urlscan.io logo urlscan.io
SecurityTrails logo

slickdeals.net Open in urlscan Pro
104.17.126.18  Public Scan

Go To Rescan Add Verdict Report
URL: https://slickdeals.net/click?pno=1046418&prop=diavail-false%7Cdincp-0%7Cdinpd-0%7Cdipgavail-false&lno=1&sdtid=18038391&...
Submission: On January 09 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 104.17.126.18, located in and belongs to CLOUDFLARENET, US. The main domain is slickdeals.net. The Cisco Umbrella rank of the primary domain is 12423.
TLS certificate: Issued by E6 on January 4th 2025. Valid for: 3 months.
This is the only time slickdeals.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 104.17.126.18 13335 (CLOUDFLAR...)
1 13.32.27.5 16509 (AMAZON-02)
2 54.157.172.229 14618 (AMAZON-AES)
7 3
Apex Domain
Subdomains		 Transfer
5 slickdeals.net
slickdeals.net — Cisco Umbrella Rank: 12423
17 KB
3 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 867
heapanalytics.com — Cisco Umbrella Rank: 683
41 KB
7 2
Domain Requested by
5 slickdeals.net 1 redirects slickdeals.net
2 heapanalytics.com
1 cdn.heapanalytics.com slickdeals.net
7 3

This site contains links to these domains. Also see Links.

Domain
go.redirectingat.com
Subject Issuer Validity Valid
slickdeals.net
E6		 2025-01-04 -
2025-04-04		 3 months crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M02		 2024-05-29 -
2025-06-26		 a year crt.sh
heapanalytics.com
Amazon RSA 2048 M03		 2024-11-18 -
2025-12-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://slickdeals.net/click?pno=1046418&prop=diavail-false%7Cdincp-0%7Cdinpd-0%7Cdipgavail-false&lno=1&sdtid=18038391&trd=VW&sdtrk=SiteSearchV2Algo1&afsrc=1&peid=f26b3c78-5a63-481b-8394-5e10fc549f69&adobeRef=322984d0a8f340a89d1a0149045828000003&attr_track=Thread%3AExpired%3AFalse
Frame ID: 6AFB490BF61AC5776C8517653C59FEA4
Requests: 5 HTTP requests in this frame

Frame: https://slickdeals.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/main.js
Frame ID: 0A564029066BA8CDA5BABE39A052DF37
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Now leaving slickdeals.net

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

58 kB
Transfer

173 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://slickdeals.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://slickdeals.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/main.js

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request click
slickdeals.net/ 		6 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://slickdeals.net/click?pno=1046418&prop=diavail-false%7Cdincp-0%7Cdinpd-0%7Cdipgavail-false&lno=1&sdtid=18038391&trd=VW&sdtrk=SiteSearchV2Algo1&afsrc=1&peid=f26b3c78-5a63-481b-8394-5e10fc549f69&adobeRef=322984d0a8f340a89d1a0149045828000003&attr_track=Thread%3AExpired%3AFalse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.126.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631e9bc08839f13b8be10e47169043c48317037b65b045836fe29c420d508163
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8ff829a27f66db0c-FRA
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Thu, 09 Jan 2025 23:21:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-frame-options
sameorigin
x-robots-tag
noindex
x-sd-redirecttype
12
main.js
slickdeals.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/ Frame 0A56
Redirect Chain
  • https://slickdeals.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://slickdeals.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/main.js?
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slickdeals.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/main.js?
Protocol
H2
Server
104.17.126.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0458aafdb33a97409be6c253d7c0a578c0b917081037d80d5e153ec6385e0172
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8ff829a7481adb0c-FRA
date
Thu, 09 Jan 2025 23:21:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/e0c90b6a3ed1/main.js?
cf-ray
8ff829a72804db0c-FRA
access-control-allow-origin
*
content-length
0
date
Thu, 09 Jan 2025 23:21:16 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
slickdeals.net/ 		34 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://slickdeals.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.126.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02fc17dada08b1433ee1b0eaddcf8f9e50a90038ea0cc8971cc97f480cff30eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://slickdeals.net/click?pno=1046418&prop=diavail-false%7Cdincp-0%7Cdinpd-0%7Cdipgavail-false&lno=1&sdtid=18038391&trd=VW&sdtrk=SiteSearchV2Algo1&afsrc=1&peid=f26b3c78-5a63-481b-8394-5e10fc549f69&adobeRef=322984d0a8f340a89d1a0149045828000003&attr_track=Thread%3AExpired%3AFalse

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"1305954756"
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ff829a73805db0c-FRA
expires
Fri, 10 Jan 2025 03:21:16 GMT
date
Thu, 09 Jan 2025 23:21:16 GMT
content-type
text/plain
last-modified
Mon, 05 Feb 2024 17:58:48 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
sameorigin
heap-4023737901.js
cdn.heapanalytics.com/js/ 		125 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-4023737901.js
Requested by
Host: slickdeals.net
URL: https://slickdeals.net/click?pno=1046418&prop=diavail-false%7Cdincp-0%7Cdinpd-0%7Cdipgavail-false&lno=1&sdtid=18038391&trd=VW&sdtrk=SiteSearchV2Algo1&afsrc=1&peid=f26b3c78-5a63-481b-8394-5e10fc549f69&adobeRef=322984d0a8f340a89d1a0149045828000003&attr_track=Thread%3AExpired%3AFalse
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-5.fra56.r.cloudfront.net
Software
nginx / Express
Resource Hash
32c9dd222f1bfd65c2ec2f71d3b9cefc93a040fd9bb933d454a0fa87cc88b4b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://slickdeals.net/

Response headers

content-encoding
br
etag
W/"1f2f9-IDuWngI+L0YK6XD6C6cuh3wx1SE"
age
29
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
fUOjBEwDRpSzBCGB_vfGVT5LYYHsQdzUrYN9IWoKA8PccNn59jY8aw==
date
Thu, 09 Jan 2025 23:20:47 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=120
cross-origin-resource-policy
cross-origin
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-powered-by
Express
server
nginx
8ff829a27f66db0c
slickdeals.net/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 0A56 		0
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://slickdeals.net/cdn-cgi/challenge-platform/h/b/jsd/r/8ff829a27f66db0c
Requested by
Host: slickdeals.net
URL: https://slickdeals.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.126.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8ff829a798a1db0c-FRA
content-length
0
date
Thu, 09 Jan 2025 23:21:16 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
h
heapanalytics.com/ 		37 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=4023737901&u=707410951705683&v=8588887020041884&s=631185724485447&b=web&tv=4.0&z=0&h=%2Fclick&q=%3Fpno%3D1046418%26prop%3Ddiavail-false%257Cdincp-0%257Cdinpd-0%257Cdipgavail-false%26lno%3D1%26sdtid%3D18038391%26trd%3DVW%26sdtrk%3DSiteSearchV2Algo1%26afsrc%3D1%26peid%3Df26b3c78-5a63-481b-8394-5e10fc549f69%26adobeRef%3D322984d0a8f340a89d1a0149045828000003%26attr_track%3DThread%253AExpired%253AFalse&d=slickdeals.net&t=Now%20leaving%20slickdeals.net&ts=1736464876741&sch=1200&scw=1600&st=1736464876741&lv=4.23.4&ld=cdn.heapanalytics.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.172.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-172-229.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://slickdeals.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods
POST, PUT, GET
access-control-allow-origin
*
content-length
37
date
Thu, 09 Jan 2025 23:21:16 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
h
heapanalytics.com/ 		37 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=4023737901&u=707410951705683&v=8588887020041884&s=631185724485447&b=web&tv=4.0&sp=z&sp=0&sp=ts&sp=1736464876741&sp=d&sp=slickdeals.net&sp=h&sp=%2Fclick&sp=t&sp=Now%20leaving%20slickdeals.net&sp=q&sp=%3Fpno%3D1046418%26prop%3Ddiavail-false%257Cdincp-0%257Cdinpd-0%257Cdipgavail-false%26lno%3D1%26sdtid%3D18038391%26trd%3DVW%26sdtrk%3DSiteSearchV2Algo1%26afsrc%3D1%26peid%3Df26b3c78-5a63-481b-8394-5e10fc549f69%26adobeRef%3D322984d0a8f340a89d1a0149045828000003%26attr_track%3DThread%253AExpired%253AFalse&pp=d&pp=slickdeals.net&pp=q&pp=%3Fpno%3D1046418%26prop%3Ddiavail-false%257Cdincp-0%257Cdinpd-0%257Cdipgavail-false%26lno%3D1%26sdtid%3D18038391%26trd%3DVW%26sdtrk%3DSiteSearchV2Algo1%26afsrc%3D1%26peid%3Df26b3c78-5a63-481b-8394-5e10fc549f69%26adobeRef%3D322984d0a8f340a89d1a0149045828000003%26attr_track%3DThread%253AExpired%253AFalse&pp=h&pp=%2Fclick&pp=t&pp=Now%20leaving%20slickdeals.net&pp=ts&pp=1736464876741&id0=4203175905543254&k0=domain&k0=www.vw.com&k0=url&k0=https%3A%2F%2Fwww.vw.com%2Fen%2Fmodels%2Fid-4.html&t0=Outclick%20-%20Interstitial%20-%20Manual%20Click&ts0=1736464876737&st=1736464876741&lv=4.23.4&ld=cdn.heapanalytics.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.157.172.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-172-229.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://slickdeals.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods
POST, PUT, GET
access-control-allow-origin
*
content-length
37
date
Thu, 09 Jan 2025 23:21:16 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| addLoadEvent object| sdLoadQueue object| SD function| findClosestElement object| heap

12 Cookies

Domain/Path Name / Value
.slickdeals.net/ Name: abgroup
Value: gridgroup
.slickdeals.net/ Name: fpStyle
Value: grid
.slickdeals.net/ Name: bbsessionhash
Value: c8c8b0b428d5d660a2a93f603ac05695
.slickdeals.net/ Name: auuid
Value: 303d3c20a8c8466e9544d64a39131b60
.slickdeals.net/ Name: bblastactivity
Value: 1736464876
.slickdeals.net/ Name: sd_a
Value: 1736464876|6cc51720cee011efb0c99e39af21080a-6cc5181acee011efb0c99e39af21080a|0|
.slickdeals.net/ Name: sd_p
Value: nps_tracking=%7B%22last_reset%22%3A1736464876%7D&abt_new=1736464876&abt_uuid=e9828509ee6f46b582cedcda0915568d&sticky=132-263-130-34-54&count=1&new=1
.slickdeals.net/ Name: __cf_bm
Value: sA9iIoyitxrC2pM1HTzemx1qEHx4LFxsmDlNzwD9Rlw-1736464876-1.0.1.1-u6WaXs1osqPVfrqU0PDFMRspJy5d_6lmX25rhNm67F1tj6X0F9R1V5y.TFknLhAx4EiUiqFzC0GTLFqvE6eMPqC2CPdEGZ2xHMHGaOFUoFM
slickdeals.net/ Name: __cflb
Value: 02DiuGfrbiW9HoXZzLkxdrBxonU2GAkWjUb2RvQbVy9gG
.slickdeals.net/ Name: _hp2_id.4023737901
Value: %7B%22userId%22%3A%22707410951705683%22%2C%22pageviewId%22%3A%228588887020041884%22%2C%22sessionId%22%3A%22631185724485447%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.slickdeals.net/ Name: cf_clearance
Value: YJ5D2sZPg_Nuam_kWbt5NVS9PAV2Auz1sncFWfAKkP0-1736464876-1.2.1.1-sN1nCiMxYulzyDKyHH1XELXax2.knegVUuSzAYb4uwGzAgB2fxQHjuXzVCQyHWnSQkc.3peemHn0Zni0fPjloEMRf9oVi.wBMndb22D6LlEtFaJVbjNFVS9PzZ7FcEVbZlWD8cnY6CUwbb.SE6kqCAsr.LjEDRIrV28mITwrKx3M7da47EKyxmjFQuGgM8SsPcu.qeI8EndVTpzfwrj6ExkPnzb4cX9EMHwH4dBZOyE8GurGatyJZeGK0JvOXQWm6ZTv6VT7KFdUxLkHViWlCgxosFnBTE0bu8L73fZc0AWlLa5GwYrQ5vyN7wwT7699WBXxAixDJPXjNZIQQKzRjKBVRjc51b3K7k5SCIhCV1Srlws5TogBdJA_pfco0pq.
.slickdeals.net/ Name: _hp2_ses_props.4023737901
Value: %7B%22ts%22%3A1736464876741%2C%22d%22%3A%22slickdeals.net%22%2C%22h%22%3A%22%2Fclick%22%2C%22q%22%3A%22%3Fpno%3D1046418%26prop%3Ddiavail-false%257Cdincp-0%257Cdinpd-0%257Cdipgavail-false%26lno%3D1%26sdtid%3D18038391%26trd%3DVW%26sdtrk%3DSiteSearchV2Algo1%26afsrc%3D1%26peid%3Df26b3c78-5a63-481b-8394-5e10fc549f69%26adobeRef%3D322984d0a8f340a89d1a0149045828000003%26attr_track%3DThread%253AExpired%253AFalse%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options sameorigin