iX3-NsFPZOq2tGiN1V9xDBeQvwXM-pZ7ulI6yVDzx5cjs
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame EB87 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EB87 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:13 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410775224219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38028
x-xss-protection
0
expires
Tue, 15 Jun 2021 14:05:13 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame EB87 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:01:37 GMT
l
www.google.com/ads/measurement/ Frame EB87 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5IKuiZfqx2U24uLHBR23LHe7STJ_zrdrr4TK6IPysm_qK0LK7y0FwODUS6M12NQ13xoXH
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
513041991900046912
s0.2mdn.net/simgad/ Frame EB87 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/513041991900046912
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3eb8e4fa5531069b315b56b7e2cc1fb2f06105f9368a27a624f2e304b918b3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:18:54 GMT
x-content-type-options
nosniff
age
272779
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46698
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 07:15:16 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 10:18:54 GMT
container.html
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 158B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hip2save.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hip2save.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 15 Jun 2021 14:05:12 GMT
expires
Wed, 15 Jun 2022 14:05:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame ACF8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 15 Jun 2021 09:41:44 GMT
expires
Wed, 15 Jun 2022 09:41:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
15809
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1FE0 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63aa143776181f70369c1f400564d071cddcb95c642c3d193a1b6f709d33ef2a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame EB87 		0
0
view
googleads4.g.doubleclick.net/pcs/ Frame D81B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuG7UUaOfFTzbI0YlXTbWjehCtqC-ao9OxHnhq4rS9S0y53my_W2yvwPtUhIeiMTLShTpUxuos54ByW88B7YTbyb_8K3bUmlDcloGb2BkCPMc8gpfrYrJyAEaV027w-caGRzbLvhHN_ubLcyivT-7LV2nuHGDHeDu0yBftrHuJqOImwOMqRczg759GbRD_kYoDGTBayAgcVMwWDqRkAlZqYaqDGIaeWMhH1DBinLSoeUdaIMYF412H005Lads5Pr8pe7PxfWm0WgrMvSs6s1AvUQeF1jRsVgjYexi7vSzAjAleCQb0jQWP8aKpe0ao1rD___HeGQ2MEP7_1yC_JvjWvlJcbYyJPJjWBX9KLTR3nv_WXowrOsecP-lbN-Np8rBmqODL6JCJt5CbXI8pVMt55gNIkfw9IWS-DusDFKr6khfOd_RaV8OjSY5NH2I9sDqLAUmi57jCWh54rmipWl-PG4krrmyL1hB3GRkMaKtrz0F5jtW-K8SF7PorrV6c7jat3nQ7-lYsqWuwlQ5_zkVT3-NMl3NIleEFsJ4f2XoF6lNIRSbbcHUSi9RUm29lwW-H-22rDXAk7NDxTHoYCklK0EZUktD0uUqUpbwxFGx6tacjD8TFHrzvEkbjflLh91kWj6Uyz5QR5N64lpHFJ6bfIA2hndVlu33RXI3i0-6936pZPFzkXLVhqikoZ6dN3I18RHCnaql6I7mOAnbwxvaEXTjwadcSOomMvbMiZG6w7ewNEly-9tBMqa_bE5iU5W2L_SC3Nc-GXMg-0TiHAMt6Dv5PSVXLFa695tTCW4h2Ad0sFwZPjXaQXlAAEPEYeDp1ar2aqcfaiNlUsgIFlR4JWY22P6eH5SNuATnfe6xaV4jX8XC64APSd1j_8-GU0Ww8Q2glp1q2sHLkJ3VAbrf2CzAosgA7DelOB5AkJ2dKbl9K85fYcE8dRJHc1G_Wjnm49H77vaDLY9PjmLJJj2tIcThnuBb_svKLEAAG-yrVFM8mU2eQ4WHTzXf53cpEO-cMkUQnCXiC83dUefP9AjYx9lvgUgHIpceBr60SrNFrfrwH_YsGF&sai=AMfl-YRJCKSwj93cdYNoqS-hUuf2oW2XWdbTMY0UQLTkctkRZOwjCCf29RtFWDq3_DwTZ9bOYxCjw86cENdavrOaN-VPzRadMl-vujYszKNN5jGgZqahBTYVA6UHxOUycqMzsb2pnNxO0LGPnI_X9mPmIGp5JqSR5ErhV4np1WTDNfRXfRuqp-kyIE2_S3CZglefl1hU1BVG3pQYm5M8R0614ZP9sKVwjhPE2_F_PMUTojkF2AnyKsvNs3BptS7V4KLml1B7r9ZqbAUjvlinAGasXEBwPiGHhGHDgK9DASaySn--LhGD_TOglyOdZr8P-u8VPPfiTBFEuvvUmulM4fxJKmRv2x4CtaqfDyOiXzENH3OBKl2MwEFxDYKXFpef0yEuISuh8Epn&sig=Cg0ArKJSzNXFW9X-KBMkEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=457&vt=11&dtpt=455&dett=2&cstd=0&cisv=r20210607.67803&adurl=
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 14:05:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 507B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14318724ec575df15322768052211a7ca7998d6ddf2ee81fc9ef431b73367f8d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 28E4 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPP37q8CENWPgdMCGLnRo6wBMAE&v=APEucNXR3Nxscgf4vmpUdbcbC5J6jRUKHdbQwLqcEHxollXw5bQ0sDzOIlgUzD2In0XFdsYJES4VrfkFMtMDj48Q0NVGXmvUow
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPP37q8CENWPgdMCGLnRo6wBMAE&v=APEucNXR3Nxscgf4vmpUdbcbC5J6jRUKHdbQwLqcEHxollXw5bQ0sDzOIlgUzD2In0XFdsYJES4VrfkFMtMDj48Q0NVGXmvUow
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 15 Jun 2021 14:05:14 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 15-Jun-2021 14:20:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 15 Jun 2021 14:05:14 GMT
cache-control
private
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame A6CF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:58:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7010
x-xss-protection
0
server
cafe
etag
16168581138844513892
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 13:58:34 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame A6CF 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2661
x-xss-protection
0
server
cafe
etag
7752240862628680351
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 13:52:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A6CF 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXIpxC0WT45z3Y4zr5ysIGxGcBKGVy9VznJKF4RbZmJzweLKvyU-Dzp8npmSaKsSxs40fhMx5oNnv1fIWKMl7Bwz1tNfzT1yqmcJXSW9UydsDvGSouCF_UCRQO3yDkUsl7IY0nXsQp5Jb_hcZO9VG8s7RKEDYzDY-dJsABFrI5b8dAPB3DZaJA_5seETRAJzHjKdLfzDK60yYuKOSA5tg_fdxee0EeD2tiaPYU49P-h-z_BhCCFHNu3EcXtflpHZ-d7xkAxGHVoGi4CMI1FgW3mVlFzzenS8W89wx7e4iZ2cmBj8uTgqjlzhrpAIFN24nnpZEzGRcd-wSVGluF4z9zw7IaiNkLZTe6jgU25jixOVLPfIGpEtrPRlxLSlNEOdAb4Z_Bz2qOUXMr2VPvdx2Jcoi0TzFu8dl_jXuAx2-KvCtwfCqcl4nqtU_3Td9IvC3AaZU_28brbuhVlC8RJIUphv8OOf54ndROrYce9uDrKnT__iAolg_rxKi5e6dZccBCkV7o7Bpuxgwyfp3mDYeFZp07GoU8bINVMMPLX1_vdV6Xn_k5WB6VKb0tSxonGezot1Cd1wB0VYOY1frrh_qe7ecv888RA5NOCpHUvWmfEg5ZGCpS5pw0FcYScTCTY6hwhM13FZY3RU2UctAAtjqM3YJNlaD5AXKKLTAsu4oSimktfM0Ifc9cGgPdqA1HS7E1Z0rwxT-H_nDq3zQ7mv8Y7cNqDfUL8yUD4kWUNcIwNIVPP2ACS2c4pVd3oSU_ViPfOgcPAbbuC-m2-Vj_37xFXSGdwtTCpOrjIFi1l2QpTE8rG7ufSq6Mf9Du9efDYXAdvVqpeCST7LIz4etN5iSyGokui8I301hx6X5CCSC8K3ytB7IaqHbwbrnZIZ0uiKvGR0hOOrLYoARAGT4R-TAb1uyJyN4cgdP0VX71JlhWVqLrSHwlHUWv5-iLqerKHObGGSJR8VJpBVbLFly6ue94AfPIUzkq0KrauB7YfPWoO0pF_v0hHBWOFzuZ95639gRqv1GyJxe6SjGmQEUXzvTFyXG6k8fiscdag4uI969yKaupDp3InYbalATrHUMy3w&sai=AMfl-YQ49r5iF9FluEdBJqWFj7bKXPl-pNKWKosxTVcAubpViqGC3YoMFLJckP216sG0k9JrpoAgXfcVT55LHKLlsVUL5RWDD7Y5PrhUoNOb5pjpekpeCtmtiZQq7gi0eMfxlqONZ76wtmEVFMgfbq7vOTpoyyN_XYwrJ7fHg__QGDYoSqRRxdyhBy61aouDiygo5MzUhdvo70lkg0dmXPmwtbEguWSOSoTbh-Pb6ef6z74iJJPjX0PyQaX9Qj7M3gEQoYAIqMVmLKW8RizXnRStZvkVolZXuaK7v4jYjWGvVVbVWHy5plkvghEls5a6Vv9fs9GAp-dihc23G4ROYXehFn3QdjIW7AO6zO-gpkFbeNkXfkPFrvB_ZD3q_ACJt4Dg_IenIUo6&sig=Cg0ArKJSzA36BQmTDdsvEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20210607.92108&adurl=
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 15 Jun 2021 14:05:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A6CF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 09:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 09:41:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A6CF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DVibxJvEpOntl9_5R1dZd9-9pWTGFlySsoR1JvXKO6tbJQgk5qk_NGLeTf2t9I7yM3Vj8ks-gkDeCmUICN5ADgNHaAW83NgYSYopZ_S4ECoqXbxxo
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame A6CF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A6CF 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:14 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410775224219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38028
x-xss-protection
0
expires
Tue, 15 Jun 2021 14:05:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame A6CF 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:01:37 GMT
l
www.google.com/ads/measurement/ Frame A6CF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1QU7d6ui_yofQpjlZdjo6yzces4NFCwGgAaADt9ruH78V9k5rV6XZW8h34VD5ZSTLQlNY
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4202896577143671961
s0.2mdn.net/simgad/ Frame A6CF 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4202896577143671961
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a81b0ad7c749c05130f2edc58146b52fc2918938692aceeb85820e305ceb9cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 09:02:03 GMT
x-content-type-options
nosniff
age
104591
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79891
x-xss-protection
0
last-modified
Wed, 02 Jun 2021 11:04:34 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Jun 2022 09:02:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EB87 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwo9uwWqZUUmk-yY1cZCMjZJK84Xtt7S2_pgjgNiU90_bFsN2BGDKymLH2Vjb436wg1yGjwAQ5167RmwAP2kJl6nMs4G-d9Oj0MsAcmA7JpaCsL6Kc5A83wqnUiIAEiO61h6WvtpVUkGrBns1x3zWyyFq-JPdh7268boknf-oJoIcMhLkvkJWLc8XMbrYvfHsoVy7ypK9lnT1IMcNE4KTkOhvxN73FrTXc7Yly5m9QZHAwls4p7NlmVwtFQAKU3rRCye0Tss7GRUCZzUCYAWYVkkZKf4GDM69_ovJrYppJlqsx-j-ncUNTriabcR_mUmoU1duz5OO_ckXZpvtR_46q8QjK3dFAuTfB4bH9sturJteh3I18RCLhZXX79tUoqkQ8q9Ml1xuXt_4klS9ilauYUGQx5HQrnU6lpzVC6cVX3BWES_tcS_HslKV5VoOPT0UtKB6Vtyua2lXm_1aagAEOmz6901Bj6YhWz9g_XrbciJNEi56U-r7tlMd0351Pm3YgfqEuqdTHVIYDNu5YvZRKu7gPTBoZYjfHKNEDQajyxwpsY95bJuTD1n0gD13MGOIL8-mFldekd2YdAWLwHRg-thA69ah4uALsh5JCL2ELqoSqKJM-imo5OCNC10PKc5u83-Ev37Llgx8lcUtx9KcgJhSeBcVQ6r0PgcCiQiStzHwdgXfo-vu27AI-0VAz8ojSmRmTDKoxJ7-QOzEtBEffHIKJpOha1Ni4fGDDCyd_EpXHDYi13XaXbDcQWvKiiGYvB_TC4VDVHaGvsGAzhr2DlBOh4sX9OlXn3ki5dlZScPtBULuGxTbDlU28HZcT7LzeItchh0Ffcq6sW5DLY4Ev6ctiadT0z9vU1J7j0zkr7EkvIAxNbB71WbLlrd211ie8XZMYqOktZZMF3esa2LtMiXC80q9iY6gMO_gR_boruubwn_yig9aJYuGfA6NEvkX5_baTuseoL0cqSLfWdYZbYqQhcTYW__3rnaKSE6_dJ_BniJ9lLi4kgbfDfsLoTEx25fRYe6Bcr__DHlPi749YreAeKb1s33cXBNYX3vyxOkcpesPVM4RqhK0bDtvCpYJi&sai=AMfl-YTnqtPyqYU2TRzuCScL8Kne5A4SZU-XiNNwmhnKOpGCnX0y99GGosr5vFOTFKUHEmyddQq7_JJsAWk6yfWe7MH2L361PkkDgOMio2UZ68s99HI9Kl5jnAoKQVEBWP4CpWfq9G9jKLa74Ajn_Az0ofryH1Lyehq1IBnXJZPGPqisGdP1Uitjm1QbwTgSOfAHUEnSyRrwTEJEGWz7TkuPK7clprM3Buihs43f_YhKwmLi7epAd9gg1TEOs98xaSDw74XZ4dME7n1gItfGGFcsvLR5QRmf8Yn24T_sBBZphEn270Ozp4dXqkwAYKo_v0Zv5kGVbs5LCZGNt_S011E4t6_2FLFMgreoQ6Nq4rxheUH63Wy7T6u3bn1mhRVtK2nFlw&sig=Cg0ArKJSzGlUQ22XEuRgEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=436&vt=11&dtpt=435&dett=2&cstd=0&cisv=r20210607.38015&adurl=
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 14:05:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A37F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 15 Jun 2021 09:41:44 GMT
expires
Wed, 15 Jun 2022 09:41:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
15810
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8230 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLv8NQCEOfe79UCGLv8tawBMAE&v=APEucNWdGNJEZh0iwbSI5p8Wg76NxCVHxhVgobD_SY9F1E1uZeAoMvxmcz99BY-NTZMHya2GlCcCELBbtZLoukei006mvp4hHQ
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMLv8NQCEOfe79UCGLv8tawBMAE&v=APEucNWdGNJEZh0iwbSI5p8Wg76NxCVHxhVgobD_SY9F1E1uZeAoMvxmcz99BY-NTZMHya2GlCcCELBbtZLoukei006mvp4hHQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 15 Jun 2021 14:05:14 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUledft6o7uq311TwOQcC6QH_XhJURbSk05yrWHKORTJHjnBHy4HrvZwaF4i; expires=Sun, 10-Jul-2022 14:05:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 15 Jun 2021 14:05:14 GMT
cache-control
private
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 170D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 15 Jun 2021 09:41:44 GMT
expires
Wed, 15 Jun 2022 09:41:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
15810
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 507B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUJ_O7Xx99ZExZJMl-mobfxrYgtfKITTU2L_szDSplQPLlwzh4KN4eBGtoPjHtx2mieMBY49AQ3PnInkdQlNk8FrS5_RSvuc9vA6vNu2NaBpjE-1Q2PKQsqNP8pq5GdOfVjnUwf0rk6WQBCbN1zqaIsjTriHLlVrb94wL3eQsSE8r61mn5kr4zzzu0z1Ls5MDj2rECCTw19fdqw_XsxoPg6NMX_espUUHMb8ZiPjhHrZPvXomNf4zrxujrB71AG57nnGGDZ0DWonUyd7CoXyqG-MdL5Zu6rBm7YQ1d0xIeimjCfVs5aGfaZLNxyTDR5xzOXrAZ8nbKa6OtX5i2l5wzHoMGsTxPADGnm1ZOJPPff4IVS5UaNx_99qQwfxn_RQ6ND4pqvT2hduE1Rh8X7LKI9kbkKCxY1ND3l-SimplVsxZ-qV1AgldrFVD0g1es8uigkWxR2EAkoL5iEyLrizfvvd-KF9O2eT6vacd_O5CdPVDHnHbxS0fQ2O2vTANgp7iNpPqTOk8fq_3WHLvGbs7R5e-1hYYnsbaVTDjHdIZCL0dnSksCcHZaybnC43hMTOW_KoEjyLEtC8Ro8S3vVoobcrQtLXvFsRs9JzMvVuKVc3ecvafE0xCCtdvLe2t6TW6JCz9tW8HVYABEDJw5itgcJ4G6bLHjrUO-oBE24UZTj4H6P6LoR3X21rHcMYlGCGCTFmlAzpHraXu9zQ7ySkZsY9vG1AV8pYZ6fLTJI4QEtFtqNuw6G8TplSnFLeahNfVO9Nv7N5iGlercpH6zmIswJM2Ep-aUpi7SHXVAzezvaxI_tyo9N3o28yP85saR8oCz-hMfINXEUnblrrfspqHxljy1XDdYkmoQFeuaI4R5t5JGCRD_oy77NSlH11Vb1V4UU9sdiiPM7v-QWy3MjNLTNtwZpnwqUq7-sFdDffCICjmnA6pT_Il26IArSiN-Yq3B2ezwKqY8d-EmEyzD0iPfVgyW4AF1rxUOoDAUz-s6CqigoVKj-9f0ptBpILW7srqJBf81YpZjwV0CYBYtQkWQFJFGtJ41AlDnKrDjN0a_Qr3_wyMasB3zQtFNjXkh&sai=AMfl-YQCj0KZCjX5JuP1YJOUXTq1GWha0X35b2Gqfp8riSYCWpHK-0DBsbB2oVAwXQ1nfvTPR4srGyxoQbcRB938_McaqFPRwTkcFobWNRWsCX6ydOzPmvhNjs0DhJhI2rY9Ee1EbMsB5SIzmmLA_zEmwnv2jK_Sw-A51LwJY5n3-BnTM9b5exCXMNG2oj52vj8ZqslUVJoFzzH9l5-IfCpD4ZkVgFr7PUAFhSztpu5iFmJCSfYk7AfL8sV8wxa8z-IWFH9VbzxQpfxiZVujID-BDpYgnrTkPf_BjMEe-kZEvAfO8CPlLfZti4x0kCJu4MvCWK78NOFCCl_OcOtXaie6LyQlCy67MYvalomYx9wneHS1PWOfo5AqwjOktVE6DkcENQ&sig=Cg0ArKJSzPp9y63WWZCbEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=623&vt=11&dtpt=622&dett=2&cstd=0&cisv=r20210607.30166&adurl=
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 14:05:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame D81B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9877c98840b783bbc3e3389028bf4ff176ce57a045a4303744eb8b9856cc304a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D1AF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 15 Jun 2021 09:41:44 GMT
expires
Wed, 15 Jun 2022 09:41:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
15810
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 967C 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLv8NQCEOfe79UCGK3Akq0BMAE&v=APEucNVnwZkQtuVtiQIlShhpikHF4_2vjoX-TOzsIeQWIXrF6UsvRZOlAyfbPMfOr5y6YL4wLLNYkMIgDt_IIvJ9b1WCmfBh_Q
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMLv8NQCEOfe79UCGK3Akq0BMAE&v=APEucNVnwZkQtuVtiQIlShhpikHF4_2vjoX-TOzsIeQWIXrF6UsvRZOlAyfbPMfOr5y6YL4wLLNYkMIgDt_IIvJ9b1WCmfBh_Q
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUledft6o7uq311TwOQcC6QH_XhJURbSk05yrWHKORTJHjnBHy4HrvZwaF4i
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 15 Jun 2021 14:05:14 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 3C2C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:58:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7010
x-xss-protection
0
server
cafe
etag
16168581138844513892
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 13:58:34 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 3C2C 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2661
x-xss-protection
0
server
cafe
etag
7752240862628680351
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 13:52:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3C2C 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuxQafGPbhCQ-Wr9xWXC7U4TWIFgKYDWK3_hKHaggE1144MfyyOeYa_G_XZK-GbLatLn0Lz7suwTzrZMucfjVIJQm95b1hHWCUOdHHuOqK9Qx5vR-p6A4OuqeEq_U8UIRaURLxXNCvQbkaYN7v1B6dMO7MVQRS_2fIo2bnf6I0vkG1392bXUkpKo9Hmh05WY1KN-wncMKS3zX4O9fyq3cApB_DnmtzskDcloeK-zR7VyPoIaAAhPQcKNy-O7mMQEl0KiAQeMLyvT-HmNHBcjq85AwfUDk0soayOhi9TRytWR5U0tWtL5Fsw7zZ81WrkCprL4bTF6tQsPCkuyQ97TZw3bYX3dYYO2LonWIgPqymhbYXEek8OscyH2xK7v8EUXlKpKVPjrhXbnx3Q-WkJTWUr9HEK1NBnCA3rss5HHEy14m84qyS2vx7T14A3jh0hBCRYXFJWjIvYQp-iAETFPe0haV2QKzHRBRkMAKCe4hrbrKw_Jppqz6oVo3iT2M9Kmzuh8wMhKySquI9s6xQf_CygZtLJsggX_tC3OZWWSnXaHDsO9sjlF9xwZw89kr0Zq8yL41Jty75xfiZW9qwY2zAj1D6edZ9vZxHGF8Ey5VKIR3V498WSaBnm94JBz-rpRMZhLbg3ARSWXY-PMdL3ueHrjmLU9sV7DtLTpoXd7dWU_LIehLqHIJ5KzBxsdaItzMJVR47G6_aN2Tz9FuA0Ul-DBxIshimNA2lsMQsNxBkO2YAf5dmyBJxMrLJUdF3Ga9-kC75MWEhbfzJbruisFb8fSGsgdaabZa5OC-cjzNyS-YEYUsLuAH5q9Y7Lr4nff_y7S8vE8SDql7jooQyg1pLRGIU6sd3Lv7SER9qQMh5Ev-LgrXgrSg6IOtixOFvWwROg7RrSMQgKDCG6DyzJWSAxgNt115-FJRiwaNXaa-_dCl4ZP9ew3muxwaWxIyo1Fhk14KY4dKqinaSbsBIo7iloYElCBLjgZSMSUQqehA6gFvSVwAsgWRD2w9wA2k2VYx8VEjA_oT-qw989hAApxaXC41UL1vsuV_GUauGna1-igWaaylg&sai=AMfl-YRpaMJ-F_Nd0rKcPMFWay8IwiAQVBhtg_vQvx0uKZHTJR9sdcRM4vq25fvWOtR4guQ74IICkzRKdwO_eeePDRpV_Dj2VNj-ckr-DNtY_xlpa_Nm8mutNK_WJekQxsFIOVpWPIM1C3_pwoh0H2uCJi0C3qae_DQT7F63BF6p2T8AMpKpwVaRlbzxylP3HUzxzpkU039zVGrkHR80zarouDGbqXYvoTPX9k80-F4oZHlaIkZwfJi4SqngFukki9xYV57sGYgDJ_7EDoYbQoVcf1P1zfB_cIM75SmLPG8Ork2NSouZgVOUXHM6BqKCDiNqP6asy1gl_EqhLLTsPNtMiIf50zt37PzeGD_7WgGVo1A5xpLkuy_fKHxyoet7o69Zmo1AHKiA&sig=Cg0ArKJSzDKQ76cRrGuKEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.92019&adurl=
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 15 Jun 2021 14:05:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3C2C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 09:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 09:41:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C2C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C1DHLI6s3YoW_CUmESyy3q_-yxmhvku9DVkf9Uzo9SheAzOekmrJ2U_fBrVfaZzivBelwSI2bEKtv6OZB-ep03yqnHy6SkuO-dq7uyDS6VhzGT2lo
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 3C2C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3C2C 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:14 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410775224219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38028
x-xss-protection
0
expires
Tue, 15 Jun 2021 14:05:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 3C2C 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:01:37 GMT
l
www.google.com/ads/measurement/ Frame 3C2C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcneZRslXqS2jTETLgaLhBH7pPwe0zww21XmpZHT42zuFYxvPv7VgM6WqmcBTLef1GjYaS
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6195936930234973088
s0.2mdn.net/simgad/ Frame 3C2C 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6195936930234973088
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f33df76622ff298a6dc5d0344a091cbfce844f40fc01a99954f06ef4960a78c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 13:14:06 GMT
x-content-type-options
nosniff
age
89468
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79718
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 10:57:31 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Jun 2022 13:14:06 GMT
truncated
/ Frame EB87 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a5a19261b9856376eddca81868a35bdf7249454910d8074c5312f269bc83cff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 95BC 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLv8NQCEOfe79UCGLPntawBMAE&v=APEucNVZj_tY-8z-Z4glcSNEUcNDq2fpZB1KrM9BdCSSxo6cxbfvQg885_XSkFHACRhvlgUcCO7qFwBOoJ3_IJ3y8f9MvSH4xg
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMLv8NQCEOfe79UCGLPntawBMAE&v=APEucNVZj_tY-8z-Z4glcSNEUcNDq2fpZB1KrM9BdCSSxo6cxbfvQg885_XSkFHACRhvlgUcCO7qFwBOoJ3_IJ3y8f9MvSH4xg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUledft6o7uq311TwOQcC6QH_XhJURbSk05yrWHKORTJHjnBHy4HrvZwaF4i
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 15 Jun 2021 14:05:14 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 158B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:58:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7010
x-xss-protection
0
server
cafe
etag
16168581138844513892
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 13:58:34 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 158B 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2661
x-xss-protection
0
server
cafe
etag
7752240862628680351
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 13:52:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 158B 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstz06-qGCbdOHFgUjizlLjOAMfcFVovE8xTOjqwYz10Zi6O9_8iXi0g3_QxA5SrrjQvVjsJfSotnaPscj-Aetll2FqmRT5_mrcyTtYq7rYcB3pWniUiVoHDr4_XQweqDFVmEbP8kSUQYfI13v0oairW0wIhmwxEijsnXxUcqNZGRZ0oPKB_k8cXkTbo7jY1XrVifyYj7H9xwTdm6KZtAIPq16mOJjP9SvMMwJZao4c6EmvDXQr6Y-37dkl0RUjDqjrGlrJg0NrWOXG-VNykugMjwD6PDuWxQjmxow7_GycLdkLfHyHZy5I049gcpzlzWBtw3m5yOvshvkYfmuy-snwGpHoKyOi0RVVeVIVc0EcyFqTJcw_EjQpAVsuPxnrViTU8JKAcq9aPuXYfg_Rm3EiAQQ3GmF0LwLXUJP59w9kvxFmvGJ7ToU_IZlT1Jz_TZhhMVU5xfIL5ETKUGvlYo5XeMp9gYL1bRmND8gbO58R_O1eOdJao8gLCVn8HuwOaMzQdu9Bn8EOTwcBWQQxCqJrB5UWfE8vVt40QSgV4Ngxd3v39L7BDVwJaySCJ-NE-4vGlv8vhuV9VstDklrY9i-_T24zBrEusccYzo8csIlNmW9_Vw1bT-udSXptO9uYLU74U6HKNpt5x-Dedx790w_nociyq2KVqPbH-ls27Gr6r2d2m3PCb0ArCFIPN74Sfdnx9KdXerngThaRhuHuy35-ngnG-sahuMV1QsdP3H6w37jSS1BvJFICCLyWhco7l0UGvTQ885r0NRmGKRKFldPiponTQXQ1yDeBEpFbp3gsRrdOHRZ2oVoQWz3ORgPNc7XdlEI1EqE26rmRgpAXiwuP6d0SV2LVCLtMvj3gSCHOljQQ_Aq5yG75iq08ttDMOM3YenSOiC7zqbY68D_H_laRn8l4qeeO5KHax3J70cWvHu9VK09g9MfwdnNNqLLdpHWkmJGmsEnnwa1B6Z9GtMMkv6xT9spXdYJaX_wlrdWQJlw_FINEy3qT-BpWLlR9EmO_Z30pUIQhfweG6zDczrBcr7Urrz1x7BZi2Cl-7gi5mnc8CP2QYBAaF&sai=AMfl-YQkepQU-I796bNcMM7mTLRRW4Fh3gFJnQ0jw0TAtD4RykPmV1dWLjvWLhVrj5SB3FizB17bxSRMWpWeCslupIk4EUkubRBDyGDCO0CTpFrZyYdgAxPVwUYYSeJMBgmrMgeMkLrB0NPRKjhDUFY0x7zBjAMhtPIGUTgdnuYxPV9-QAdT-SUCIEmblyy-6q5Erh06gTvQbAXDl3RAiF5RvsisucSUF49BLQH4rZzsTvi-nbqlV-USAzyuugUQS59ZZHSDyxSoFauYPvg3PBEQN5CJstBSre-scDDlYHBpqvdAWtFYaS-bejTFLouZkxYDk19IPRyplPNMMquNzS0aVRAfAacaamyuv0Z3ZMhPII2or6P9MGycH805C8BqbK43818RmDln&sig=Cg0ArKJSzH0uEA7AZ5J9EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.55073&adurl=
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 15 Jun 2021 14:05:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 158B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 09:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 09:41:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 158B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CmH_77ad_fzYL4LBw-ai6t973XAdee9_UHJbQWFvVjuz2fZAlXm7qlNM8eKWL7puumu12dqNr4pQyAPgRHQ9Ykzuty3EYXxFKuDU6E7WIdFsUoJ4o
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 158B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 158B 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:14 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410775224219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38028
x-xss-protection
0
expires
Tue, 15 Jun 2021 14:05:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 158B 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Jun 2021 14:01:37 GMT
15449895825255720933
s0.2mdn.net/simgad/ Frame 158B 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15449895825255720933
Requested by
Host: 5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
URL: https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6ad63acd3053ec10bd2f90fb21b580642ef63431a2ac548b7241c045ad3a2dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 08:07:21 GMT
x-content-type-options
nosniff
age
280673
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48653
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 07:15:29 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 08:07:21 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6DE6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 15 Jun 2021 09:41:44 GMT
expires
Wed, 15 Jun 2022 09:41:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
15810
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame A6CF 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXIpxC0WT45z3Y4zr5ysIGxGcBKGVy9VznJKF4RbZmJzweLKvyU-Dzp8npmSaKsSxs40fhMx5oNnv1fIWKMl7Bwz1tNfzT1yqmcJXSW9UydsDvGSouCF_UCRQO3yDkUsl7IY0nXsQp5Jb_hcZO9VG8s7RKEDYzDY-dJsABFrI5b8dAPB3DZaJA_5seETRAJzHjKdLfzDK60yYuKOSA5tg_fdxee0EeD2tiaPYU49P-h-z_BhCCFHNu3EcXtflpHZ-d7xkAxGHVoGi4CMI1FgW3mVlFzzenS8W89wx7e4iZ2cmBj8uTgqjlzhrpAIFN24nnpZEzGRcd-wSVGluF4z9zw7IaiNkLZTe6jgU25jixOVLPfIGpEtrPRlxLSlNEOdAb4Z_Bz2qOUXMr2VPvdx2Jcoi0TzFu8dl_jXuAx2-KvCtwfCqcl4nqtU_3Td9IvC3AaZU_28brbuhVlC8RJIUphv8OOf54ndROrYce9uDrKnT__iAolg_rxKi5e6dZccBCkV7o7Bpuxgwyfp3mDYeFZp07GoU8bINVMMPLX1_vdV6Xn_k5WB6VKb0tSxonGezot1Cd1wB0VYOY1frrh_qe7ecv888RA5NOCpHUvWmfEg5ZGCpS5pw0FcYScTCTY6hwhM13FZY3RU2UctAAtjqM3YJNlaD5AXKKLTAsu4oSimktfM0Ifc9cGgPdqA1HS7E1Z0rwxT-H_nDq3zQ7mv8Y7cNqDfUL8yUD4kWUNcIwNIVPP2ACS2c4pVd3oSU_ViPfOgcPAbbuC-m2-Vj_37xFXSGdwtTCpOrjIFi1l2QpTE8rG7ufSq6Mf9Du9efDYXAdvVqpeCST7LIz4etN5iSyGokui8I301hx6X5CCSC8K3ytB7IaqHbwbrnZIZ0uiKvGR0hOOrLYoARAGT4R-TAb1uyJyN4cgdP0VX71JlhWVqLrSHwlHUWv5-iLqerKHObGGSJR8VJpBVbLFly6ue94AfPIUzkq0KrauB7YfPWoO0pF_v0hHBWOFzuZ95639gRqv1GyJxe6SjGmQEUXzvTFyXG6k8fiscdag4uI969yKaupDp3InYbalATrHUMy3w&sai=AMfl-YQ49r5iF9FluEdBJqWFj7bKXPl-pNKWKosxTVcAubpViqGC3YoMFLJckP216sG0k9JrpoAgXfcVT55LHKLlsVUL5RWDD7Y5PrhUoNOb5pjpekpeCtmtiZQq7gi0eMfxlqONZ76wtmEVFMgfbq7vOTpoyyN_XYwrJ7fHg__QGDYoSqRRxdyhBy61aouDiygo5MzUhdvo70lkg0dmXPmwtbEguWSOSoTbh-Pb6ef6z74iJJPjX0PyQaX9Qj7M3gEQoYAIqMVmLKW8RizXnRStZvkVolZXuaK7v4jYjWGvVVbVWHy5plkvghEls5a6Vv9fs9GAp-dihc23G4ROYXehFn3QdjIW7AO6zO-gpkFbeNkXfkPFrvB_ZD3q_ACJt4Dg_IenIUo6&sig=Cg0ArKJSzA36BQmTDdsvEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=292&vt=11&dtpt=290&dett=2&cstd=0&cisv=r20210607.92108&adurl=
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 14:05:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame A6CF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e10b6492d637de553bfef25bb669b2a0b492124ed5d8b25d378bb9cf61c27a7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 3C2C 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuxQafGPbhCQ-Wr9xWXC7U4TWIFgKYDWK3_hKHaggE1144MfyyOeYa_G_XZK-GbLatLn0Lz7suwTzrZMucfjVIJQm95b1hHWCUOdHHuOqK9Qx5vR-p6A4OuqeEq_U8UIRaURLxXNCvQbkaYN7v1B6dMO7MVQRS_2fIo2bnf6I0vkG1392bXUkpKo9Hmh05WY1KN-wncMKS3zX4O9fyq3cApB_DnmtzskDcloeK-zR7VyPoIaAAhPQcKNy-O7mMQEl0KiAQeMLyvT-HmNHBcjq85AwfUDk0soayOhi9TRytWR5U0tWtL5Fsw7zZ81WrkCprL4bTF6tQsPCkuyQ97TZw3bYX3dYYO2LonWIgPqymhbYXEek8OscyH2xK7v8EUXlKpKVPjrhXbnx3Q-WkJTWUr9HEK1NBnCA3rss5HHEy14m84qyS2vx7T14A3jh0hBCRYXFJWjIvYQp-iAETFPe0haV2QKzHRBRkMAKCe4hrbrKw_Jppqz6oVo3iT2M9Kmzuh8wMhKySquI9s6xQf_CygZtLJsggX_tC3OZWWSnXaHDsO9sjlF9xwZw89kr0Zq8yL41Jty75xfiZW9qwY2zAj1D6edZ9vZxHGF8Ey5VKIR3V498WSaBnm94JBz-rpRMZhLbg3ARSWXY-PMdL3ueHrjmLU9sV7DtLTpoXd7dWU_LIehLqHIJ5KzBxsdaItzMJVR47G6_aN2Tz9FuA0Ul-DBxIshimNA2lsMQsNxBkO2YAf5dmyBJxMrLJUdF3Ga9-kC75MWEhbfzJbruisFb8fSGsgdaabZa5OC-cjzNyS-YEYUsLuAH5q9Y7Lr4nff_y7S8vE8SDql7jooQyg1pLRGIU6sd3Lv7SER9qQMh5Ev-LgrXgrSg6IOtixOFvWwROg7RrSMQgKDCG6DyzJWSAxgNt115-FJRiwaNXaa-_dCl4ZP9ew3muxwaWxIyo1Fhk14KY4dKqinaSbsBIo7iloYElCBLjgZSMSUQqehA6gFvSVwAsgWRD2w9wA2k2VYx8VEjA_oT-qw989hAApxaXC41UL1vsuV_GUauGna1-igWaaylg&sai=AMfl-YRpaMJ-F_Nd0rKcPMFWay8IwiAQVBhtg_vQvx0uKZHTJR9sdcRM4vq25fvWOtR4guQ74IICkzRKdwO_eeePDRpV_Dj2VNj-ckr-DNtY_xlpa_Nm8mutNK_WJekQxsFIOVpWPIM1C3_pwoh0H2uCJi0C3qae_DQT7F63BF6p2T8AMpKpwVaRlbzxylP3HUzxzpkU039zVGrkHR80zarouDGbqXYvoTPX9k80-F4oZHlaIkZwfJi4SqngFukki9xYV57sGYgDJ_7EDoYbQoVcf1P1zfB_cIM75SmLPG8Ork2NSouZgVOUXHM6BqKCDiNqP6asy1gl_EqhLLTsPNtMiIf50zt37PzeGD_7WgGVo1A5xpLkuy_fKHxyoet7o69Zmo1AHKiA&sig=Cg0ArKJSzDKQ76cRrGuKEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=224&vt=11&dtpt=223&dett=2&cstd=0&cisv=r20210607.92019&adurl=
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 14:05:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1033 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 15 Jun 2021 09:41:44 GMT
expires
Wed, 15 Jun 2022 09:41:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
15810
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 158B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstz06-qGCbdOHFgUjizlLjOAMfcFVovE8xTOjqwYz10Zi6O9_8iXi0g3_QxA5SrrjQvVjsJfSotnaPscj-Aetll2FqmRT5_mrcyTtYq7rYcB3pWniUiVoHDr4_XQweqDFVmEbP8kSUQYfI13v0oairW0wIhmwxEijsnXxUcqNZGRZ0oPKB_k8cXkTbo7jY1XrVifyYj7H9xwTdm6KZtAIPq16mOJjP9SvMMwJZao4c6EmvDXQr6Y-37dkl0RUjDqjrGlrJg0NrWOXG-VNykugMjwD6PDuWxQjmxow7_GycLdkLfHyHZy5I049gcpzlzWBtw3m5yOvshvkYfmuy-snwGpHoKyOi0RVVeVIVc0EcyFqTJcw_EjQpAVsuPxnrViTU8JKAcq9aPuXYfg_Rm3EiAQQ3GmF0LwLXUJP59w9kvxFmvGJ7ToU_IZlT1Jz_TZhhMVU5xfIL5ETKUGvlYo5XeMp9gYL1bRmND8gbO58R_O1eOdJao8gLCVn8HuwOaMzQdu9Bn8EOTwcBWQQxCqJrB5UWfE8vVt40QSgV4Ngxd3v39L7BDVwJaySCJ-NE-4vGlv8vhuV9VstDklrY9i-_T24zBrEusccYzo8csIlNmW9_Vw1bT-udSXptO9uYLU74U6HKNpt5x-Dedx790w_nociyq2KVqPbH-ls27Gr6r2d2m3PCb0ArCFIPN74Sfdnx9KdXerngThaRhuHuy35-ngnG-sahuMV1QsdP3H6w37jSS1BvJFICCLyWhco7l0UGvTQ885r0NRmGKRKFldPiponTQXQ1yDeBEpFbp3gsRrdOHRZ2oVoQWz3ORgPNc7XdlEI1EqE26rmRgpAXiwuP6d0SV2LVCLtMvj3gSCHOljQQ_Aq5yG75iq08ttDMOM3YenSOiC7zqbY68D_H_laRn8l4qeeO5KHax3J70cWvHu9VK09g9MfwdnNNqLLdpHWkmJGmsEnnwa1B6Z9GtMMkv6xT9spXdYJaX_wlrdWQJlw_FINEy3qT-BpWLlR9EmO_Z30pUIQhfweG6zDczrBcr7Urrz1x7BZi2Cl-7gi5mnc8CP2QYBAaF&sai=AMfl-YQkepQU-I796bNcMM7mTLRRW4Fh3gFJnQ0jw0TAtD4RykPmV1dWLjvWLhVrj5SB3FizB17bxSRMWpWeCslupIk4EUkubRBDyGDCO0CTpFrZyYdgAxPVwUYYSeJMBgmrMgeMkLrB0NPRKjhDUFY0x7zBjAMhtPIGUTgdnuYxPV9-QAdT-SUCIEmblyy-6q5Erh06gTvQbAXDl3RAiF5RvsisucSUF49BLQH4rZzsTvi-nbqlV-USAzyuugUQS59ZZHSDyxSoFauYPvg3PBEQN5CJstBSre-scDDlYHBpqvdAWtFYaS-bejTFLouZkxYDk19IPRyplPNMMquNzS0aVRAfAacaamyuv0Z3ZMhPII2or6P9MGycH805C8BqbK43818RmDln&sig=Cg0ArKJSzH0uEA7AZ5J9EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=139&vt=11&dtpt=138&dett=2&cstd=0&cisv=r20210607.55073&adurl=
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 14:05:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
pagead2.googlesyndication.com/bg/ Frame ACF8 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
2695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5751
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 13:20:19 GMT
truncated
/ Frame 3C2C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
941a50b77faf4b9b31a28d52e4230f71a604692b199da98073ac195c6c92dc66

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 60E1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 15 Jun 2021 09:41:44 GMT
expires
Wed, 15 Jun 2022 09:41:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
15810
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 158B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fec9f186b792130d66b5689b2a631b00ec88e7db5a2f2859d755a9e84c3c133c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
pagead2.googlesyndication.com/bg/ Frame A37F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:47:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
1074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5768
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 13:47:20 GMT
wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
pagead2.googlesyndication.com/bg/ Frame 170D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:47:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
1074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5768
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 13:47:20 GMT
wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
pagead2.googlesyndication.com/bg/ Frame D1AF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:47:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
1074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5768
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 13:47:20 GMT
wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
pagead2.googlesyndication.com/bg/ Frame 6DE6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:47:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
1074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5768
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 13:47:20 GMT
wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
pagead2.googlesyndication.com/bg/ Frame 1033 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:47:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
1074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5768
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 13:47:20 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061457
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaf181a09430a7ee18136fe6b7645fd3af022504f3413e2a8bafd6ad1f468113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Jun 2021 14:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7932
x-xss-protection
0
Cookie set beacon
ap.lijit.com/ Frame C71F
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=
  • https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
1f27961c0edd13bc5f5c4480a1ea1f4a4d98f6910e1bcb302226a5429082c257

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hip2save.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=1773a5ecbdb1e39485f6492b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hip2save.com/

Response headers

Server
nginx
Date
Tue, 15 Jun 2021 14:05:15 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJxdkDsWwCAIBO9inUL%2BkKvl5e6JPhu2HMBh5Rk0bnKWNBaya%2FBGrTBb6N5ZOgZ1pgkMujg6iRmLqyr6xF%2FJXkl0QqSETKnABozvIQGjr6Dv52KzaCeGfBz9jwL7FPwKfoN5a%2Fd4P3M1VWs%3D;Path=/;Domain=.lijit.com;Expires=Wed, 15-Jun-2022 14:05:15 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=1773a5ecbdb1e39485f6492b;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap4ams1

Redirect headers

Server
nginx
Date
Tue, 15 Jun 2021 14:05:14 GMT
Content-Length
0
Set-Cookie
ljt_reader=1773a5ecbdb1e39485f6492b;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap4ams1
wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
pagead2.googlesyndication.com/bg/ Frame 60E1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:47:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
1074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5768
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 13:47:20 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Tue, 15 Jun 2021 14:05:15 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1FE0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTEZ_XOwKEdp9KLNT0W2rGpXu_VIIzTsCADyDuIxcVZkTojiNUrB74-AAmzClTNHPPY4wmyVAwpVjLcpNk_VU7u55Rwgs0yD9z7ZFIPO_NApgz&sai=AMfl-YR-t5M4hZT591xK0Cv9gLIP6EwoP7J9nK1As8yL1o_oe09pb5x2mDTNksHwbm8Ik9Sxm1tBldEZSppmuLpJiYd77403jSjEGLyPdDKLCbOJdUl8euenJ0epWpZCtfki&sig=Cg0ArKJSzLC3Nay8Hm8lEAE&cid=CAASPeRoQOfRLsGlONZ17e3lhT83WVtFftt9XqM8dR0lpybolCkMFW_d0mBczzowesEdikHPQHc0eIz6-oK04HI&id=lidar2&mcvt=1052&p=621,272,715,1000&mtos=0,1052,1052,1052,1052&tos=0,1052,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3135445327&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623765913100&dlt=9&rpt=1098&isd=0&msd=0&r=v
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 9230 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hip2save.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hip2save.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 15 Jun 2021 13:47:20 GMT
expires
Wed, 15 Jun 2022 13:47:20 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1075
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 331A 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d14bfzriit2hkf.cloudfront.net
URL: https://d14bfzriit2hkf.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4435a1485f9ca7310b217b324977775f407c937fc695416aec3699a76876cc8b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4KKZB0Ttn3JJ4aAYIE39Mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hip2save.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hip2save.com/

Response headers

expires
Tue, 15 Jun 2021 14:05:15 GMT
date
Tue, 15 Jun 2021 14:05:15 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-4KKZB0Ttn3JJ4aAYIE39Mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
no_match_opted_out
um.simpli.fi/ Frame C71F
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1623765915029&gdpr=1&gdpr_consent=
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 15 Jun 2021 14:05:15 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Tue, 15 Jun 2021 14:05:15 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 14 Jun 2021 14:05:15 GMT
merge
ce.lijit.com/ Frame C71F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=V2w8oANvZvpMaGyhWDhyrFA_aa9MOGasVTmhhOdR
43 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=V2w8oANvZvpMaGyhWDhyrFA_aa9MOGasVTmhhOdR
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:15 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=V2w8oANvZvpMaGyhWDhyrFA_aa9MOGasVTmhhOdR
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame C71F
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=9fecadf6-60c9-4b3c-aa13-8623dfe756be
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=9fecadf6-60c9-4b3c-aa13-8623dfe756be
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:15 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=9fecadf6-60c9-4b3c-aa13-8623dfe756be
Date
Tue, 15 Jun 2021 14:05:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame C71F 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.165.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
merge
ce.lijit.com/ Frame C71F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=1773a5ecbdb1e39485f6492b&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=366b60c8-b39b-4b00-be64-5d50f59ac44d&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=366b60c8-b39b-4b00-be64-5d50f59ac44d&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:15 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Tue, 15 Jun 2021 14:05:13 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=366b60c8-b39b-4b00-be64-5d50f59ac44d&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 15 Jun 2021 14:05:12 GMT
getuid
secure.adnxs.com/ Frame C71F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame C71F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=v6d1ieAxIj0YdAEB75tU&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=v6d1ieAxIj0YdAEB75tU&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:15 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=v6d1ieAxIj0YdAEB75tU&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT, Tue, 15 Jun 2021 14:05:15 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame C71F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.151.90 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
83041abbe8494cb29eff3083edd6dff6
Content-Type
image/gif
merge
ce.lijit.com/ Frame C71F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=tBrd0vxM8ZHn&ev=1&pid=558511&gdpr_consent=&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=tBrd0vxM8ZHn&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:15 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=tBrd0vxM8ZHn&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-8474b759f8-n2wtq
expires
-1
merge
ce.lijit.com/ Frame C71F
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=1773a5ecbdb1e39485f6492b&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:4cd2e3791b87cf58effade2b75c1d3b3
  • https://ce.lijit.com/merge?pid=84&3pid=c%3A4cd2e3791b87cf58effade2b75c1d3b3&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c%3A4cd2e3791b87cf58effade2b75c1d3b3&dnr=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:16 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:15 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=84&3pid=c%3A4cd2e3791b87cf58effade2b75c1d3b3&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
tum
ums.acuityplatform.com/ Frame C71F 		0
0
merge
ce.lijit.com/ Frame C71F
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=1870471595941945680
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=1870471595941945680
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:15 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=1870471595941945680
Date
Tue, 15 Jun 2021 14:05:15 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
iu3
aax-eu.amazon-adsystem.com/s/ Frame C71F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:15 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
svr
match.prod.bidr.io/cookie-sync/ Frame C71F 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-246-140.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:15 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
data.adsrvr.org/track/cmf/ Frame C71F 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
noop
px.owneriq.net/ Frame C71F
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent=
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6770523151177022105&ref=%2Feucm%2Fp%2Fsv
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 14:05:16 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 15 Jun 2021 14:05:16 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame C71F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
43 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:15 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame C71F
Redirect Chain
  • https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=%3CPARTNER_UNIQUE_IDENTIFIER%3E?param=NTV_USER_ID&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=90&3pid=%3CPARTNER_UNIQUE_IDENTIFIER%3E?param=NTV_USER_ID&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=90&3pid=%3CPARTNER_UNIQUE_IDENTIFIER%3E?param=NTV_USER_ID&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:16 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:16 GMT
server
nginx/1.12.1
location
https://ce.lijit.com/merge?pid=90&3pid=%3CPARTNER_UNIQUE_IDENTIFIER%3E?param=NTV_USER_ID&gdpr=1&gdpr_consent=
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
reporting
ap.lijit.com/dsp/google/ Frame C71F
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=MTc3M2E1ZWNiZGIxZTM5NDg1ZjY0OTJi&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=MTc3M2E1ZWNiZGIxZTM5NDg1ZjY0OTJi&gdpr=1&google_tc=
  • https://ap.lijit.com/dsp/google/reporting?gdpr=1
43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting?gdpr=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:16 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting?gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame C71F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame C71F
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MTc3M2E1ZWNiZGIxZTM5NDg1ZjY0OTJi&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MTc3M2E1ZWNiZGIxZTM5NDg1ZjY0OTJi&gdpr=1&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MTc3M2E1ZWNiZGIxZTM5NDg1ZjY0OTJi&gdpr=1&google_tc=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MTc3M2E1ZWNiZGIxZTM5NDg1ZjY0OTJi&gdpr=1&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame C71F
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:15 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E425 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=144470
expires
Thu, 17 Jun 2021 06:13:05 GMT
date
Tue, 15 Jun 2021 14:05:15 GMT
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 6E66
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_c...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&g...
776 B
812 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
af11222b11875b0c6720716706dd02f30bc08aa99bf213afa42c39f5b7ef6b0f

Request headers

:method
GET
:authority
us-u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=43976209-e1e9-0b84-22b4-7bcdb30792b3|1623765915
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=43976209-e1e9-0b84-22b4-7bcdb30792b3|1623765915; Version=1; Expires=Wed, 15-Jun-2022 14:05:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1623765915|gekin0vNiygu; Version=1; Expires=Wed, 30-Jun-2021 14:05:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.208.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 15 Jun 2021 14:05:15 GMT
content-type
text/html
content-length
477
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=43976209-e1e9-0b84-22b4-7bcdb30792b3|1623765915; Version=1; Expires=Wed, 15-Jun-2022 14:05:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.208.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
date
Tue, 15 Jun 2021 14:05:15 GMT
content-length
0
via
1.1 google
alt-svc
clear
0608867b
rtb.gumgum.com/usync/ Frame 4611 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0d0437088e7f22e8b5347a68bb8dcd879c23ebdfd95c88088f598230fe7cbaa4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

date
Tue, 15 Jun 2021 14:05:15 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_4bfadd83-1b95-4f71-9cbb-baf7fb6806dc; Domain=.gumgum.com; Expires=Wed, 15-Jun-2022 14:05:15 GMT; Path=/; Secure; SameSite=None
etag
W/"088359fc7801da6878bf9f2f00751df98"
timing-allow-origin
*
content-encoding
gzip
Cookie set merge
ce.lijit.com/ Frame D39E
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=7246318798650462018&gdpr=1&gdpr_consent=
43 B
936 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=7246318798650462018&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
ce.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=1773a5ecbdb1e39485f6492b; ljtrtbexp=eJxdkDsWwCAIBO9inUL%2BkKvl5e6JPhu2HMBh5Rk0bnKWNBaya%2FBGrTBb6N5ZOgZ1pgkMujg6iRmLqyr6xF%2FJXkl0QqSETKnABozvIQGjr6Dv52KzaCeGfBz9jwL7FPwKfoN5a%2Fd4P3M1VWs%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Server
nginx
Date
Tue, 15 Jun 2021 14:05:15 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
_ljtrtb_1=7246318798650462018;Path=/;Domain=.lijit.com;Expires=Wed, 15-Jun-2022 14:05:15 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=1773a5ecbdb1e39485f6492b;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxdkDsWwCAIBO9inUL%2BkKvl5e6JPhu2HMBh5Rk0bnKWNBaya%2FBGrTBb6N5ZOgZ1pgkMujg6iRmLqyr6xF%2FJXkl0QqSETKnABozvIQGjr6Dv52KzaCeGfBz9jwL7FPwKfoN5a%2Fd4P3M1VWs%3D;Path=/;Domain=.lijit.com;Expires=Wed, 15-Jun-2022 14:05:15 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap1ams1

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
set-cookie
uid=7246318798650462018; Domain=.turn.com; Expires=Sun, 12-Dec-2021 14:05:15 GMT; Path=/; Secure; SameSite=None
location
https://ce.lijit.com/merge?pid=1&3pid=7246318798650462018&gdpr=1&gdpr_consent=
content-length
0
date
Tue, 15 Jun 2021 14:05:14 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5536 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13409955&gdpr_consent=&us_privacy=&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=144470
expires
Thu, 17 Jun 2021 06:13:05 GMT
date
Tue, 15 Jun 2021 14:05:15 GMT
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 507B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6QrZiqYZHsx82qvHlEsdx_SPJNhAo8EzgS0g9GqbWVuJxmwN_kxIKm_HJZ_pKZoDVWK9XXAa3nyxnlGw0IgNG-QtlzIaQdyey_Ipbn8r3h1Ul&sai=AMfl-YSyLbAmwf9GtSyrpMt9F-9FzivQnOxR8lVn6rQpfwlY4YqtaIk1i_oCMH0_gvJ97seTWxYAcFH990nPSji8aoCS_nLZlSwPKah1ljwQ8vLRfba55EIyxaFkIa4mgoI&sig=Cg0ArKJSzC65frXJmSlLEAE&cid=CAASPeRo0EGxy-zMivvhBPaWxaI3mzwvQ_VEfH8PD0B-kJ5TuPbwMgilnmy9hRHjxXtwjDepCFwYe1ow4uiIqso&id=lidar2&mcvt=1054&p=267,1143,871,1303&mtos=0,1054,1054,1054,1054&tos=0,1054,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=3825300125&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623765913314&dlt=304&rpt=986&isd=0&msd=0&r=v
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
465.json
id5-sync.com/g/v2/ 		213 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/465.json
Requested by
Host: hip2save.com
URL: https://hip2save.com/wp-content/themes/hip2save/inc/ads/prebid.min.js?ver4.34.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.30 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e262d2ff180c0022eda20db4bc1d99e431f53a9a832b924b52858d5bf0408df5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://hip2save.com
Date
Tue, 15 Jun 2021 14:05:07 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Tue, 15 Jun 2021 14:05:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
activeview
pagead2.googlesyndication.com/pcs/ Frame EB87 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2cInutz_tk1b8P-S2lLRIWsDfAjgqoLLKIDpQlcfSk2-mjATGptH7H8u2Q-GDG8zI_ECgdNN8ecW0VkJYZe0GKw8JnaqchW2WlEQBdhfmHU3p&sai=AMfl-YQn0Mr8jo9rIodrK1o4nQiNWKuScKl35S_znAYG3Lsvn4oxyH2RBbjmpSG-q8coSPNbW4hzTfZDCWI6yV7qPnXUgNVDCxBOcmA_bdwAmilml0_w_eT_Z993vPMeo60&sig=Cg0ArKJSzKqCCZiXzqvEEAE&cid=CAASPeRoqVFPZS41xC-1Fz3RcL6mMvp_dpNkec_AIaEoYfhpObu6YhLvW8KNZ7un1mgJ8NS5JrgLPd99wY7VyjY&id=lidar2&mcvt=1060&p=897,1143,1151,1443&mtos=0,1060,1060,1060,1060&tos=0,1060,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=233627267&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623765913380&dlt=41&rpt=1149&isd=0&msd=0&r=v
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E425 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83430375&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:15 GMT
content-length
0
Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
pagead2.googlesyndication.com/bg/ Frame 9230 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
2696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5751
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 13:20:19 GMT
usersync
rtb.gumgum.com/ Frame 4611
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://rtb.gumgum.com/usersync?b=apn&i=6533026198420339972
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=6533026198420339972
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:16 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:15 GMT
X-Proxy-Origin
37.120.211.156; 37.120.211.156; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid
b8a76f02-973f-40f1-b3a9-3f2676d06eed
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=6533026198420339972
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 4611 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_4bfadd83-1b95-4f71-9cbb-baf7fb6806dc&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.165.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usersync
rtb.gumgum.com/ Frame 4611
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28ITcx9bGr9nb4RtOwVmYr1AhlihrtOe0O22vcGxC-k3DgthXZpedFgypI3tHbFZOb%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28ITcx9bGr9nb4RtOwVmYr1AhlihrtOe0O22vcGxC-k3DgthXZpedFgypI3tHbFZOb%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28ITcx9bGr9nb4RtOwVmYr1AhlihrtOe0O22vcGxC-k3DgthXZpedFgypI3tHbFZOb%29
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:16 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28ITcx9bGr9nb4RtOwVmYr1AhlihrtOe0O22vcGxC-k3DgthXZpedFgypI3tHbFZOb%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28ITcx9bGr9nb4RtOwVmYr1AhlihrtOe0O22vcGxC-k3DgthXZpedFgypI3tHbFZOb%29
Date
Tue, 15 Jun 2021 14:05:16 GMT
Connection
close
X-TraceId
7e7242becdade0b1995a5f4031cdf58
Content-Length
0
usersync
rtb.gumgum.com/ Frame 4611
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=6706f920-607b-0c25-1f19-a3c81f70a008
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=6706f920-607b-0c25-1f19-a3c81f70a008
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Tue, 15 Jun 2021 14:05:15 GMT
content-encoding
gzip
server
OXGW/16.208.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=6706f920-607b-0c25-1f19-a3c81f70a008
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
sync.srv.stackadapt.com/ Frame 4611 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.192.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 15 Jun 2021 14:05:16 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync
rtb.gumgum.com/ Frame 4611
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-eqeJjk1E2pfSUyYBw7hpUrN7YoXC7T8aaU98~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-eqeJjk1E2pfSUyYBw7hpUrN7YoXC7T8aaU98~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Tue, 15 Jun 2021 14:05:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-eqeJjk1E2pfSUyYBw7hpUrN7YoXC7T8aaU98~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 4611
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=b5e070f4-cde2-11eb-b0c9-ab9b4f01ea39
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=b5e070f4-cde2-11eb-b0c9-ab9b4f01ea39
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:16 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=b5e070f4-cde2-11eb-b0c9-ab9b4f01ea39
Date
Tue, 15 Jun 2021 14:05:15 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
b5e070f5-cde2-11eb-b0c9-ab9b4f01ea39
services
sync.technoratimedia.com/ Frame 4611 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:17 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
228078941
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 4611 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:15 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame 4611
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4bfadd83-1b95-4f71-9cbb-baf7fb6806dc&gdpr=1&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:16 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 4611
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=d9a2d35c-5cdf-4b8b-9969-7432da249235
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=d9a2d35c-5cdf-4b8b-9969-7432da249235
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:16 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=d9a2d35c-5cdf-4b8b-9969-7432da249235
date
Tue, 15 Jun 2021 14:05:15 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 4611
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=251763380
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=251763380
  • https://sync.1rx.io/usersync/tradedesk/84d41236-737b-46bf-98d9-38446d05fbd4
  • https://sync.targeting.unrulymedia.com/csync/RX-ece9cba5-b72d-4ee4-a564-c50be5a8c74e-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-ece9cba5-b72d-4ee4-a564-c50be5a8c74e-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-ece9cba5-b72d-4ee4-a564-c50be5a8c74e-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-ece9cba5-b72d-4ee4-a564-c50be5a8c74e-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:16 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-ece9cba5-b72d-4ee4-a564-c50be5a8c74e-003
date
Tue, 15 Jun 2021 14:05:16 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXece9cba5b72d4ee4a564c50be5a8c74e003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 4611
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=0RKjXkwAWISY&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=0RKjXkwAWISY&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=0RKjXkwAWISY&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-8474b759f8-n2wtq
expires
-1
merge
ce.lijit.com/ Frame 4611 		43 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=36&3pid=e_4bfadd83-1b95-4f71-9cbb-baf7fb6806dc
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:16 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 1BF3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=366b60c8-b39b-4b00-be64-5d50f59ac44d&gdpr=1&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=366b60c8-b39b-4b00-be64-5d50f59ac44d&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=366b60c8-b39b-4b00-be64-5d50f59ac44d&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_4bfadd83-1b95-4f71-9cbb-baf7fb6806dc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Tue, 15 Jun 2021 14:05:15 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Tue, 15 Jun 2021 14:05:13 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3759 5f8f15b master cdg-pixel-x26
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=366b60c8-b39b-4b00-be64-5d50f59ac44d&gdpr=1&gdpr_consent=
Expires
Tue, 15 Jun 2021 14:05:12 GMT
usersync
rtb.gumgum.com/ Frame B650
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YMizmwABuseZJQAC
  • https://rtb.gumgum.com/usersync?b=atm&i=YMizmwABuseZJQAC&gdpr=1&gdpr_consent=&_test=YMizmwABuseZJQAC
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YMizmwABuseZJQAC&gdpr=1&gdpr_consent=&_test=YMizmwABuseZJQAC
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YMizmwABuseZJQAC&gdpr=1&gdpr_consent=&_test=YMizmwABuseZJQAC
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Tue, 15 Jun 2021 14:05:16 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YMizmwABuseZJQAC&gdpr=1&gdpr_consent=&_test=YMizmwABuseZJQAC
accept-ranges
bytes
date
Tue, 15 Jun 2021 14:05:16 GMT
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1623765916.022805,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2824 		170 B
523 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80YmZhZGQ4My0xYjk1LTRmNzEtOWNiYi1iYWY3ZmI2ODA2ZGM=&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV80YmZhZGQ4My0xYjk1LTRmNzEtOWNiYi1iYWY3ZmI2ODA2ZGM=&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUledft6o7uq311TwOQcC6QH_XhJURbSk05yrWHKORTJHjnBHy4HrvZwaF4i
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Tue, 15 Jun 2021 14:05:15 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4181 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=144470
expires
Thu, 17 Jun 2021 06:13:05 GMT
date
Tue, 15 Jun 2021 14:05:15 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 97FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.24 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-110.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Tue, 15 Jun 2021 14:05:16 GMT
generic
match.adsrvr.org/track/cmf/ Frame 00CC 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method
GET
:authority
match.adsrvr.org
:scheme
https
:path
/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Tue, 15 Jun 2021 14:05:15 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame A70B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Tue, 15 Jun 2021 14:05:16 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame BEC8
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YMizncCo5soAAFVfuaUAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YMizncCo5soAAFVfuaUAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YMizncCo5soAAFVfuaUAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Tue, 15 Jun 2021 14:05:17 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Tue, 15 Jun 2021 14:05:17 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YMizncCo5soAAFVfuaUAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
2
X-SO-HostName
a-ad40161.dc2p.scaleout.jp
X-SO-LB-Hostname
a-tgng40006.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":25,"gdpr":true,"ipv4":"0.0.0.0","key":"YMizncCo5soAAFVfuaUAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40161"}
X-SO-Key
YMizncCo5soAAFVfuaUAAAAA
X-SO-IP
37.120.211.156
X-SO-Cluster-ID
25
X-SO-Upstream-ID
a-ad40161
usersync
rtb.gumgum.com/ Frame 9A9B
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1870471595941945680
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1870471595941945680
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1870471595941945680
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_4bfadd83-1b95-4f71-9cbb-baf7fb6806dc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Tue, 15 Jun 2021 14:05:15 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Tue, 15 Jun 2021 14:05:15 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAADvEyGtoZmRsbmZqaWhqamm8SgyJb25uAgA61DZpIAAAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 10 Jul 2022 14:05:15 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NLU0MbQ0MTWzMBDiM9TNDK3M1a0o8Iu0zC2R4jU0MzI2NzO1NDQ1tTQGAJxWsDw0AAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 10 Jul 2022 14:05:15 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NLU0MbQ0MTWzMBDiM9TNDK3M1a0o8Iu0zC0BAHu3bxwlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1870471595941945680
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 0B41
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://rtb.gumgum.com/usersync?b=rth&i=v6d1ieAxIj0YdAEB75tU&pi=gumgum
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=v6d1ieAxIj0YdAEB75tU&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=v6d1ieAxIj0YdAEB75tU&pi=gumgum
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_4bfadd83-1b95-4f71-9cbb-baf7fb6806dc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Tue, 15 Jun 2021 14:05:15 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Tue, 15 Jun 2021 14:05:15 GMT Tue, 15 Jun 2021 14:05:15 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=v6d1ieAxIj0YdAEB75tU&pi=gumgum
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
merge
ce.lijit.com/ Frame 6E66 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=fcd58390-a2da-0e7e-3fde-0583af919e1c&gdpr=1&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Jun 2021 14:05:15 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 6E66
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=366b60c8-b39b-4b00-be64-5d50f59ac44d
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=366b60c8-b39b-4b00-be64-5d50f59ac44d
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=366b60c8-b39b-4b00-be64-5d50f59ac44d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=366b60c8-b39b-4b00-be64-5d50f59ac44d
date
Tue, 15 Jun 2021 14:05:15 GMT
via
1.1 google
server
OXGW/16.208.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sd
us-u.openx.net/w/1.0/ Frame 6E66
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=bSdZCzkkA1F2IwkKYnMXB2p0DAR2cwMHb3Lh8XRc
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=bSdZCzkkA1F2IwkKYnMXB2p0DAR2cwMHb3Lh8XRc
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=bSdZCzkkA1F2IwkKYnMXB2p0DAR2cwMHb3Lh8XRc
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 6E66
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2213873559386699443
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2213873559386699443
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:17 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:16 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2213873559386699443
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 6E66 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=903b5d50-486e-3473-7862-b325d720a14e&gdpr=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6E66 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmM1NDhlOWEtODExOS02YWQ3LTZkODItZTk5YzFkYzI2ZjJl
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6E66
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHeEzhnulA7tWQOICArl49M&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEHeEzhnulA7tWQOICArl49M&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEHeEzhnulA7tWQOICArl49M&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:16 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEHeEzhnulA7tWQOICArl49M&google_cver=1
date
Tue, 15 Jun 2021 14:05:15 GMT
via
1.1 google
server
OXGW/16.208.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
gen_204
pagead2.googlesyndication.com/pagead/ Frame ACF8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bto1dmbPIYKbJCsqArAT3m46QCQAAAAA4AeAEAg&bg=!Y2ClYCTNAAY6sG-_OrA7ACkAdvg8WjICKjZ7hqx13grjkCkNoOAwBgDKyccA4q5PsGPzceuMZqPIcgIAAAKoUgAAAHhoAQeZArVD3yHTjQ3h1FQQ8c97UiQg1CBKlQIm7cuZV14OmPUWC7uatYX0tS4JanqUJa4YmtNjAt5fqT3-0ihmxKVVRus6WFneDTV1cnYNClHw_cnLT7s_h02CDf6hA_H0F8bMy__vj0DxNU8k9UU4ZYIcvd64bSgQBxpfaO1b58fDPEfxg4T9oVRosTsmFcZ3RS6XBeXMXlSHnoWvyj1e_U2ZHKQkKHYbG3iPtvShN7vKRKyxWtblj25dPYN1KK-XO_4A981aR5sM8pvTyAVT6Pc-pnQ7A18QDc7QCWs3c5d5gxmF0qeICCUOwOtBVZL36a6dhOen3RI7FSlUqERyAXnq_cbJCW93LQgggRe42DXwmb5MBIJirQTDRS8TUGk7nUZH4ZaDp1yaL_H6P6Jm7DNfS9IkwdoU7ZAkbSeZpXdmej48sjDM1hkOWqNZ3gO3kB8-ZHEWTEkFZcf75RStP3spogV-UqZeJkakZTn-aUOLxWtSKSDZ2wVcwfC8cm9-jONrsSGQqxJBUEt5BJLKo_Cxxo2Vfzx89Q3YBX58JR-TMZ42xN8VqHp3j0ah7jXycDYJ064Qv9x4Jd1tl8aCunKtxNHEE0w_Co26WhlmeUp0_6bJ2yy6tM5aJIPqvtMpQvbS4xRg_pVhv7beT2t2BgRmskuJi3uK14QkKbO2rBzvSrlv-Xo853yUQ7NFQgR5Zj8upqtEyfPLfflFbNkCg1cwp1AGpwST4zFkS5JpYKCN8ueYW2GfMidAgatAUlASzmzr0gn27u0E84SRnkOPRMDqYpUXOFhlaMIQXDBlVzMYt9MEpLpNGk0vmbqKvSm-5MIZkTCG64CoU6LNA97vpxHQvM_PTYTpdXa_2cf4jX-yx2G3Ca9eU83Cq9LqLbfFQyIr2xEkbg-jlsImKQyuyQt37UJ3lxgGE6w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3C2C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjbuaTE8K_bqr4o3nSR-EKkUiaSp5dkWQHMTPSrWk8AA7Jo_YjKB2_2uvGfC3bOJUhGYOeY42u4GdAJuZWJJSdtuxYjBrxkFIXPdLPr7rye0bC&sai=AMfl-YRQ0TNtBmAhKZunZC2jTe_61UPAnmOIeva1C4lohGmUTmAdIgncsL7mJjB2n9_QlUdUaClR8v3p-UcfWizT49qcsQwFcknLWrKmgc_UZ3VA1_Sq3K4_Kly-1x6486fp&sig=Cg0ArKJSzIxX-9a07OY-EAE&cid=CAASPeRoByT51lvl9MzO6-VAVEDS1dVQbSpPRtVfxDZy42F252F0o8EUzvbaDRNo9Ed3OFfTPoX1aB4Jt8mRres&id=lidar2&mcvt=1124&p=1110,436,1204,1164&mtos=0,1124,1124,1124,1124&tos=0,1124,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=121892516&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623765913742&dlt=198&rpt=1&isd=0&msd=0&r=v
Requested by
Host: hip2save.com
URL: https://hip2save.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A37F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bl1WzmLPIYPOwH8XYgAe63ajgBwAAAAA4AeAEAg&bg=!vb6lvvrNAAY6sG-_OrA7ACkAdvg8WgQHsB3TgPV-FlAbyE5K87uuf4QHpYU1Lfx0iWLfKfV_zIY7kwIAAALOUgAAALdoAQcKALnmk366X7HwfoU9m2OqGj_h1zGgcNLx1NZVLNF4Qu4IIdHA7-ZNc9Cw4paWR4h_ilwLTkaDp8ohpNE2UxesDaHx8bgIgI3uxzuQh0mN9g6lmnGKOgBkEE9d5Kz8KAeHGGCAWTJGrnYDlanYfg4u-A1-LQfyFxGPwsNPrX0lLrsNOG3XdpjU82NLUWabqyFVlY2_HZMIax4GuF4k0GnBQfFtZ9mumVKml8KLMK-WN-eKPy4pDfrYFwAtr5kC0yodNNgNL2zcjFbiWQl_nqmCuWcTQD9ZXsmYLR0rsjj_2zX1hUGXSTAuqr__W2ix1fjj6G7RPpW18CbP1nNzfZrpKgeIEFufvOToGK7yrUO7thgw_CkLWYR2BFvkrV6aNP-SPRdbOWH76SLWJVwcUUTaYe5mfz2lNgii2zrkdD76bVfXAqcWhWhOGp85KDL_Hy3O5uMkq2gJhxxpnmxnhSQqYpMYC27z7JzFjJO1t9dtcf3gpvXzaFXbPiWxEzoCDpBrwpl4B0QXLY0aFXGNvSSJEx2b3HI7jn86Gceht98aBy1-eEaTsK5vg_6q2wwVT9G21-qEEZNcl8QrQrpwtvWPBPpyNPZfrRBpH6UQfR9ReVrUzD1xC7L6MKNrKlMgm9Rtak9pkxgMhkHyPG2PHekFHq3wxEX0m-31bA3nowr3tmY7XLZZs2-ingOkT-GjPpEZzxz-F-wJ5GStQDjX-QLIJzoGV8r-HSy0FOdecc-fJ7H8AA2pNeldxRAIx3NPJdZ4C47GC8T6RhGjqpBOSi3sWtNm8Z_adRCZpJ9OtOg-p93HO0gpyPeEAkpUhhJpxQX3CrsAkM-DLMlE4JWDH1PPAiaEg_jFcJxQldncbYKjOUUk7pzd_02a0ni8PhADR5QA-8pMk0Yyix-uv4oUFQk09jThDfdhOomaTI5TryRVemEZgQ0m0QQuzcVExy52EXoT9R7qYe-etPbM0iGBRaR2QOfbFYgRXd7c0uFfCSDvecyXoUM9QKmpT0A_FU4E7bazn367lO641eFwkImjkUOAxF5C1-Mwx6xmVeKS5rKmTJTfk6k5SQwfigunwLb8BOWcBwwpqJGFB2m186y5M5Dj2ImGP64xDNydtLkyR8WTc97uWkAWFv2wgJb_Qst1XIBrQKiNAoHhbBgyZjr2UOkuiuEPhDxtTG4Jgh-j3a_Yvo0cmtRnNUTwhD2ECayRuGQrTA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 170D 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BI6yvmLPIYPeDKJOQ4gHwmqWIDgAAAAA4AeAEAg&bg=!Dg2lDUnNAAY6sG-_OrA7ACkAdvg8Wl38tzPz2G1UYaJOetEnp8AVBdSQMxoeAHFWNM8T_f19M3AeagIAAALEUgAAALpoAQcKABCNt9khs3pnh3n0rOqv0TZ0mQMTLXIzTo3SL2lthnRjZ5--DjpNNyVW2xryqyFXxz-5EumKx4eTrvNXHdq1vdchZiIuBZyQOY27b_okjJDBzaXgKE5eU7TdVrJgV9YlloaAKPY4WoSTXmkEV-85y39y4t23iY9ZHyghYge3laPXH53mHskVhJWx-_vr31WyATExklh4Wi2bHcNfdHzFv3WG8H2KgDTdR1qfE8ykDRHexQ3RrDwnSX4BDm9B_1uPCND5dOeUph4O5YYMiHbnAzr7vdv6TQh80MCaW3euWhqcLymGAkfoOL6hX2G4-AZ1j_aB9e6NNUVcaYvnGh96PzL7EYQtb0rGtD-o9Dug8m-khy0GivT8Ot2G28hMpDNQ29YJd4lrDo1KWaeuvOHLQM_QXfrhR_Ep_EQqNfryT2dKzt5ke0usEe98gZIYyBi2QBvkA6H0qVxNj1wVSF39n5IoTnJVcH-gCSLhCURchvCHWDNA92ZYuZN4rUFM0UOHpCgg1kvG6djk7w0uF1C9msetbLR51XCA8CFytyJAjEMcxPwBIhGYwUe5Z3hxREl6ZXW0ylSxEXwcEhL0PU0bx1R9BJ8U8NYVLIBR2S_7gUlaE07mTvKFu4akX_BiRkWbePRZAx_SND-hlLTuaNaJzfaOzLgbhX98KFfAXufVIxPxr0XcHY1NlflofySG-bywZKlOHzA4qfYWBtnQYgnlCICVSo8WFKetaa64LppcCSgHbzF2ZRh7jZEKNKmMNzTkq6GnpkvyVYMmJ_E9JSDRb7JXh3PNnJReBQJI70b0Bk9jY4sTJiBJxVbBOePdiliGFMcdulH3-hq8s2yCIGYrZg23UhcFejSd63LV0wh5n_oLnWiUZ6BLnPUGMM9XHZuVhtQn9QrAcNHtToBnHqtVhmZ4rAkgt5Zimno1N577OUX_s4NqqgGpNyLvbbeCYeNM9ChdWvv8BErnORpGp7yn0-AuQ9VIj35TsVYmQZTEA_kC_dsjKoUcTZh3PpPu3KFzgVoApkKvWagUqJ5qExRsKmNsEKIN3KPs3ZRPX_3-xWxr5DEorOZHdw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D1AF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMwOpmLPIYL6GLtmOgAe67ZLwAQAAAAA4AeAEAg&bg=!iomlic3NAAY6sG-_OrA7ACkAdvg8WhYHKMbjbty_YhdK_q2BFRHyTH9flWIzdILEuDn5AeYc0G0dKQIAAALKUgAAAL5oAQcKANub8F1nCpgwcmX1IbjYJajE_gvsM1uFwpTQgpNx-AgB44c2YyEeIGUiBelttNe4MtniVNEbfsHMnIjcFxh3gMQB5eOj9zum3es0ZOXlatYy1TUeyCPsfmAlpDIpwbe4kdaEYn68qYSAe64zIancYquwO3cZmMkZoIW5v6zyZbL1XcTOdzqo_gGdqmZITphNcRPvNU0e8oYdF6LF5Oed5pcl_UKKfzxC9QC2dhEDHePMcQFDeSPj26ByfHJ6Xqdd-y-EsiQmVrbKskqUXJLDwufVjSpu-NkiBIXHbt-ZArGKeOadMqElp-dOx1Xr624eedCTKvzNSAyHxOo8Jf5VD82fMCoWIiD3H2_Omv1n_MWZs9X9smRCs2ZYAVmPpk1C-QwOLfM7hGnOZHj5ALgkC1IVLwiiSuBAyhsLCGVWd1exfVXOD_3jramG1TZHXVpipa6zyQtq2RiyV_gEgd5knYikhMfE8xxd3SGQU81n-PlU5pvnZdpN__vE21Ib-j3G1POVPRQ6m67SLXZvzNecN1FTs7zrqZDZ6xyLQ4FDkIq1B9isLN-tWFNM9xZ3R4GOigLEvGbljVXya_q8ssRQprO6zL7uJ9xjmvAdZDajJHYSl6OWejhtjyA-31RLLc4bRLFWUQVHFZtgUDqUwecaHAOuRJBgLUZl0avbtFT5zcAo39MqJIIeojxRVpOKWHN6ASuMepp3at7RjMsg46uOrBS-NyHibMfYvDUFJ_t84ADFAODUmtDYulEPFXYjpRmvdFj1-1N9odwDzh_1XMT9avoWgjql0DG271mqTthMEXIlaHWZqXP-ZLNEYjuTlVNVj3CaGaTMgwELC5-hG7uYa1iDoYmt0W-TbwEeRf9Xhsrs1J0oHCg9PFBI2v6haehecV1XRuTfGz7x2GnMjRNtjoIJU0I84vEL19Z5ylNFYAmoIYZvrJiCpH_dvje4pzXy-hpM24fbncu2MO66cKKAmPizI7MN8GfS-u7NkYAXUhlqzncSIKVcNi-sk4VjkkppM8r73mBjUvnPBMZN3_q_oImM27dG7pZoC3zabOCJ6qfLUrVCd2-0FgaOiOBsMzDHI57miTKtKxaC5rMqleBl45kU-ef3iWxfVku5tvJo4GwPY12pjMZMx9U1zkByC5WsMmskoyTRXsx0VopMnewi_RPB0kNX7oRo5s8bk1MUqZIZOhWnM6CMT3exaSHu_fb_uQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DE6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0AZzmLPIYNifMMWWgQeAwKKgAQAAAAA4AeAEAg&bg=!W1ilWBzNAAY6sG-_OrA7ACkAdvg8Wh1aF7lcwppHri7VYS_QHoibjC0a6bM0IeQ6c7SU7zlWwwh0KgIAAALqUgAAAGBoAQeZArpQ35KCHNAkRaLuVCOq57_Kw8T9kfghZ2GSfVz0kOOWu_HheA6EivknWWbRjUbaaI8jIjiYJ5SXDTf6QRFPfBk2CHiKqgXGFF48g_IsyMwDdO54KLhWRGrMELuPtzPFiVojKnItmUdwpn_GgmeM2NPOrIE0-t2QqD47C_JPJV1FcluF-pxIafvwLZRWKW8S5Fw_yG2rcDERSjh2MJrYepgvvtgND6pY88mtzWrRrZbyvr9QyozwGBLtRuNju2b5JJ34L-74Uuuvgj6VJkj_y5QRJuz1DesJfxPgW_-VqDSKznfx6u_5Ud2IPRs4-cO4Vc4azB-UI_OKGgYO0lHMDvOU28z4vsyHPsbeRiIetEGtF0bpvYYvGtgBvNpfLhAlQyp3mf68b49tgsmxmIM0-Z4GbfjKVa3lVGtmOYWK8tR9vrMh83zwd6LZV8k2s9YXwPsr29FXsWXguMYJIlUUsGmxs3Lsolu9gja3gOpVrD5CcU1GKdyZFSU5NTxGlJ6guae_24xo8ypl73lMdfRnwbbOaAXOyMdIuekkvIvK01D3XvEJeYm-b6PClHq6mZcoIiJ0bkh-Qmg51fKzU4LJWWpzY6invDwIhsveURCa_jzBr92tn78dSN7Tjgaebb0ThqK13ips5koQg9XBLrdEb3iJwe14W8icCpCRZxORhhvqnla3krDzIGL6PMHwdYWlfG6Hr0I2_ZbisKfwTKHwSClxCdtKcNhR0kNy0hSARuk9FPM6nWbagLj7u_WsLL0ZXUVB5FTD_A_VbEHEzt2DKuJRsfEqSVSMAh44UzzysHU6RbHTkeD0qkcQ3sZGsj5ODOQ4Zu82wmTtLrI1hmLJqmCa9SRNcb-nbpFMF84zwfy5tWEN6aDTrLUJRUW2gqPOMow4S4N4-WDLC44iM3rKeFGgWN7P8zFElbU9gw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4181 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67368060&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 14:05:14 GMT
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1033 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkCmpmLPIYJeWNdTF-gae656gBAAAAAA4AeAEAg&bg=!5-Sl5KDNAAY6sG-_OrA7ACkAdvg8WpDkIP1-fkAmDRxgmnJ_FRksGukl-_YcLybnTZrfB15wICPhdAIAAANRUgAAAEZoAQeZArnzRVFaVb_8o0bus9Pr7omnxhhNpDYM12MwhTihgv5IPOQK3yQQrUoJhDR6qAmutSDATmqXJhK-rSVehffLVzp92n2pB5cGao7kr-6T8IgGJEJ8D9mtz6zHInk7HDB18uc66TC2VPjy9Xw7zmoVw_BN8xZwFZolQ9nH69bwRPdFJM1aq2U7Q1Phn0UkIy-CGDbIvxPPQwAIaP1dTE1gOvumWz7mJcHKZbvu546A1qXtzCXMtcTZ8qaAxQ1MpGbww50ArFLvfA4pCX2b4c__B3YaD3tVs6T9fCtG8giKFiQyWbALr8TDPkHrVmwOzimtURmgBYUPkx8ZSUI8dr10OCdE3ydkn4E8zEc-jRBeXEymbXE8W5Sm1UZ8PucJA_YZA_1erAwc2RT4Pd30fJcXVGCMRn72ys_MVv6uc1pzvOe-E0LJxNS8WBfuS9C9FoFojiCXlC2TmgGoTOcWSAH23q7ohv9-HJDmIF8zDPqwA-BI7FUA3iFdl87lYQ02we8TtiH3kHfLE4AY0O6X63IeRJgarzNZqGqZBThrWaw_6YkZ3iqeIUQVx2DaD6Ntyhpqf7LXloPVRb0RgTLrhnlk88NqXHXsQsf2Faba20PaBGkPNVF5w0BjiGCiFWvdsvtyVqh4OC0SEHTfR52MtHT0PrmtIqByVDEyJLYhcEyQTaUwt_xFHf3Hroej9hgwum1xkBjaKUa3vNMfQxUaQ9LkVHlmG-alDmCxOjBpzg0yZizJavajrrfvHDWjJG8QOBJ0LVwUFamL2WaDgbzai8XEBT6QA6tUExVSrKEWmWjRTC7XQ5wmAYzTQ4YDLZlxwEq1yAc1T2pTIjncOGH9hkftBz85OI7xs2ZtbrmE6Ll-dD2dj0_CX0nLXyEgLqJ5AG-5auic8XcBitLH1AVwMxVNTFDctgOAYmHSVwvp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 60E1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHK0UmLPIYJnSHcq5gAfYrb2oDAAAAAA4AeAEAg&bg=!1Nel15PNAAY6sG-_OrA7ACkAdvg8WplmcifnxL0-4NGrTGGM44_-0W1lxbF1KMn6OwGTjk0dUNyyZgIAAAMcUgAAAD9oAQcKAFNpbQHZaK54IiEUd5LSsZXca6L6ESB5WsGlbi65YOSAYkDjV6N3igCrjsgavjX0jhNObU3VNIgrYY7dVyuPWRwkmeVR3pqSoP6igIBnWOBvZsTdMJkCt0Esw22c7sIR_wsFx1pgoqWw4ZoFU1MNCfHgSGt4jotLDQC5KBbHIdQabjNukoqA0ghibhq3Yci-0-_Nz3J33CArFj7Mfelszk_T1szahi6KQ53L6zDih3a7abiOuC_CVEv-QkpPrnWNt4lY6GZ5TtwXpiqO6n7HdX8eZM0g81tHas8pewWsfnNyqSqJ2QcAGQhAi7QvWslcNKsdFn8NV-MlLj5nKK8epLRQx_7OqrSUggnglK5qjs82tGLhg3BLZ01rKnVnCX31IHC22y7bI0XphSTIJUJeINrqwwTl8_oajiDpSY8ut3HUm98b5N3rVdE_GwZ2KwwB7Fm293D2RWu4E3vIWf47ChRrcKyX4TEqNFby1ID65c9GfFmfFKyVE7sJkflT21Onktgaup3A0DYZXVLEImu5tsOpXfU7ueeKX7dS__uZVsdcQsrQ0bpyiXPdp7YL0dSjkEtrwPxle3lEkC7JuhFeTkf7OEwG_KZkbk-s5Lm4qWm1PhJb6ASJiLaBDPi_zBNuu9eAiTFkvdtb31B7EiL0_9sq_hk0cHeHq_sVJwe37hieDg6vSQNDLtLOCbgb0_qm9dOU-DnVcH14CycaYpQ9aYWXNrehkbOkA8_oQSA1skYelJCZHU3ls0J23YzaLfVPHimcSvj5WdzGk0GsQxUDshBG78Lm78nA8ADtONOKVzfgci5wDMFoxv-j86rXWquuSY-FBUBEpRW5WCEaaVSPmwegDjizMG3mMbq0Nu46tUawOVgZZHCMuviX68apL8s6xHRDgElfZ9YF3SXUdg4ZK3IAgGEz2DFOrDdxh1UdMiIrliEm4D0MQy4cTSOGsfeOobxXxaBfqVo0dk4zHez_B5wDKypg17P_cfB9OK0_bfT8ogQIkhZrHP33JlO5-98ur1Cc1XNvs0PCzXWFl5u5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060901&jk=2736475609371151&bg=!RkWlRQHNAAY6sG-_OrA7ACkAdvg8WiLWRyVz-4syK9SN3cUuTzzdNcp4UL76nKSLwGQ7DmLU0BWyQgIAAADTUgAAAA5oAQcKAI3gBTFNqMswRBQYtyh1MwgsZUVauh1D11yd5VZ89aQI4UpEfC4KLwaLEN3qAHEtkjtzRqwQBGg2CtMVS7WLTVK7WYJnNfYQV5fel3K-fes4qw6iRtyaF563xZf-9IY_I1wsWomO6VKPRlln20XXiI2T6IzPv21oiMPOiMWVo6fMstnFtUryQrLvcHN67wKZAmtqScJr0iXqjZ--VxI433tDpz7O6miH--HRUHzRt-t5z4MdvWxNZaiw7yII2MxMTEUUP8Hen7jEaNj0KVi60Qx9TbkOiv6D3EHdywH3-zUp0HjgpOfjvZwbZMzUMOM7aTMAmR4Tigpzej_rN7ZZ8ygiiDx_fAFYxSogX3JzyjiNSpm8IiYCNovSXyB4RuVWqmWeYTTZjV0_27Cpf97HIS7svLvHlWQQj9Ep8uN4XHx0Vt7bprKoXnRuQjqYOM0I8c1O_W4VsFmGewNkpmSviF3jdeN_mx507CoIirumbUKOM2F69d-KTFpiK07l1PBstV7vU9y5aUn1pv8OgI7SXlAb7lEg9TPG35bOv63EmDqsTC6fnW7RwYFqY1lkN8wCC2OstirYzPiXE4mcUeN1IBbWCxrKm0n6faenThJMTBrwMBE3Q0NWqxEmJwE23xjqyzdO7aLnyuebPq1FH0sV3dV4SwbyzZhS7ZzKO5kL87HYTE8gvi6hrSTOst9f4ixGHs7ZGzmvWJ8wRNe5-IVBbF61FUl1I-WTb0GegB9m9FuJ96dgLx4x29_UPjM57a3ULN9rzeeHqemBb97MTugFcrvPWuvuLLBNna8inHz3ey49yd21wMwGcBWPTprcegVeel9_CfW-1evrY3mSPRxxQrWlhhLXsCJUz-J6KdjG0HijXeKTV2Cn3kBEQhoYLvuSBShUMS7-eVPHIx9i-Md9R9lgbprDE66bHPLVDGexuexnvFJGekf7umYdW5hwx8jcSTZpkFNaBYDdN1FaAzSZEUxK0KlHpUuNQTP5vFAuqyhYn_gtSnnwvpZC3O8A
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Jun 2021 14:05:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/c7e7570b-6cb5-4e76-ab34-c91ef450ee2f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 15 Jun 2021 14:05:22 GMT
content-length
0
vary
Origin
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hip2save.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 15 Jun 2021 14:05:22 GMT
content-length
0
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLv8NQCEOfe79UCGLv8tawBMAE&v=APEucNWdGNJEZh0iwbSI5p8Wg76NxCVHxhVgobD_SY9F1E1uZeAoMvxmcz99BY-NTZMHya2GlCcCELBbtZLoukei006mvp4hHQ
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=27&uid=1773a5ecbdb1e39485f6492b&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| apstag number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| adUnits boolean| gptRan function| loadGPT object| googletag object| pbjs object| apsBids object| prop2map function| initAdserver function| executeParallelAuctionAlongsidePrebid function| lazyLoadAds function| deployOnPageSlot function| refreshPBBid object| _wpemojiSettings undefined| $ function| jQuery object| dataLayer object| google_tag_manager object| twemoji object| wp object| __connect object| TKF object| VSL object| H2S_Ajax object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq string| WisePopsObject function| wisepops object| ggeac object| google_js_reporting_queue boolean| apstagLOADED number| PIN_18793 object| sharing_js_options undefined| windowOpen object| jetpackLazyImagesL10n object| theWaShBtn function| waShBtn object| _stq object| $mcSite number| google_srt object| google_logging_queue object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle function| pbjsChunk object| _pbjsGlobals string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| sovrn function| st_go function| linktracker_init object| wpcom object| scrEm object| wiseStorage function| WisepopsAddToCookiePage object| PIN_1623765911721 string| value object| key object| PinUtils function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| FB object| trx object| wisepops276048JsonP object| regeneratorRuntime object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb string| currentTagSRC object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUledft6o7uq311TwOQcC6QH_XhJURbSk05yrWHKORTJHjnBHy4HrvZwaF4i
.hip2save.com/ Name: __gads
Value: ID=d71726a9eeeb6ecb-2290950f61c800eb:T=1623765912:S=ALNI_Ma4WdXKBT8NpnHOmrtfjw5mOsfPjg

3 Console Messages

Source Level URL
Text
console-api log URL: https://d14bfzriit2hkf.cloudfront.net/script.js(Line 1)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api error URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/hip2save_c4db4_hip2save.js(Line 2)
Message:
Magic Links 'init' procedure fail! Details: TypeError: Cannot read property 'length' of null
console-api error URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/hip2save_c4db4_hip2save.js(Line 2)
Message:
TypeError: Cannot read property 'length' of null at trx.MagicLinks.retransmit_sotrage_items (https://cdn-magiclinks.trackonomics.net/client/static/v2/hip2save_c4db4_hip2save.js:2:22177) at trx.MagicLinks.init (https://cdn-magiclinks.trackonomics.net/client/static/v2/hip2save_c4db4_hip2save.js:2:19238) at new trx.MagicLinks (https://cdn-magiclinks.trackonomics.net/client/static/v2/hip2save_c4db4_hip2save.js:2:2881) at https://cdn-magiclinks.trackonomics.net/client/static/v2/hip2save_c4db4_hip2save.js:2:65551 at https://d14bfzriit2hkf.cloudfront.net/script.js:1:71856

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5682a3ee207a38269b1bd92479e57c90.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
aorta.clickagy.com
ap.lijit.com
assets.pinterest.com
b1sync.zemanta.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn-magiclinks.trackonomics.net
cdn.wisepops.com
ce.lijit.com
chimpstatic.com
cm.g.doubleclick.net
connect-metrics-collector.s-onetag.com
connect.facebook.net
creativecdn.com
cs.emxdgt.com
d.turn.com
d14bfzriit2hkf.cloudfront.net
data.adsrvr.org
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hip2save.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
jadserve.postrelease.com
loader.wisepops.com
log.pinterest.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
p.rfihub.com
pagead2.googlesyndication.com
pba.aws.lijit.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.wp.com
popup.wisepops.com
pr-bh.ybp.yahoo.com
px.owneriq.net
rtb.gumgum.com
rtb.mfadsrvr.com
s.w.org
s0.2mdn.net
script.crazyegg.com
secure.adnxs.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
ssc-cms.33across.com
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
tpc.googlesyndication.com
um.simpli.fi
ums.acuityplatform.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
googleads.g.doubleclick.net
ums.acuityplatform.com
104.111.242.53
13.224.192.34
13.225.74.3
142.250.185.162
142.250.186.66
151.101.114.49
169.197.150.7
169.50.137.190
172.217.18.98
18.156.195.47
18.195.155.181
185.184.8.65
185.29.135.190
185.33.220.240
185.64.189.115
192.0.66.2
192.0.76.3
192.0.77.48
193.0.160.129
193.122.174.27
198.148.27.140
199.232.80.84
2.18.233.180
2001:678:cb4:bbbb::13
202.241.208.55
213.19.147.45
216.52.2.19
23.37.38.181
23.79.134.84
2600:9000:2156:e400:1d:8c8c:47c0:93a1
2600:9000:21f3:e400:1b:55da:9bc0:21
2606:4700:20::681a:b13
2606:4700:20::ac43:4adc
2606:4700::6813:9408
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:800::2003
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c08::9c
2a02:26f0:6c00:291::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.49.210
3.124.165.65
3.215.93.225
3.65.212.7
34.95.69.49
35.244.159.8
37.157.4.24
51.89.21.30
52.15.129.153
52.209.246.140
52.21.104.248
52.28.69.126
52.57.150.159
52.7.51.190
52.95.123.167
54.77.47.243
54.87.192.123
64.202.112.127
66.155.71.25
67.202.110.24
69.173.144.139
69.173.151.90
70.42.32.191
72.251.249.14
76.223.111.131
99.83.181.31
99.86.241.42
99.86.241.96
99.86.4.117
0054e84563af8e38c11d23d0a0c79e55b6f1b5e3c10b1e138e93c3ab08da1a10
0095606010b437d71d110090a82daac8fedf1f1635c06f76743deffc40ff56a8
00e82aada0e37c104ae9eba97c582f97e3fdf62346b3a5e53b7fea1f2942f1f6
018ba5b976baafd33b2b6732436f8f22a8ef112ede845ca36bab21f693496dfe
0288156db90a5f16249a0bc1b226f7338574a3f05ba0d58e044640bec73d4e6f
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
03ae5397a298a2257c903716f780f104bea1eb5f85b4555c10951ff5fc5a2826
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05b4109b9e18361085d73b10695e08d5ac6f1cfbc3fce48e5d7fb5da1516b5ac
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c71fdd78bb3052782ef5da92dee58140a8604d54c781944f3a1d70598e1f2ab
0c88ef406b03094c31fd74839a919ea8c9d60ee2850a4771ca4e33c6ddbb549b
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0d0437088e7f22e8b5347a68bb8dcd879c23ebdfd95c88088f598230fe7cbaa4
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
0e10b6492d637de553bfef25bb669b2a0b492124ed5d8b25d378bb9cf61c27a7
0ea98855f624ea3674706f150040a0b36f401d566bb67b1a0d8283b7b5b1b236
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0ed51c8a5b77681e462650d7f925ebb5a2e23bc05e22e38483efa1a364622a4b
0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873
0f80c2d43d1e2a09d3b2175b41bcddae159e1767479568898f3caa917c5fa37f
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f11845f6a61c8dc85cfa82c4a17ac6dceed4d9941fcc3ebed7bb9dee40f814
14318724ec575df15322768052211a7ca7998d6ddf2ee81fc9ef431b73367f8d
1445b32501cf20ac649e1e57c15668a98c222a296bef68b0d97cfd74ff1ba997
16366991bbe8eac9dee8fad7efdf7a0205c0409de30f2538480a2357141cf46a
1af008a04814fa1375dd93a5544a8a1e3a81ccd196928bdd1b096897a00f3ebf
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cb7fabf02e9576fc31822e7f59aedf6e9b1aa2756cdb05cbb3c2e64b478042a
1d704e6441a12861f2c693ad3760d907ecba967f2f45f6d00fd4b932e32fd467
1ddf66f4804259937aca04845d6305a8fa753420f6d943ac2a5507598f802abf
1ea635a628e817eb27aff1144fa7d61b78c88fb93b066de09e333b8513b93923
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f27961c0edd13bc5f5c4480a1ea1f4a4d98f6910e1bcb302226a5429082c257
22126efa32388c8d823f85ba7d6607a18007b398fe07a94f76559df788a97d7a
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
27038b229faf8d60622d46dc8599772d5fc33445bd4eb3e08e7f5485f957785a
2c8699bc715ace8604c3519926e0d9310aeff80dec5f7bb26019723fdcc3c466
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f7a7b768ac850908ff502921a16ee3e639bd3afac3167ee012b3f8f4454ab04
2ff474ee525c8cb58d9e5f93b55c2cd62ca140a4b0b14163819b1cc1f5932f8f
331d62f00a03f10e07dc3a7660891469b6b76e57d78b57a865645a5ae5378486
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
37f424eea05384463f70a2ecb799c322c916e2b9323653727f4cc5568c1b0742
3a5a19261b9856376eddca81868a35bdf7249454910d8074c5312f269bc83cff
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3bd15261ef0da57e5fad15ead5b55a89520c26d49f2c9166a6495d8c98ab0c87
3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
3fb1a494c1dda2423ad4a14d5604fbe3f3e1747b07826e2f7750fa047946f85d
4435a1485f9ca7310b217b324977775f407c937fc695416aec3699a76876cc8b
4c1c7de5fba01be56335c0ee71a0f1ccbab8969bf8abf2df4ad256e091a84cec
4caf8ec4b149983b9d7590412472fccdc1f9ce605915ababe9b5193c38592801
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd19711556f6976393fb9f58f570d9d3481a0bfffce678d694bf2e8c823ddb6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50587db89db1d10adf0b948b226ff9fe22afb7fbbcd186f18ed798e8b274198a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550f1ae5d566afed493ab8b5f1dd1b4d5a777ef19d1b3c57bf7b01025fefd38c
56550cea9c95117681336af68eafe25c75c10f5dda70ecb350d86438a9c1001e
56f6591feaa462f4953013a56868b3ffd1c687c6d45d7c610e88d0319e5ea66c
5a4ccd281581eee77843a24125ba227ecae309785e1d4e3b8a1ed62d2ae1e31d
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
638d1c331b8046c1ee4acf3ebe2d83d2acb8c75635e1951fc8a5f118f447c94a
63aa143776181f70369c1f400564d071cddcb95c642c3d193a1b6f709d33ef2a
64a438166da3b1c56b47157583a454dc72b1293285a688f13e5d2bdf37450239
64e043b7068d1768ac64de5e8ba024ba35704125819b088e6637b21953bc1450
67b7eea8ce72deebcc9dfebd108083bc40b631547e20e6c6196a4ed65414a597
696faa4fa69e770413d80142af12761068e1a0458acea3a50f905153601bbd47
69f06850e336e78017221b8b1e9048114d5e28aa1405eecadf0766867b2a5d09
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b762c420ce758e904a962ef26849c8f4b55c6332d593c729547d69247454f1e
6f33df76622ff298a6dc5d0344a091cbfce844f40fc01a99954f06ef4960a78c
72b49b4be5c41b1b48390b88bf323afc92a4d3c1419074b7c4767655eb1179d1
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74b48933e40308b61c8dfff44ddb1d0bd1405e75453babe6754aa621e4acc297
7586b9612dfe906fbf43249085ccf5ad36d1a0f49ac64ed0e3030653bc7f4964
75f5d9d3016a8eea49584781e578868e5a00a1bcd2a98ff8f50ace5f57a046a3
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3
7c188438d59810a75bcc17ceb388444f140055fd6b1153778a4e202ea7f21be9
7eb243627ed4013b84418c9fe94ee3b9907906ace4de00965ff3b3b33a9f151c
80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf
835914c1ccc20d0d7eeef572c3652004d87400aa1221f3a0c3455135b8cf629d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85c97d3202c0d4c1501cc6213f03218f12c44e49d627a293fc69a04353627fe0
86619f89db406aa2624c3a8c0363d33a926336b48aea4ce8b8fb0153b0a8a470
897020259db9d7087fdb3066d8bb5a83dc1116b86681721786ddf19654347250
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a81b0ad7c749c05130f2edc58146b52fc2918938692aceeb85820e305ceb9cc
8b466448a0e6cec90d26e76e7569cf015de97f8f05442f1956b539fae0d2b30e
8b60dd2463b4616d15dc422dfc8a07438565c3a6cf23b7dc55e3255f8b3ad831
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc486e2d3a08898bb95552eb67498bf6ee2dafa8257a5a81b3ef3b0a0636b80
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
941a50b77faf4b9b31a28d52e4230f71a604692b199da98073ac195c6c92dc66
96077f2b9cb442eae0cf3dc0322e0321c29c6c630234cdd8c5277f7bc93e7140
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9877c98840b783bbc3e3389028bf4ff176ce57a045a4303744eb8b9856cc304a
98e80c7ac5d9690cf1335cf1e1bbf383e58038c76940baae616cd8b951e3c5f6
9918398004bba8aee93d6481ad9c50ceaf0d219a70453d4fd331af03c91b6e44
996bc0b854b0d3f096a315ab53c836b70afddf3ecb31c0004a408f4c5df8e603
997e73491fb848330be46358830d6a361e321bb445a5c70b8d7a488f62da4503
9c979034049c13c69f7043ed1dd9c9a20e8b52f2934b8063789af91e1d6e221f
9d38e3f1159346cd4e95e59006c006d12a23dbd46a2d38733632d2f835302ae3
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a0025a744c37f33533410f746c6693b101d34fec465c1de4ddc1f2db491c1028
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a32fefac261e193f67e10550e26db686ae8a979884dabe148d61fd6d31bf8311
a38f620f06e862fc4285acf1c0a6899fabffcf3a346250ea58f3ee44f14e248f
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a49c83dce444d33271dfa5cddf858002f49bada7c7d897790bf0b04f2b49c541
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d189e701d2d9dd88560240eb767ca8ed78329a205e9d10daca4d94ddb76b8d
a886c51aa73b2fd454fc7f6e5f88ff46efec2ab9f700262081aeef5209ca3597
aaf181a09430a7ee18136fe6b7645fd3af022504f3413e2a8bafd6ad1f468113
ac62dbb93fc41fdc6c685f0e6de8af5d7c97b8a6783b6620632b0058b80bd36a
ac651b816fd61d87f69998fcde2ba2307fe1c8eb397d8331a4f292cd515a8ffe
ae255258629f037aba9ff8206bc215ceabc0e9157d17bbdc0b8538a353d04528
ae4aea230fa5ef525d9ebb5bb35bf2983c17d73582b422ecc8a1911b86c8c82d
af11222b11875b0c6720716706dd02f30bc08aa99bf213afa42c39f5b7ef6b0f
af90774d8fb2d73c3cd8b10e1480d601d1328fe603ada9a713cc78532ca67ec5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b379caae46bcd4dac9f8d69b3e63f1e8259de97be4f0bb4a1b11f218405a9590
b4e6657ac1ece8adc8238f25e465640b193a6aff7662a88dc82fde02584f0234
b58ee3d7b8cf7715cb2efcc2910ced1fbeeac027b23a5f5b600cd8c07c100b1f
b5f56e4cc886a2979e5036c002b66cf369f3daccce8c852ad9c56b97f806d664
ba5943007e289720ed82a791a7757d2b13f044c5b8dc77d025486c334382ee95
ba86cbf2347f8fa52b2777685c029f4b455fd56fe8a0af53beaa393e90e4badf
bf7f9a95c7286b7ef5e3e24d7b86326901b007e1da61a7158a8b83788517fd79
c0b5928460cb3d1ecfb83324adc7aaf696d88bfab791c6ee7e6acf20fc47d5d1
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c18cfa83bf728bf8c6da61427687a4a3ee30fdaf5c9454fda4ebdc86bb6d6545
c45b9137db6a700783ac8ecbcad4c2510bc31595789b42484dcefc14a3929ef9
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c823c8b668737c1b2c82f792c886946e751cf38fbc85f7efb11994dded1826db
cabbde8502a6598896a3c812c89ecd99ecfb3e9ca68f632c8c9b3f2a7f6e0046
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d2f000784707e7bb8758be5aa61ec51dd76be69e2ed204582bc7e7eb677a2fa6
d3bbf328f1a81f184d44b5e32e4593079fd17368780857e727e61f3613a33a93
d3eb8e4fa5531069b315b56b7e2cc1fb2f06105f9368a27a624f2e304b918b3a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e262d2ff180c0022eda20db4bc1d99e431f53a9a832b924b52858d5bf0408df5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5706ffb17edbbf0f3891598060055b924b58040bd53b3a6beb742c884d191aa
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e689270b831964b3fbff3e17fdc3be952cd831cef717bd5ef39bcf0199c4feae
e6ad63acd3053ec10bd2f90fb21b580642ef63431a2ac548b7241c045ad3a2dc
e808c289b32a5e3ca4f0777b22775f8dd5c5643cc5e37f465fe797cf7c24d0ba
e8ca2bf8dc1f55cb9a2e6e1028cdcc0d88d8e8844bd2d25bdf7ba679c0a6f40f
e94d58c6493e3356a8d68b03ae4b155485d3691f5b40f2c99010b7cfbcf7383d
eb51506c619bb5ea0d447dc5a08683c9b73ecbe1e65dce794674622cd2e56f58
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f43d14b8d54e4267927359fc900703bf2f03bb7f0c90702591873e3b3bb51521
f490cf2b1d6511278cf50df908de6372503badf9ffb398db3b136abe9a4845d1
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8
feb834f05ad0360cd5b2832e734ffc32e43985b300d378b6d3c7bd9e21e00a23
febf0e24287098a32290c7998bddd486a37b87a294991da74cb9c28d1f72aa47
fec9f186b792130d66b5689b2a631b00ec88e7db5a2f2859d755a9e84c3c133c