urlscan.io logo urlscan.io
SecurityTrails logo

www.savings.com Open in urlscan Pro
23.67.137.101  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.savings.com//coupons//cheapoair.com
Effective URL: https://www.savings.com//coupons//cheapoair.com
Submission: On September 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 56 HTTP transactions. The main IP is 23.67.137.101, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.savings.com. The Cisco Umbrella rank of the primary domain is 521077.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 26th 2024. Valid for: a year.
This is the only time www.savings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    23.67.137.101 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-137-101.deploy.static.akamaitechnologies.com
www.savings.com
node1.sdccdn.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    104.16.225.240 (None, )

ASN13335 (CLOUDFLARENET, US)
static.getclicky.com
in.getclicky.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
8    2606:4700:20::681a:316 (United States)

ASN13335 (CLOUDFLARENET, US)
c.lytics.io
1    2600:9000:2251:1e00:15:875a:d300:21 (United States)

ASN16509 (AMAZON-02, US)
d2xu3jvg5io30s.cloudfront.net
6    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
cdn.userway.org
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f3.1e100.net
www.google.de
6    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2600:1f14:5db:eb00:f0d3:7b39:ce36:67e0 (Boardman, United States)

ASN16509 (AMAZON-02, US)
api.userway.org
1    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net
www.google-analytics.com
2    52.12.195.86 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-195-86.us-west-2.compute.amazonaws.com
zekelofnbk.execute-api.us-west-2.amazonaws.com
Apex Domain
Subdomains		 Transfer
17 sdccdn.com
node1.sdccdn.com
189 KB
8 lytics.io
c.lytics.io — Cisco Umbrella Rank: 11094
51 KB
7 userway.org
cdn.userway.org — Cisco Umbrella Rank: 3232
api.userway.org — Cisco Umbrella Rank: 3140
66 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
5 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4054
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
21 KB
2 amazonaws.com
zekelofnbk.execute-api.us-west-2.amazonaws.com — Cisco Umbrella Rank: 246325
388 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
71 KB
2 getclicky.com
static.getclicky.com — Cisco Umbrella Rank: 11348
in.getclicky.com — Cisco Umbrella Rank: 9857
6 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
204 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10137
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
254 B
1 cloudfront.net
d2xu3jvg5io30s.cloudfront.net
13 KB
1 savings.com
www.savings.com — Cisco Umbrella Rank: 521077
24 KB
56 14
Domain Requested by
17 node1.sdccdn.com www.savings.com
8 c.lytics.io www.savings.com
c.lytics.io
6 www.facebook.com www.savings.com
6 cdn.userway.org www.savings.com
cdn.userway.org
3 region1.analytics.google.com www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.savings.com
2 zekelofnbk.execute-api.us-west-2.amazonaws.com d2xu3jvg5io30s.cloudfront.net
2 connect.facebook.net www.savings.com
connect.facebook.net
2 www.googletagmanager.com www.savings.com
www.googletagmanager.com
1 in.getclicky.com static.getclicky.com
1 api.userway.org cdn.userway.org
1 www.google.de www.savings.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 d2xu3jvg5io30s.cloudfront.net www.googletagmanager.com
1 static.getclicky.com www.googletagmanager.com
1 www.savings.com
56 16
Subject Issuer Validity Valid
www.savings.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-02-26		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.getclicky.com
E6		 2024-07-26 -
2024-10-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-28 -
2024-09-26		 3 months crt.sh
lytics.io
WE1		 2024-09-09 -
2024-12-08		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
1667503734.rsc.cdn77.org
E5		 2024-07-16 -
2024-10-14		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.google.de
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
api.userway.org
Amazon RSA 2048 M02		 2024-08-02 -
2025-08-31		 a year crt.sh
*.execute-api.us-west-2.amazonaws.com
Amazon RSA 2048 M02		 2024-05-02 -
2025-05-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.savings.com//coupons//cheapoair.com
Frame ID: A8B4A23599CC721A45C7844F2EA040F7
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CheapOair Coupon Codes - 10% Off in September 2024

Page URL History Show full URLs

  1. http://www.savings.com//coupons//cheapoair.com HTTP 307
    https://www.savings.com//coupons//cheapoair.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.getclicky\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Page Statistics

56
Requests

100 %
HTTPS

60 %
IPv6

14
Domains

16
Subdomains

16
IPs

4
Countries

649 kB
Transfer

2019 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.savings.com//coupons//cheapoair.com HTTP 307
    https://www.savings.com//coupons//cheapoair.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cheapoair.com
www.savings.com//coupons//
Redirect Chain
  • http://www.savings.com//coupons//cheapoair.com
  • https://www.savings.com//coupons//cheapoair.com
152 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
989733a4906c432edfa152e9b13a267e12b34337b50552c19a8e066a0e3de8ed
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private
content-encoding
gzip
content-language
en-US
content-length
22863
content-type
text/html; charset=UTF-8
date
Wed, 18 Sep 2024 20:10:55 GMT
server
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.savings.com//coupons//cheapoair.com
Non-Authoritative-Reason
HttpsUpgrades
shared.bundle.min.css
node1.sdccdn.com/dist/sdc2/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://node1.sdccdn.com/dist/sdc2/shared.bundle.min.css?v=8c92dea1
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a99fc0221466f5998174aa35f3dcf93ed288b94aa7b526cc0e1af975b4b9df02

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=4687149
content-encoding
gzip
etag
"6iH1AwO/ins-gzip"
expires
Tue, 12 Nov 2024 02:10:04 GMT
access-control-allow-origin
*
content-length
1009
date
Wed, 18 Sep 2024 20:10:55 GMT
last-modified
Fri, 15 Apr 2022 21:00:14 GMT
content-type
text/css
server
vary
Accept-Encoding
common.bundle.min.css
node1.sdccdn.com/dist/sdc2/ 		118 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://node1.sdccdn.com/dist/sdc2/common.bundle.min.css?v=65d6517f
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c6c854d355be8da12419d7dbe1a3ca90e69ba068de5f1fe000861a8b54a18469

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=5522994
content-encoding
gzip
etag
"4krpp1xiC0H-gzip"
expires
Thu, 21 Nov 2024 18:20:49 GMT
access-control-allow-origin
*
content-length
22579
date
Wed, 18 Sep 2024 20:10:55 GMT
content-type
text/css
vary
Accept-Encoding
server
last-modified
Fri, 23 Aug 2024 15:00:14 GMT
merchant.bundle.min.css
node1.sdccdn.com/dist/sdc2/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://node1.sdccdn.com/dist/sdc2/merchant.bundle.min.css?v=46499fc7
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7e831aa7d96a5ce6f387a2aea9eca368a2646004b69278f01f5834a71a12186f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=3017152
content-encoding
gzip
etag
"CgQie5+MnZa-gzip"
expires
Wed, 23 Oct 2024 18:16:47 GMT
access-control-allow-origin
*
content-length
3573
date
Wed, 18 Sep 2024 20:10:55 GMT
content-type
text/css
vary
Accept-Encoding
server
last-modified
Wed, 24 Jul 2024 15:00:14 GMT
tk-poppins-400.woff2
node1.sdccdn.com/fonts/poppins/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://node1.sdccdn.com/fonts/poppins/tk-poppins-400.woff2
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b6f5d61563c157daf91c76c9909e5d6410928fa9583ce04f362c3359a222af22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.savings.com
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=3986855
etag
"EucDQzJ3+sO"
expires
Sun, 03 Nov 2024 23:38:30 GMT
access-control-allow-origin
*
content-length
11200
date
Wed, 18 Sep 2024 20:10:55 GMT
last-modified
Mon, 28 Dec 2020 16:57:56 GMT
server
tk-poppins-600.woff2
node1.sdccdn.com/fonts/poppins/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://node1.sdccdn.com/fonts/poppins/tk-poppins-600.woff2
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65475ce49a4da735ed9defc8b1faae5290810dc23aa08c7438427d435c027dc5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.savings.com
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=2007470
etag
"FRF+asEfAwF"
expires
Sat, 12 Oct 2024 01:48:45 GMT
access-control-allow-origin
*
content-length
11564
date
Wed, 18 Sep 2024 20:10:55 GMT
last-modified
Mon, 28 Dec 2020 16:57:56 GMT
server
fa-solid-900.woff2
node1.sdccdn.com/fonts/webfonts-kit-741971ae09/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://node1.sdccdn.com/fonts/webfonts-kit-741971ae09/fa-solid-900.woff2?v=1
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3f4f836a5be040b015d3b1f0265f3d85166622ea3d86cf5dff4ce1fd60b09956

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.savings.com
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=3016510
etag
"+2o2IPxvuJX"
expires
Wed, 23 Oct 2024 18:06:05 GMT
access-control-allow-origin
*
content-length
23424
date
Wed, 18 Sep 2024 20:10:55 GMT
last-modified
Wed, 24 Jul 2024 15:00:14 GMT
server
fa-regular-400.woff2
node1.sdccdn.com/fonts/webfonts-kit-741971ae09/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://node1.sdccdn.com/fonts/webfonts-kit-741971ae09/fa-regular-400.woff2?v=1
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e8a1ff5d67374cf85dac35e9a9bc44008248bbaac82ed7708fbd0b99e9a6c29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.savings.com
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=3016557
etag
"G5e5/fkWOhV"
expires
Wed, 23 Oct 2024 18:06:52 GMT
access-control-allow-origin
*
content-length
1632
date
Wed, 18 Sep 2024 20:10:55 GMT
last-modified
Wed, 24 Jul 2024 15:00:14 GMT
server
fa-brands-400.woff2
node1.sdccdn.com/fonts/webfonts-kit-741971ae09/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://node1.sdccdn.com/fonts/webfonts-kit-741971ae09/fa-brands-400.woff2?v=1
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
02c41ccd7f3dc3cb9f7f7f9b2d656fda5e804f8c05a35126d78440a9b75fcb98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.savings.com
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=3016598
etag
"7s+1HMSKbws"
expires
Wed, 23 Oct 2024 18:07:33 GMT
access-control-allow-origin
*
content-length
3920
date
Wed, 18 Sep 2024 20:10:55 GMT
last-modified
Wed, 24 Jul 2024 15:00:14 GMT
server
savings.svg
node1.sdccdn.com/images/theme/sdc2/logos/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://node1.sdccdn.com/images/theme/sdc2/logos/savings.svg?width=220&v=d434b2d1
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
47ebcacff50af45640662ddbe1efd7164c11278a815d04cf98a7132705cd4352

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=5612560
content-encoding
gzip
etag
"9r/Lbnmtsrv-gzip"
expires
Fri, 22 Nov 2024 19:13:35 GMT
content-length
1122
date
Wed, 18 Sep 2024 20:10:55 GMT
last-modified
Mon, 28 Dec 2020 16:57:56 GMT
content-type
image/svg+xml
server
vary
Accept-Encoding
4973262.svg
node1.sdccdn.com/images/savings/logo/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://node1.sdccdn.com/images/savings/logo/4973262.svg?width=120&height=1
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4d43780da35926a45dcd42c31fd87a51099883740538bfcbc7350578ef7975c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=6235040
content-encoding
gzip
etag
"AAAAXhWgW1Q-gzip"
expires
Sat, 30 Nov 2024 00:08:15 GMT
content-length
2918
date
Wed, 18 Sep 2024 20:10:55 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
last-modified
Sun, 21 Mar 2021 20:37:06 GMT
1x1.gif
node1.sdccdn.com/images/savings/ 		43 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://node1.sdccdn.com/images/savings/1x1.gif?width=1&height=1&v=cb8abdab
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=1266849
etag
"E6CU8W60fgz"
expires
Thu, 03 Oct 2024 12:05:04 GMT
content-length
43
date
Wed, 18 Sep 2024 20:10:55 GMT
last-modified
Mon, 28 Dec 2020 16:57:56 GMT
content-type
image/gif
server
shared.bundle.min.js
node1.sdccdn.com/dist/sdc2/ 		187 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://node1.sdccdn.com/dist/sdc2/shared.bundle.min.js?v=202a535a
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
83ab0e82eb71cb3957272807c55c85f7f4c35625a7b58a5af292861d8889d592

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.savings.com
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=5955071
content-encoding
gzip
etag
"5JCIXIoSqZP-gzip"
expires
Tue, 26 Nov 2024 18:22:06 GMT
access-control-allow-origin
*
content-length
61244
date
Wed, 18 Sep 2024 20:10:55 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
last-modified
Tue, 27 Aug 2024 22:26:20 GMT
common.bundle.min.js
node1.sdccdn.com/dist/sdc2/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://node1.sdccdn.com/dist/sdc2/common.bundle.min.js?v=a288710
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ebec7ca23b1454a94b30f80d152d82dc7e67e8abbccda7943d459ea9468d1196

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.savings.com
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=7682357
content-encoding
gzip
etag
"7HGXbSEl1kT-gzip"
expires
Mon, 16 Dec 2024 18:10:12 GMT
access-control-allow-origin
*
content-length
18049
date
Wed, 18 Sep 2024 20:10:55 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
last-modified
Mon, 16 Sep 2024 21:00:14 GMT
merchant.bundle.min.js
node1.sdccdn.com/dist/sdc2/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://node1.sdccdn.com/dist/sdc2/merchant.bundle.min.js?v=b218adb2
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c128d3fe8587f4b7fb009551a92d6f8dad951f1630649be870d7f402071fa26

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.savings.com
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=5960284
content-encoding
gzip
etag
"7Zvo4P7KhCs-gzip"
expires
Tue, 26 Nov 2024 19:48:59 GMT
access-control-allow-origin
*
content-length
5565
date
Wed, 18 Sep 2024 20:10:55 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
last-modified
Tue, 27 Aug 2024 22:26:20 GMT
gtm.js
www.googletagmanager.com/ 		329 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WMF4HVR
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
266006518a2ec87cea4e570019519432a551dd73a23394320343d740ce193159
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

content-encoding
br
expires
Wed, 18 Sep 2024 20:10:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 20:10:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Sep 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
111090
x-xss-protection
0
server
Google Tag Manager
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a6758e4e57c42cf78ef07d924105cb89a426c28e2ad9a9df7d8fe5fb8b1b795

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11fcbd228e7d2b1ba69bf1863b629404fc8fc3ca082e24ac9995b7ba5c7bf1cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

Content-Type
image/svg+xml
js
www.googletagmanager.com/gtag/ 		272 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CS0K8ZDTEZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMF4HVR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
24415c032265b0aefcf19162cd7ae432dbd244d2f1f4ae88095bd3af007b3f37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Wed, 18 Sep 2024 20:10:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96949
date
Wed, 18 Sep 2024 20:10:55 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMF4HVR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
content-encoding
gzip
age
3053
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 21:20:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
date
Wed, 18 Sep 2024 19:20:02 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
server
Golfe2
vary
Accept-Encoding
js
static.getclicky.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getclicky.com/js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMF4HVR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.225.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d1df41dafdc363341e9ec774163c4aa95f0808140fcbc1f8c42574c6ac84436

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
max-age=604800
content-encoding
gzip
cf-cache-status
HIT
age
173631
cf-ray
8c53fb736cfb91ed-FRA
x-proxy-cache
MISS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 20:10:55 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 16 Sep 2024 19:57:04 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Wed, 18 Sep 2024 20:10:55 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4415, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
EBbX+yaoLxWoja46RwFZHAQ/6fiumj1rz1VDwm35CzXCKDEApnXnEnzdF/MLesRin6GAEPVCNptjWGCjyMS+Tg==
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
58953
x-xss-protection
0
origin-agent-cluster
?0
latest.min.js
c.lytics.io/api/tag/454e770b85fe774de7e6d1e3b80fef4a/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/tag/454e770b85fe774de7e6d1e3b80fef4a/latest.min.js
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25683a1d47eb2c977375a8a957d2654ae35485bc281fa438b9593def0f8ebfb8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
686
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uW9ULKOeoNAv3czUIh%2F6K8I85USK19ajQyOZ6Iaj1T4H%2FTq6rE4WV%2Fz8IU%2BWr8pt7xmWGvC1863OPbs7VDXZbJ2iKru8BhVEp74BnHiRbQHDFjMJjIRhUMJkIQRNQkJdBuNrHEmgckPM"}],"group":"cf-nel","max_age":604800}
date
Wed, 18 Sep 2024 20:10:55 GMT
content-type
application/javascript
last-modified
Wed, 18 Sep 2024 19:59:29 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000;
x-lytics-trace
5b933c2ea87745742dfa01c545b992f6
cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8c53fb738f2b5d57-FRA
access-control-allow-origin
*
server
cloudflare
cfLytics.js
d2xu3jvg5io30s.cloudfront.net/v1/js/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2xu3jvg5io30s.cloudfront.net/v1/js/cfLytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMF4HVR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:1e00:15:875a:d300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
873afacc8dc267f9eb22eb95d50e61d041d9cc376e2a7395528e65a6894511a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"b7751c90e7a19f951a549368fb01af6a"
age
22127574
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
3ufQUPS-44WPlJbPHpk8j6ewb9uMSVPFILLBOEiKqEcVxztiMysAQA==
date
Sat, 06 Jan 2024 17:38:02 GMT
content-type
application/javascript
last-modified
Mon, 01 May 2023 21:45:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
vary
Accept-Encoding
widget.js
cdn.userway.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d4d0377c01306e3a854a8a3746b0f12d107ccca998dbd5f2739542d6d38d5e9f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"3542d40f0b475c5f820db9748c82a7b4"
age
80
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-cache
HIT
x-amz-cf-id
_EKARFQXyweP_Qax3xBqNnVEk70N3OM-AQaMz8usHogmjKi68iGLTA==
date
Wed, 18 Sep 2024 20:10:55 GMT
content-type
application/javascript
last-modified
Wed, 18 Sep 2024 09:26:35 GMT
vary
Accept-Encoding
x-age
1842
x-77-nzt-ray
4c156224b560f4f7cf33eb662f8f0c37
x-77-nzt
EgwBw7WqEQH3MgcAAAwBw7WvBgH30wAAAA
cache-control
max-age=3600, public
via
1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-accel-date-max
1726651707
x-77-age
1842
x-amz-cf-pop
FRA56-P10
x-accel-date
1726688413
server
CDN77-Turbo
x-accel-expires
@1726692013
x-amz-server-side-encryption
AES256
830316797830859
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/830316797830859?v=2.9.167&r=stable&domain=www.savings.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
49be8ac5452ea87dc7b606ea1bf1f16509a6ac2fb05b9a4a7597f73d0e1069a7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Wed, 18 Sep 2024 20:10:55 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=72, mss=1232, tbw=67583, tp=63, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
QH3zTlL0hJoz1168mY20qQg8Q5kdtmFKalbj9TvnHlFAMnU9RS1HLeX2NW/f3rzPXd4wpVBG59yxnoJp1tciiw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
13047
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CS0K8ZDTEZ&gtm=45je4990v885354181z877610273za200zb77610273&_p=1726690255577&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1028497264.1726690256&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726690255&sct=1&seg=0&dl=https%3A%2F%2Fwww.savings.com%2F%2Fcoupons%2F%2Fcheapoair.com&dt=CheapOair%20Coupon%20Codes%20-%2010%25%20Off%20in%20September%202024&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=803
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CS0K8ZDTEZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.savings.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CS0K8ZDTEZ&cid=1028497264.1726690256&gtm=45je4990v885354181z877610273za200zb77610273&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CS0K8ZDTEZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.savings.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
text/plain
server
Golfe2
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CS0K8ZDTEZ&gtm=45je4990v885354181z877610273za200zb77610273&_p=1726690255577&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1028497264.1726690256&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1726690255&sct=1&seg=1&dl=https%3A%2F%2Fwww.savings.com%2F%2Fcoupons%2F%2Fcheapoair.com&dt=CheapOair%20Coupon%20Codes%20-%2010%25%20Off%20in%20September%202024&en=page_view&_et=2&tfd=809
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CS0K8ZDTEZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.savings.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CS0K8ZDTEZ&cid=1028497264.1726690256&gtm=45je4990v885354181z877610273za200zb77610273&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1090865746
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 18 Sep 2024 20:10:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
widget_app_base_1726651421361.js
cdn.userway.org/widgetapp/2024-09-18-09-23-41/ 		156 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-09-18-09-23-41/widget_app_base_1726651421361.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1db5bac4767e35a3c07d24a1fcf101c30f797472bf85c6b05d7679fb95d400c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.savings.com
Referer
https://www.savings.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"be42ff5a3ef785c5616df7d794971c72"
age
286
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-cache
HIT
x-amz-cf-id
pIzLqwZXjgAjYYSs8VwSCsMMQGHoKcdu7ndod9zvWbjAIWeRGyP4EA==
date
Wed, 18 Sep 2024 20:10:55 GMT
content-type
application/javascript
last-modified
Wed, 18 Sep 2024 09:26:22 GMT
vary
Accept-Encoding
x-age
38258
x-77-nzt-ray
4c156224a86abcfbcf33eb66c5e31a3b
x-77-nzt
EgwBw7WqEQH3cpUAAAwBnJIhHwG3AwAAAA
cache-control
max-age=25920000, public
via
1.1 adffa554e502bb59dc89f14ddc6170ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-accel-date-max
1726651708
x-77-age
38258
x-amz-cf-pop
FRA56-P10
x-accel-date
1726651997
server
CDN77-Turbo
x-accel-expires
@1752571994
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/j/ 		3 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=357851335&t=pageview&_s=1&dl=https%3A%2F%2Fwww.savings.com%2F%2Fcoupons%2F%2Fcheapoair.com&ul=de-de&de=UTF-8&dt=CheapOair%20Coupon%20Codes%20-%2010%25%20Off%20in%20September%202024&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1160622799&gjid=206469048&cid=1028497264.1726690256&tid=UA-99557-2&_gid=1028205580.1726690256&_r=1&_slc=1&gtm=45He4990n81WMF4HVRv77610273za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422&npa=1&z=644268076
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.savings.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.savings.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
date
Wed, 18 Sep 2024 20:10:55 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
server
Golfe2
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=830316797830859&ev=PageView&dl=https%3A%2F%2Fwww.savings.com%2F%2Fcoupons%2F%2Fcheapoair.com&rl=&if=false&ts=1726690255992&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726690255991.563825471991344233&ler=empty&cdl=API_unavailable&it=1726690255930&coo=false&rqm=GET
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=830316797830859&ev=PageView&dl=https%3A%2F%2Fwww.savings.com%2F%2Fcoupons%2F%2Fcheapoair.com&rl=&if=false&ts=1726690255992&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726690255991.563825471991344233&ler=empty&cdl=API_unavailable&it=1726690255930&coo=false&rqm=FGET
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416078181710075523"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
SeyhMhKcDA/LQCC/bpNFUExE7v7wwcy/xUCboqbtRFVODEdssnlJHAhl7DhfToLao5l7yBc/XkG/9rqzmuiTEQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416078181710075523", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=3090, tp=-1, tpl=-1, uplat=153, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
454e770b85fe774de7e6d1e3b80fef4a
c.lytics.io/cid/ 		24 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/cid/454e770b85fe774de7e6d1e3b80fef4a?assign=false&callback=u_831049303291053000
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/454e770b85fe774de7e6d1e3b80fef4a/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8f8e56dc829f707847f7f401aa95b94a8c16f0c7cc7ff438c9067b2d29fe010
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=flDFADx64aXUncn6Y826d%2Fp2nGkOBginJAu5P43NswffiDqZI5CrQaYOminq5fSJqnR4Kr1pUh0qf86CB0flt%2BVxK0tUYEtkBOAiSyy4hXswRoWV3A1dbUTH7PAmuEVvTps2HiXQ49Mt"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST
expires
0
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
text/javascript
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
strict-transport-security
max-age=63072000;
x-lytics-trace
097dd01a1d7d2cad4d8a5dba054f783a
cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
via
1.1 google
cf-ray
8c53fb740fea5d57-FRA
access-control-allow-origin
*
content-length
24
server
cloudflare
AaEvLYxBlM
api.userway.org/api/tunings/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/AaEvLYxBlM
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-09-18-09-23-41/widget_app_base_1726651421361.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb00:f0d3:7b39:ce36:67e0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7252b22f1a871d0acbec080537aec72ed283b40c5e76397f7a39770396bab9d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.savings.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
x-service-request-id
usr70a48bb2778a46f
etag
W/"5a4-L1FahANmsRnHELuhCzkdkKVPSH0"
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
content-length
1444
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
application/json; charset=utf-8
x-service-version
uw-pr
access-control-allow-headers
*
9e0114c0-a21d-4336-a10c-8f7adab59e03
c.lytics.io/api/personalize/454e770b85fe774de7e6d1e3b80fef4a/user/_uid/ 		413 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/personalize/454e770b85fe774de7e6d1e3b80fef4a/user/_uid/9e0114c0-a21d-4336-a10c-8f7adab59e03?segments=true&mergestate=true&state=%7B%22_uid%22%3A%229e0114c0-a21d-4336-a10c-8f7adab59e03%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A2%2C%22_ul%22%3A%22de-DE%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22www.savings.com%2F%2Fcoupons%2F%2Fcheapoair.com%22%2C%22_ga%22%3A%22GA1.2.1028497264.1726690256%22%2C%22_v%22%3A%223.0.36%22%7D&ts=1726690256144&callback=u_963279708372307200
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/454e770b85fe774de7e6d1e3b80fef4a/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbef4111c6be4d7dbebc18499adc6b3c50566b8e158b12168aab500fd9b45408
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

strict-transport-security
max-age=63072000;
x-lytics-trace
e550db1d0a1056c9e99bdce1f4a4cab7
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vsfcJZUNZ4X%2Fej1QaYveqFCiowtqfRtOrr2DL9lp8cj5lUhlt%2F7Omea4E%2BLPMd2PuFfoJe%2B98KyRbiK9hdyAQd83lXKFl1DjDyJaLCX6pQ5my99Nlz39VZ1FY0RMLeUoFwj%2Fvg%2BSlVos"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
via
1.1 google
cf-ray
8c53fb74e8e45d57-FRA
access-control-allow-origin
content-length
269
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
454e770b85fe774de7e6d1e3b80fef4a
c.lytics.io/c/ 		35 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/454e770b85fe774de7e6d1e3b80fef4a?_e=pv&_sesstart=1&_tz=2&_ul=de-DE&_sz=1600x1200&_ts=1726690256000&_nmob=t&_device=desktop&url=www.savings.com%2F%2Fcoupons%2F%2Fcheapoair.com&_ga=GA1.2.1028497264.1726690256&_v=3.0.36&_uid=9e0114c0-a21d-4336-a10c-8f7adab59e03&_getid=t
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bv4HM%2FmOPsfde%2FCU%2Bo%2F9tBHh7e4vLvIXSw5uhYmMCFHiLHPHcCwtKPIpEpWiSnd%2FvkC4GJmatAutRNP6JVskJrnvzUj%2FF6DSjAJoOYz%2FPpge6%2F7ZUZS2lG8XW1m35Zjpu0%2BGNLtrQhC7"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST
expires
0
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
image/gif
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
strict-transport-security
max-age=63072000;
x-lytics-trace
ac25fa3295ac8155570fbdb426f7501f
cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
via
1.1 google
cf-ray
8c53fb74e8ea5d57-FRA
access-control-allow-origin
*
content-length
35
server
cloudflare
454e770b85fe774de7e6d1e3b80fef4a
c.lytics.io/c/ 		35 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/454e770b85fe774de7e6d1e3b80fef4a?_e=pv&_sesstart=1&_tz=2&_ul=de-DE&_sz=1600x1200&_ts=1726690256101&_nmob=t&_device=desktop&url=www.savings.com%2F%2Fcoupons%2F%2Fcheapoair.com&_ga=GA1.2.1028497264.1726690256&_v=3.0.36&_uid=9e0114c0-a21d-4336-a10c-8f7adab59e03&_getid=t
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=su95e6W5j5BF%2BUaBqO%2B0RM9zfUEzEuZXh6PN%2BBkb4eYWMbZPaL909L%2F7dBap1HA4TBpEro6%2FsoJADt7LhwM1BTKcU6rijDMrF7Sq04B5jVBWOMPIzZwliyQ35IzNa5e%2F6%2BX%2FYaOLwn0M"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST
expires
0
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
image/gif
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
strict-transport-security
max-age=63072000;
x-lytics-trace
fee3513f157422466c0ad8b54c447b2a
cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
via
1.1 google
cf-ray
8c53fb74e8ec5d57-FRA
access-control-allow-origin
*
content-length
35
server
cloudflare
in.php
in.getclicky.com/ 		131 B
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.getclicky.com/in.php?site_id=101282841&href=%2F%2Fcoupons%2F%2Fcheapoair.com&title=CheapOair%20Coupon%20Codes%20-%2010%25%20Off%20in%20September%202024&res=1600x1200&lang=de-DE&tz=Europe%2FBerlin&tc=&ck=1&x=en9i0v
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.225.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
max-age=0, must-revalidate, no-cache, no-store, private
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-ray
8c53fb753ec091ed-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
/
www.facebook.com/tr/ 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=830316797830859&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.savings.com%2F%2Fcoupons%2F%2Fcheapoair.com&rl=&if=false&ts=1726690256306&cd[external_id]=9e0114c0-a21d-4336-a10c-8f7adab59e03&sw=1600&sh=1200&v=2.9.167&r=stable&ec=1&o=12318&fbp=fb.1.1726690255991.563825471991344233&ler=empty&cdl=API_unavailable&it=1726690255930&coo=false&rqm=GET
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=6001, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=830316797830859&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.savings.com%2F%2Fcoupons%2F%2Fcheapoair.com&rl=&if=false&ts=1726690256306&cd[external_id]=9e0114c0-a21d-4336-a10c-8f7adab59e03&sw=1600&sh=1200&v=2.9.167&r=stable&ec=1&o=12318&fbp=fb.1.1726690255991.563825471991344233&ler=empty&cdl=API_unavailable&it=1726690255930&coo=false&rqm=FGET
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416078179944976672"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
rfd9BfigM3ix8IUxniP5Ol7UfUuc8UgE+QCbsOrIvxgUfkUjBlnv5UUerIMjUmbBFNcZUX6d+UUBEA+6mf1klw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416078179944976672", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=7137, tp=-1, tpl=-1, uplat=25, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=830316797830859&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.savings.com%2F%2Fcoupons%2F%2Fcheapoair.com&rl=&if=false&ts=1726690256308&cd[all]=true&cd[smt_new]=true&cd[default_anon_seg]=true&cd[web_domains_visited_all_90_days_]=true&cd[has_visited_web_last_active_past_30_days]=true&cd[web_domains_visited_all_60_days]=true&sw=1600&sh=1200&v=2.9.167&r=stable&ec=2&o=12318&fbp=fb.1.1726690255991.563825471991344233&ler=empty&cdl=API_unavailable&it=1726690255930&coo=false&rqm=GET
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=6115, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=830316797830859&ev=Lytics%20Audiences&dl=https%3A%2F%2Fwww.savings.com%2F%2Fcoupons%2F%2Fcheapoair.com&rl=&if=false&ts=1726690256308&cd[all]=true&cd[smt_new]=true&cd[default_anon_seg]=true&cd[web_domains_visited_all_90_days_]=true&cd[has_visited_web_last_active_past_30_days]=true&cd[web_domains_visited_all_60_days]=true&sw=1600&sh=1200&v=2.9.167&r=stable&ec=2&o=12318&fbp=fb.1.1726690255991.563825471991344233&ler=empty&cdl=API_unavailable&it=1726690255930&coo=false&rqm=FGET
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416078180429345368"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
90Q4K/D6DOEAtRqlC0WeOeGSL23tskeAjXgTPCwQ9WoZk3FOm6wmlFyGyrTTO/sGrKxlJ6+iXLMDDeBFwqt/Xw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416078180429345368", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=6269, tp=-1, tpl=-1, uplat=25, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=357851335&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.savings.com%2F%2Fcoupons%2F%2Fcheapoair.com&ul=de-de&de=UTF-8&dt=CheapOair%20Coupon%20Codes%20-%2010%25%20Off%20in%20September%202024&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=lytics&ea=lytics_google_integration&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=1028497264.1726690256&uid=9e0114c0-a21d-4336-a10c-8f7adab59e03&tid=UA-99557-2&_gid=1028205580.1726690256&gtm=45He4990n81WMF4HVRv77610273za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422&npa=1&z=1292731893
Requested by
Host: www.savings.com
URL: https://www.savings.com//coupons//cheapoair.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
age
26442
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Wed, 18 Sep 2024 12:50:14 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
server
Golfe2
v1
zekelofnbk.execute-api.us-west-2.amazonaws.com/ 		184 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zekelofnbk.execute-api.us-west-2.amazonaws.com/v1
Requested by
Host: d2xu3jvg5io30s.cloudfront.net
URL: https://d2xu3jvg5io30s.cloudfront.net/v1/js/cfLytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.12.195.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-12-195-86.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
46637808314214c43919dc4f44b68172fef2c36d7e82eb466d0aa11506a5b44c

Request headers

Referer
https://www.savings.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json
x-api-key
GZFBNV0dYxRqctrtwVaV59nEq5ZBQkq5RH2fAb64

Response headers

x-amzn-requestid
f727d630-15b7-4e15-a392-70a2728e0cb1
access-control-allow-origin
*
content-length
184
date
Wed, 18 Sep 2024 20:10:57 GMT
x-amz-apigw-id
eUUItHrLPHcEWmg=
content-type
application/json
x-amzn-trace-id
Root=1-66eb33d1-5b9b3adf391690ab36eff9a5
v1
zekelofnbk.execute-api.us-west-2.amazonaws.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zekelofnbk.execute-api.us-west-2.amazonaws.com/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.12.195.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-12-195-86.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.savings.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 18 Sep 2024 20:10:56 GMT
x-amz-apigw-id
eUUIrEqiPHcEn-g=
x-amzn-requestid
75cf4b30-ca80-47d0-b126-dd3d7f52a8ef
4991011.svg
node1.sdccdn.com/images/savings/logo/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://node1.sdccdn.com/images/savings/logo/4991011.svg?width=120&height=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95448d57feeaa47be92b1641003f635861e4ef65fd8e6359c00763350d3a24a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=3913366
content-encoding
gzip
etag
"AAAAXnILB3I-gzip"
expires
Sun, 03 Nov 2024 03:13:42 GMT
content-length
3829
date
Wed, 18 Sep 2024 20:10:56 GMT
last-modified
Tue, 01 Jun 2021 15:23:25 GMT
content-type
image/svg+xml
server
vary
Accept-Encoding
4958929.jpeg
node1.sdccdn.com/images/savings/logo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://node1.sdccdn.com/images/savings/logo/4958929.jpeg?width=100&height=100
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
170c65414960721ed6180e547afb5b1c92734c2aa225ac9dd1e928df61304cce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
public, max-age=6448548
etag
"AAAAXdk7Yoo"
expires
Mon, 02 Dec 2024 11:26:44 GMT
content-length
3423
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
image/jpeg
last-modified
Tue, 02 Feb 2021 22:47:05 GMT
server
favicon.ico
node1.sdccdn.com/images/theme/sdc2/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://node1.sdccdn.com/images/theme/sdc2/favicon.ico?v=232435f7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2ccdccc924233b153794225aa1a7465a66ef942998a70730e30865a3e8548d2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

expires
Wed, 02 Oct 2024 20:06:25 GMT
cache-control
public, max-age=1209329
content-length
15406
etag
"7rQ2Gx6Dxpc"
date
Wed, 18 Sep 2024 20:10:56 GMT
last-modified
Thu, 07 Jan 2021 16:00:18 GMT
server
en-US.json
cdn.userway.org/widgetapp/2024-09-18-09-23-41/locales/ 		607 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-09-18-09-23-41/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-09-18-09-23-41/widget_app_base_1726651421361.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"971644f50e2020e1ff22e37edcad46f6"
age
286
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-cache
HIT
x-amz-cf-id
qW7Tqu4w9JpDrwG_axInpNZgkTazL5wTmUyn_lMyDi_HA1dU1G_hHg==
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
application/json
last-modified
Wed, 18 Sep 2024 09:26:21 GMT
x-77-nzt-ray
4c156224a86abcfbd033eb663c650a22
x-age
38257
vary
Accept-Encoding
x-77-nzt
EgwBw7WqEQH3cZUAAAwBJRPCNAG3BAAAAA
cache-control
max-age=25920000, public
via
1.1 28f8e84a396255d768dd04c506bf86f0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-accel-date-max
1726651710
x-77-age
38257
x-amz-cf-pop
FRA56-P10
x-accel-date
1726651999
server
CDN77-Turbo
x-accel-expires
@1752571995
x-amz-server-side-encryption
AES256
pathfora.min.js
c.lytics.io/static/ 		103 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/454e770b85fe774de7e6d1e3b80fef4a/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a0f3694e0c1a799d58c517dc9fc267b089fffd11d447d9d379daff24c362010
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

strict-transport-security
max-age=63072000;
cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
age
7181
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CgYthlseC7JxGf6YtESb2qhvU3knsaRAoUJcuTyhlNtitsZhN4izZJKg9ePiGNaVPZdaYtWgwVaiYrWM7Mr8uWvFQb%2FJdMU4yClEjhA8agy5%2FQOyWBUkrtzupygafDpEcUFWQBbHshXs"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8c53fb791d895d57-FRA
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 18 Sep 2024 18:11:15 GMT
vary
Accept-Encoding
server
cloudflare
pathfora.min.css
c.lytics.io/static/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdc3d2e048a532d0bd1b49483ea9908ce1d60e3518971f08faa118f344b76f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

strict-transport-security
max-age=63072000;
cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
age
4005
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5SDGMzSp1O1py3D8ftbDzwuGf%2FU2vSE8jaaXCzRz3xPNtFUQ6p2uq87XMrn2rfQ54AD%2B2pXju1cf8wRlxbm3Kbj8kYTL%2FJUki1BRRjquy9tjAEu1CA6sIuAAiUYoU6bAY3CCF3wxEoaQ"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8c53fb794dc35d57-FRA
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 18 Sep 2024 19:04:11 GMT
vary
Accept-Encoding
server
cloudflare
config.js
c.lytics.io/api/program/campaign/config/454e770b85fe774de7e6d1e3b80fef4a/ 		327 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/program/campaign/config/454e770b85fe774de7e6d1e3b80fef4a/config.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/454e770b85fe774de7e6d1e3b80fef4a/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101358addf7c25ac871790d4a4fccc8665ddb56073d73247c0a5d12215e830c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
686
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cX%2F73x%2BBDSJFVkrE7UjekWREFK18UMAOfHgmeTwNPfbUx4X%2FyFHTv%2FdvKKCMZFONn6d%2BWSSLBelRwpUig%2FmFJYrfINE6HbFV8zfk2ayvNIZPCmVAY%2FNuo7nl7ezQAb3FO5XhxZUvutN5"}],"group":"cf-nel","max_age":604800}
date
Wed, 18 Sep 2024 20:10:56 GMT
content-type
application/javascript
last-modified
Wed, 18 Sep 2024 19:59:30 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000;
x-lytics-trace
2c6e6db9c96ee5a8876ed914b1b7b247
cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8c53fb795dce5d57-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
226
server
cloudflare
remediation-tool-free.js
cdn.userway.org/remediation/2024-09-18-09-23-41/free/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediation/2024-09-18-09-23-41/free/remediation-tool-free.js?ts=1726651421361
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-09-18-09-23-41/widget_app_base_1726651421361.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
64c50f87ea791b9cb64156a343dff6af131630669ee56395937ab6ef0a092389

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.savings.com
Referer
https://www.savings.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"cd0a28ab852047a8ad5a6e9e4b3fdcc4"
age
284
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-cache
HIT
x-amz-cf-id
1x4g3PSZz9nlh2w2vxwNF8cFTbb7rRMbXIMATWXHksbhtQCa0P3qwQ==
date
Wed, 18 Sep 2024 20:10:57 GMT
content-type
application/javascript
last-modified
Wed, 18 Sep 2024 09:26:33 GMT
vary
Accept-Encoding
x-age
38259
x-77-nzt-ray
4c156224a86abcfbd133eb66b0485904
x-77-nzt
EgwBw7WqEQH3c5UAAAwBnJIhHwG3BAAAAA
cache-control
max-age=25920000, public
via
1.1 3adffce7dd03a16d055927ad5fa7671a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-accel-date-max
1726651711
x-77-age
38259
x-amz-cf-pop
FRA56-P10
x-accel-date
1726651998
server
CDN77-Turbo
x-accel-expires
@1752571994
x-amz-server-side-encryption
AES256
body_wh.svg
cdn.userway.org/widgetapp/images/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-cache
HIT
x-amz-cf-id
J0bGrvCudkiq0bF1mzZXcYzw98WCHkpWNhRXBBWoKKNSCWPZj3-DRQ==
date
Wed, 18 Sep 2024 20:10:57 GMT
content-type
image/svg+xml
x-77-nzt-ray
4c156224b560f4f7d133eb6648aa4305
vary
Accept-Encoding
last-modified
Wed, 18 Sep 2024 09:26:23 GMT
x-77-nzt
EgwBw7WqEQH3dJUAAAwBnJIhHwG3AgAAAA
cache-control
max-age=25920000, public
x-age
38260
via
1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-accel-date-max
1726651996
x-77-age
38260
x-amz-cf-pop
FRA56-P10
x-accel-date
1726651997
server
CDN77-Turbo
x-accel-expires
@1752571995
x-amz-server-side-encryption
AES256
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-cache
HIT
x-amz-cf-id
bjiSLTAX9dsQbur38gaNHetEpvItjeoTPLnDGYTnSbU_R2PU3wiOAA==
date
Wed, 18 Sep 2024 20:10:57 GMT
content-type
image/svg+xml
x-77-nzt-ray
4c156224b560f4f7d133eb66c38b4805
vary
Accept-Encoding
last-modified
Wed, 18 Sep 2024 09:26:24 GMT
x-77-nzt
EgwBw7WqEQH3dJUAAAwBJRPCMQG3AgAAAA
cache-control
max-age=25920000, public
x-age
38260
via
1.1 950827d16996e598fc854bddb58b3ff0.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-accel-date-max
1726651996
x-77-age
38260
x-amz-cf-pop
FRA56-P10
x-accel-date
1726651997
server
CDN77-Turbo
x-accel-expires
@1752571995
x-amz-server-side-encryption
AES256
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CS0K8ZDTEZ&gtm=45je4990v885354181z877610273za200zb77610273&_p=1726690255577&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1028497264.1726690256&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1726690255&sct=1&seg=1&dl=https%3A%2F%2Fwww.savings.com%2F%2Fcoupons%2F%2Fcheapoair.com&dt=CheapOair%20Coupon%20Codes%20-%2010%25%20Off%20in%20September%202024&en=page_view&ep.pageTypeView=merchant&_et=1&tfd=5810
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CS0K8ZDTEZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.savings.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.savings.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 20:11:00 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer function| onUserInteraction function| loadCSS object| _PageInfo object| webpackChunksavings_app object| enquire object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| clicky_site_ids function| fbq function| _fbq object| jstag string| dataStream object| gaGlobal object| UserWayWidgetApp object| clicky_obj object| clicky object| clicky_custom object| _cgen object| _cgen_custom object| gaplugins object| gaData object| core function| cfLytics function| cfLoadLytics function| cfClickLytics object| __lytics__jstag__ function| __assign function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| CONTROLS_WITH_TEXT_TAGS object| INPUT_TYPES_WITH_TEXT_CONTENT function| isInputElementWithText function| isDirectParentOfText object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __rest object| messageStream object| _userway_config boolean| _userway object| jQuery111205339662584682772 object| pathfora object| UserWay function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async

19 Cookies

Domain/Path Name / Value
www.savings.com/ Name: AWSALB
Value: uQq48ZDDbhAXQGtBHCeiJdrXIYB/yfzTszeNDFUWdou+c6j6N1YtUrJ25ww37LUY7IdLK6ZsYVtZCZ5u2gQQNDRPbhd/lo+oTmHUdr6AKcz91XWx4hoEOsXctMtP
www.savings.com/ Name: AWSALBCORS
Value: uQq48ZDDbhAXQGtBHCeiJdrXIYB/yfzTszeNDFUWdou+c6j6N1YtUrJ25ww37LUY7IdLK6ZsYVtZCZ5u2gQQNDRPbhd/lo+oTmHUdr6AKcz91XWx4hoEOsXctMtP
.savings.com/ Name: ESTN
Value: 1
.savings.com/ Name: CCS
Value: 31
.savings.com/ Name: EPRAT
Value: 456260895-1726690255398
.savings.com/ Name: MPUSC
Value: 456260895-1726690255398-RF
.savings.com/ Name: MPEVTC
Value: 1726690255398
.savings.com/ Name: MPREFSRC
Value: mppid%3D%2Cmpsid%3D%2Cmptid%3Dnull%2Cmpclickid%3D175439978-1726690255398-283958968859689447
.savings.com/ Name: MPIBRCC
Value: 175439978-1726690255398-283958968859689447
.savings.com/ Name: MPPAGEEVENTCK
Value: 175439978-1726690255398-6779653103186458914
www.savings.com/ Name: JSESSIONID
Value: abcZB9wL4O8CY5NgMWgiz
.savings.com/ Name: _ga_CS0K8ZDTEZ
Value: GS1.1.1726690255.1.1.1726690255.60.0.0
.savings.com/ Name: _ga
Value: GA1.2.1028497264.1726690256
.savings.com/ Name: _gid
Value: GA1.2.1028205580.1726690256
.savings.com/ Name: _gat_UA-99557-2
Value: 1
.savings.com/ Name: _fbp
Value: fb.1.1726690255991.563825471991344233
.www.savings.com/ Name: seerses
Value: e
.www.savings.com/ Name: seerid
Value: 9e0114c0-a21d-4336-a10c-8f7adab59e03
.lytics.io/ Name: seerid
Value: 9e0114c0-a21d-4336-a10c-8f7adab59e03

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
c.lytics.io
cdn.userway.org
connect.facebook.net
d2xu3jvg5io30s.cloudfront.net
in.getclicky.com
node1.sdccdn.com
region1.analytics.google.com
static.getclicky.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.savings.com
zekelofnbk.execute-api.us-west-2.amazonaws.com
104.16.225.240
157.240.253.1
172.217.16.142
2001:4860:4802:34::36
216.58.206.67
23.67.137.101
2600:1f14:5db:eb00:f0d3:7b39:ce36:67e0
2600:9000:2251:1e00:15:875a:d300:21
2606:4700:20::681a:316
2a00:1450:4001:813::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c0c::9d
2a02:6ea0:c700::19
2a03:2880:f176:181:face:b00c:0:25de
52.12.195.86
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
02c41ccd7f3dc3cb9f7f7f9b2d656fda5e804f8c05a35126d78440a9b75fcb98
0c128d3fe8587f4b7fb009551a92d6f8dad951f1630649be870d7f402071fa26
0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f
101358addf7c25ac871790d4a4fccc8665ddb56073d73247c0a5d12215e830c9
11fcbd228e7d2b1ba69bf1863b629404fc8fc3ca082e24ac9995b7ba5c7bf1cd
170c65414960721ed6180e547afb5b1c92734c2aa225ac9dd1e928df61304cce
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1db5bac4767e35a3c07d24a1fcf101c30f797472bf85c6b05d7679fb95d400c5
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
24415c032265b0aefcf19162cd7ae432dbd244d2f1f4ae88095bd3af007b3f37
25683a1d47eb2c977375a8a957d2654ae35485bc281fa438b9593def0f8ebfb8
266006518a2ec87cea4e570019519432a551dd73a23394320343d740ce193159
2ccdccc924233b153794225aa1a7465a66ef942998a70730e30865a3e8548d2d
3f4f836a5be040b015d3b1f0265f3d85166622ea3d86cf5dff4ce1fd60b09956
46637808314214c43919dc4f44b68172fef2c36d7e82eb466d0aa11506a5b44c
47ebcacff50af45640662ddbe1efd7164c11278a815d04cf98a7132705cd4352
49be8ac5452ea87dc7b606ea1bf1f16509a6ac2fb05b9a4a7597f73d0e1069a7
4a0f3694e0c1a799d58c517dc9fc267b089fffd11d447d9d379daff24c362010
4d43780da35926a45dcd42c31fd87a51099883740538bfcbc7350578ef7975c5
64c50f87ea791b9cb64156a343dff6af131630669ee56395937ab6ef0a092389
65475ce49a4da735ed9defc8b1faae5290810dc23aa08c7438427d435c027dc5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e8a1ff5d67374cf85dac35e9a9bc44008248bbaac82ed7708fbd0b99e9a6c29
7252b22f1a871d0acbec080537aec72ed283b40c5e76397f7a39770396bab9d8
7a6758e4e57c42cf78ef07d924105cb89a426c28e2ad9a9df7d8fe5fb8b1b795
7e831aa7d96a5ce6f387a2aea9eca368a2646004b69278f01f5834a71a12186f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ab0e82eb71cb3957272807c55c85f7f4c35625a7b58a5af292861d8889d592
873afacc8dc267f9eb22eb95d50e61d041d9cc376e2a7395528e65a6894511a8
8d1df41dafdc363341e9ec774163c4aa95f0808140fcbc1f8c42574c6ac84436
95448d57feeaa47be92b1641003f635861e4ef65fd8e6359c00763350d3a24a8
989733a4906c432edfa152e9b13a267e12b34337b50552c19a8e066a0e3de8ed
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a99fc0221466f5998174aa35f3dcf93ed288b94aa7b526cc0e1af975b4b9df02
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b6f5d61563c157daf91c76c9909e5d6410928fa9583ce04f362c3359a222af22
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c6c854d355be8da12419d7dbe1a3ca90e69ba068de5f1fe000861a8b54a18469
cbef4111c6be4d7dbebc18499adc6b3c50566b8e158b12168aab500fd9b45408
d4d0377c01306e3a854a8a3746b0f12d107ccca998dbd5f2739542d6d38d5e9f
d8f8e56dc829f707847f7f401aa95b94a8c16f0c7cc7ff438c9067b2d29fe010
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebec7ca23b1454a94b30f80d152d82dc7e67e8abbccda7943d459ea9468d1196
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdc3d2e048a532d0bd1b49483ea9908ce1d60e3518971f08faa118f344b76f1