secure.redtag.ca Open in urlscan Pro
45.60.73.47  Public Scan

15 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

• https://x.bidswitch.net/sync?dsp_id=236&user_id=680377986581&expires=30&user_group=1 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=236&user_id=680377986581&expires=30&user_group=1 HTTP 302
• https://crb.kargo.com/api/v1/bswsync?bsw_uuid=03a410d2-c21e-4d13-94de-3916aa2c85a0&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

Request Chain 42

• https://pixel.advertising.com/ups/55950/sync?uid=680377986581&_origin=1 HTTP 302
• https://ups.analytics.yahoo.com/ups/55950/sync?uid=680377986581&_origin=1 HTTP 302
• https://ups.analytics.yahoo.com/ups/55950/sync?uid=680377986581&_origin=1&verify=true

Request Chain 43

• https://pixel.tapad.com/idsync/ex/receive?partner_id=3150&partner_device_id=680377986581&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D680377986581%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3150&partner_device_id=680377986581&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D680377986581%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=be1e7936-d147-43e8-936c-8e85399c9649%252Chttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D64%2526auid%253D680377986581%2526uid%253Dbe1e7936-d147-43e8-936c-8e85399c9649&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=be1e7936-d147-43e8-936c-8e85399c9649%252Chttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D64%2526auid%253D680377986581%2526uid%253Dbe1e7936-d147-43e8-936c-8e85399c9649&gdpr=0&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=dd6f2e05-8749-4a42-a7c0-0f68ea51aa58&ttd_puid=be1e7936-d147-43e8-936c-8e85399c9649%2Chttps%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D680377986581%26uid%3Dbe1e7936-d147-43e8-936c-8e85399c9649 HTTP 302
• https://ums.acuityplatform.com/sum?umid=64&auid=680377986581&uid=be1e7936-d147-43e8-936c-8e85399c9649

Request Chain 47

• https://cm.everesttech.net/cm/dd?d_uuid=54448549736509130324479164224432619518 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ys8TJQAAAF036gNz

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request hotel Show response secure.redtag.ca/res/vacations/search/	36 KB 9 KB	169ms 97ms	Document text/html	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash 8991fe28955ad9a49bec54971f05ad41c34782b7990e10a702f9a7efe3e201b6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 13 Jul 2022 18:47:00 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache x-cdn Imperva x-iinfo 14-23026958-23026964 NNYN CT(11 28 0) RT(1657738020405 20) q(0 0 0 0) r(1 1) U12
GET H2	200	Gaine-Be-come-sicke-to-me-euery-Sir-charge-becat Show response secure.redtag.ca/	149 KB 48 KB	93ms 92ms	Script text/javascript	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/Gaine-Be-come-sicke-to-me-euery-Sir-charge-becat Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software connector / Resource Hash 37ce92e2f02a0ef8ab583858bd4cc373dbc71c8731bbc081971943647ae5df9e Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:46:59 GMT content-encoding gzip server connector content-type text/javascript access-control-allow-origin * x-iinfo 14-23026958-23026986 NNNN CT(28 19 0) RT(1657738020405 143) q(0 0 0 -1) r(1 1) U2 cache-control private, max-age=60 server-timing bon, total;dur=7.798661 content-length 49021 x-cdn Imperva
GET H2	200	redtag-styles-back-end.css secure.redtag.ca/res/dist/css/	607 KB 93 KB	58ms 58ms	Stylesheet text/css	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/res/dist/css/redtag-styles-back-end.css?v=2021092202 Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 335a8682ed7ff1ce812161ae7995ec82ae9c43614fb32d466162d8f13062e407 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:00 GMT content-encoding gzip last-modified Wed, 08 Jun 2022 20:02:45 GMT x-cdn Imperva etag "97c4c-5e0f53051a850" content-type text/css x-iinfo 14-23026958-0 0CNN RT(1657738020405 144) q(0 -1 -1 -1) r(0 -1) cache-control max-age=62685, public content-length 94617 expires Thu, 14 Jul 2022 12:11:45 GMT
GET H/1.1	200 OK	logo-redtag-2021.svg redtag-ca.s3.amazonaws.com/img/branding/	5 KB 5 KB	140ms 40ms	Image image/svg+xml	52.216.107.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://redtag-ca.s3.amazonaws.com/img/branding/logo-redtag-2021.svg Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.107.188 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 686057fe1583f7969752a0a9eebfa70b30dcd71537af74b7cb85c9e4960f1971 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Wed, 13 Jul 2022 18:47:01 GMT Last-Modified Wed, 24 Mar 2021 17:30:30 GMT Server AmazonS3 x-amz-request-id JB9QGGCQ27H9T349 ETag "38d4e5eac4e13f63c161f7878f41573f" Content-Type image/svg+xml Accept-Ranges bytes Content-Length 5063 x-amz-id-2 rD1h9zXat8mGw2MYR7WwbNWyHWZMsc49m+Wshq1U2rNZ+O/j58wrIuobH7Zzh7jteMlEsZg2npI=
GET H/1.1	200 OK	airmiles-logo-blk-wht.png s3.amazonaws.com/redtag-ca/img/airmiles/	58 KB 58 KB	115ms 41ms	Image image/png	52.217.134.56 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.amazonaws.com/redtag-ca/img/airmiles/airmiles-logo-blk-wht.png Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.134.56 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash d4577fb1398879fa745d7c442c7de0c6516a66918b09166e47bb3ee5e5521ae0 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Wed, 13 Jul 2022 18:47:01 GMT Last-Modified Thu, 10 Jan 2019 20:11:33 GMT Server AmazonS3 x-amz-request-id JB9SMXZQAP79R0YA ETag "03f308d046e530f9a4b5ae6c346c011a" Content-Type image/png Accept-Ranges bytes Content-Length 59238 x-amz-id-2 kTCL5oAg8BW257CI5s0Z0kUZSRY3Qm5TesZ9eRmyPmv7VCEXCRXzBJPXDKMoU6nJ9oD1C7pBvmI=
GET H/1.1	200 OK	trip-assurance.svg redtag-ca.s3.amazonaws.com/img/marketing/	4 KB 4 KB	145ms 44ms	Image image/svg+xml	52.216.107.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://redtag-ca.s3.amazonaws.com/img/marketing/trip-assurance.svg Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.107.188 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash bdfe44492c7e0c8c8c605d9eaf05063855852d0f6f9e03299daf468d8a251c9e Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Wed, 13 Jul 2022 18:47:01 GMT Last-Modified Wed, 03 Jun 2020 01:59:03 GMT Server AmazonS3 x-amz-request-id JB9J1Q2K2706HCZT ETag "dd5736da5c9c536f3004515d07f2b5a3" Content-Type image/svg+xml Accept-Ranges bytes Content-Length 3668 x-amz-id-2 E99Qi7fpA2PKyJ63goFsqYr3A5hmOxEDYzDY1MGaWnMR4B3iqNQ1PtQOJohD8nxMcyOa/nt8JO4=
GET H/1.1	200 OK	trip-assurance-shield.svg redtag-ca.s3.amazonaws.com/img/marketing/	1 KB 2 KB	152ms 51ms	Image image/svg+xml	52.216.107.188 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://redtag-ca.s3.amazonaws.com/img/marketing/trip-assurance-shield.svg Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.107.188 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 5d93c999c73510def82fa1c325c76d9cb15ae4ca0b0aa6d9f2233431c4532d87 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Wed, 13 Jul 2022 18:47:01 GMT Last-Modified Wed, 03 Jun 2020 01:59:03 GMT Server AmazonS3 x-amz-request-id JB9TK2JMZAB43X6X ETag "aa07dfa1b99ed968b1a4a6c367205127" Content-Type image/svg+xml Accept-Ranges bytes Content-Length 1322 x-amz-id-2 BnvjQUoYgmUoJzzr/1730prieznrxABPbfT+kAXrbQ+pHaJh34ezuhynQNNTOyhaV4fIVX0Bsx0=
GET H2	200	launch-2722f9ec14da.min.js Show response assets.adobedtm.com/cf6231cb8197/bcd2616a1b87/	306 KB 85 KB	97ms 29ms	Script application/x-javascript	2600:141b:5000:5a6::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/cf6231cb8197/bcd2616a1b87/launch-2722f9ec14da.min.js Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:5000:5a6::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 6b400f4be721ac73351df1646cb5b5ef011f58c5a19b8b27c926a13088187b30 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:00 GMT content-encoding gzip last-modified Tue, 07 Jun 2022 09:12:59 GMT server AkamaiNetStorage etag "9942310e9323493b4753fe64c6a7ffbe:1654593179.163702" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://secure.redtag.ca cache-control max-age=3600 accept-ranges bytes timing-allow-origin * expires Wed, 13 Jul 2022 19:47:00 GMT
GET H2	200	vacations.js Show response secure.redtag.ca/res/dist/js/	168 KB 56 KB	31ms 30ms	Script application/javascript	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/res/dist/js/vacations.js?ver=2022061701 Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash b665aa9edf1dfb2e11fc234d54c8ffac510f6f1f2749f10b7f2402c3c202204d Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:00 GMT content-encoding gzip last-modified Fri, 17 Jun 2022 20:00:35 GMT x-cdn Imperva etag "2a399-5e1aa351c2b60" content-type application/javascript x-iinfo 14-23026958-0 0CNN RT(1657738020405 237) q(0 -1 -1 -1) r(0 -1) cache-control max-age=62473, public content-length 56778 expires Thu, 14 Jul 2022 12:08:13 GMT
GET H2	200	_Incapsula_Resource Show response secure.redtag.ca/	135 KB 19 KB	24ms 24ms	Script application/javascript	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=964595968 Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 900643adc11fe6391d7c0f9ab788afc44e97ccddbc11ae410cd38715876a711a Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-encoding gzip cache-control no-cache, no-store x-robots-tag noindex content-length 19700 content-type application/javascript
GET H2	200	gtm.js Show response www.googletagmanager.com/	186 KB 66 KB	94ms 48ms	Script application/javascript	2607:f8b0:4006:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-59W8LSP Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2008 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 838a1256228bcd066dfc98fe55f64d060f36193083637dd10edbeb02f5c55ffa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:00 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 67417 x-xss-protection 0 last-modified Wed, 13 Jul 2022 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 13 Jul 2022 18:47:00 GMT
GET H2	200	icon-defs.svg secure.redtag.ca/res/assets/global/img/icons/	153 KB 57 KB	35ms 34ms	Other image/svg+xml	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/res/assets/global/img/icons/icon-defs.svg Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 08724a855a6622a89497f26567e6fdf88ab771adce14478e6136538a0b303872 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:00 GMT content-encoding gzip last-modified Thu, 05 Aug 2021 18:30:54 GMT x-cdn Imperva etag "265d7-5c8d41e83db83" content-type image/svg+xml x-iinfo 14-23026958-0 0CNN RT(1657738020405 265) q(0 -1 -1 -1) r(0 -1) cache-control max-age=37730, public content-length 57670 expires Thu, 14 Jul 2022 05:15:50 GMT
GET H2	200	0.5e0a08626c682991171f.js Show response secure.redtag.ca/res/dist/js/	150 KB 47 KB	75ms 72ms	Script application/javascript	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/res/dist/js/0.5e0a08626c682991171f.js Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/dist/js/vacations.js?ver=2022061701 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash b039f9b9c8eeec14066134884c4ae82bd6354700622f616818d8a2b6962d60f6 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:00 GMT content-encoding gzip last-modified Fri, 17 Jun 2022 20:01:31 GMT x-cdn Imperva etag "25fac-5e1aa387d4d27" content-type application/javascript x-iinfo 14-23026958-0 0CNN RT(1657738020405 364) q(0 -1 -1 -1) r(1 -1) cache-control max-age=62488, public content-length 47581 expires Thu, 14 Jul 2022 12:08:28 GMT
GET H2	200	1.4aaa227254d038c9bacf.js Show response secure.redtag.ca/res/dist/js/	76 KB 17 KB	80ms 76ms	Script application/javascript	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/res/dist/js/1.4aaa227254d038c9bacf.js Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/dist/js/vacations.js?ver=2022061701 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 940dffa76e0e84210c3b904b238bbbe1568372c8125f03a2d765853a5d08f3bb Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:00 GMT content-encoding gzip last-modified Fri, 17 Jun 2022 20:02:12 GMT x-cdn Imperva etag "12e0a-5e1aa3aeb4ec4" content-type application/javascript x-iinfo 14-23026958-0 0CNN RT(1657738020405 376) q(0 -1 -1 -1) r(1 -1) cache-control max-age=62611, public content-length 17547 expires Thu, 14 Jul 2022 12:10:31 GMT
GET H2	200	2.4a6877a5c5eb3a85d8d1.js Show response secure.redtag.ca/res/dist/js/	16 KB 6 KB	82ms 79ms	Script application/javascript	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/res/dist/js/2.4a6877a5c5eb3a85d8d1.js Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/dist/js/vacations.js?ver=2022061701 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 5781b55d2445e789c1ab7bd3e838091867679276d785409a77bb0d34338454da Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:00 GMT content-encoding gzip last-modified Fri, 17 Jun 2022 20:02:20 GMT x-cdn Imperva etag "3fac-5e1aa3b67be7f" content-type application/javascript x-iinfo 14-23026958-0 0CNN RT(1657738020405 392) q(0 -1 -1 -1) r(1 -1) cache-control max-age=62610, public content-length 5615 expires Thu, 14 Jul 2022 12:10:30 GMT
GET H2	200	3.f4cb8cca515854178e20.js Show response secure.redtag.ca/res/dist/js/	315 KB 75 KB	84ms 82ms	Script application/javascript	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/res/dist/js/3.f4cb8cca515854178e20.js Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/dist/js/vacations.js?ver=2022061701 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 3b6c937b240eb1b4a5822ed034a5b825a0430bbe8c31f2086fd8283f9f7b7dd7 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:00 GMT content-encoding gzip last-modified Fri, 17 Jun 2022 20:02:22 GMT x-cdn Imperva etag "4ec62-5e1aa3b7a3131" content-type application/javascript x-iinfo 14-23026958-0 0CNN RT(1657738020405 398) q(0 -1 -1 -1) r(0 -1) cache-control max-age=62616, public content-length 76427 expires Thu, 14 Jul 2022 12:10:36 GMT
GET H2	200	15.3de5c2d5edc2dcfc3692.js Show response secure.redtag.ca/res/dist/js/	196 KB 48 KB	105ms 103ms	Script application/javascript	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/res/dist/js/15.3de5c2d5edc2dcfc3692.js Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/dist/js/vacations.js?ver=2022061701 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 2645b4f12829bcee75fe0ee84d5318dacd43466bb6cc6e6bf6a95b7e17224bb8 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:00 GMT content-encoding gzip last-modified Fri, 17 Jun 2022 20:00:30 GMT x-cdn Imperva etag "30f2e-5e1aa34ccde7c" content-type application/javascript x-iinfo 14-23026958-0 0CNN RT(1657738020405 402) q(0 -1 -1 -1) r(0 -1) cache-control max-age=63109, public content-length 49004 expires Thu, 14 Jul 2022 12:18:49 GMT
GET H2	200	_Incapsula_Resource secure.redtag.ca/	1 B 35 B	410ms 410ms	Image text/plain	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://secure.redtag.ca/_Incapsula_Resource?SWKMTFSR=1&e=0.8963717632178858 Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers cache-control no-cache, no-store x-robots-tag noindex content-length 1 content-type text/plain
GET H/1.1	200 OK	id Show response dpm.demdex.net/	374 B 1 KB	387ms 105ms	XHR application/json	35.164.255.147 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=52BC0C3A53DB25230A490D4D%40AdobeOrg&d_nsid=0&ts=1657738021079 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/cf6231cb8197/bcd2616a1b87/launch-2722f9ec14da.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.164.255.147 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-164-255-147.us-west-2.compute.amazonaws.com Software / Resource Hash 98b2c8982a960d705789c1dae13d5a32f1120aa1d0224b51b082130d51dce8e8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://secure.redtag.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-usw2-2-v033-0a37834b6.edge-usw2.demdex.com 15 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID 9J4EGPZzSyo= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://secure.redtag.ca Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 313 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	AppMeasurement.min.js Show response assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/	33 KB 12 KB	19ms 19ms	Script application/x-javascript	2600:141b:5000:5a6::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/cf6231cb8197/bcd2616a1b87/launch-2722f9ec14da.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:5000:5a6::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT content-encoding gzip last-modified Wed, 12 Aug 2020 22:09:52 GMT server AkamaiNetStorage etag "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://secure.redtag.ca cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 12184 expires Wed, 13 Jul 2022 19:47:01 GMT
GET H2	200	AppMeasurement_Module_ActivityMap.min.js Show response assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/	3 KB 2 KB	20ms 20ms	Script application/x-javascript	2600:141b:5000:5a6::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/cf6231cb8197/bcd2616a1b87/launch-2722f9ec14da.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:5000:5a6::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT content-encoding gzip last-modified Wed, 12 Aug 2020 22:09:52 GMT server AkamaiNetStorage etag "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://secure.redtag.ca cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 1594 expires Wed, 13 Jul 2022 19:47:01 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	197 KB 70 KB	49ms 48ms	Script application/javascript	2607:f8b0:4006:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-BKCNDSYS1X&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-59W8LSP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::2008 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b718b441c02a304cc42718145d943c3325a7373dd09bf712fd9ccf4d76dbcaad Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 71080 x-xss-protection 0 expires Wed, 13 Jul 2022 18:47:01 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	74ms 18ms	Script text/javascript	2607:f8b0:4006:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-59W8LSP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 6280 date Wed, 13 Jul 2022 17:02:21 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 13 Jul 2022 19:02:21 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	40 KB 15 KB	119ms 66ms	Script text/javascript	142.250.80.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-59W8LSP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f2.1e100.net Software cafe / Resource Hash f339bf56ad8afee196e4fc0b372309b0182860243c807c6577f3a3d64fcc1a4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15167 x-xss-protection 0 server cafe etag 11554697858837217958 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Wed, 13 Jul 2022 18:47:01 GMT
GET H/1.1	200	4538148610718304036 Show response acuityplatform.com/Adserver/pxli/ Frame 8B5B	781 B 2 KB	139ms 36ms	Document text/html	69.90.254.73 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://acuityplatform.com/Adserver/pxli/4538148610718304036 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-59W8LSP Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.90.254.73 Herndon, United States, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software / Resource Hash bafc0b2c4aaa349c1bcfdd41d22c85c32c387db1b170a783b7a74ac9be2dbf0b Request headers Referer https://secure.redtag.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control no-cache, no-store, max-age=0, must-revalidate Content-Type text/html Date Wed, 13 Jul 2022 18:47:00 GMT Expires Thu, 01 Dec 1994 16:00:00 GMT P3P CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" Pragma no-cache Transfer-Encoding chunked
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	70ms 19ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26001 x-xss-protection 0 pragma public x-fb-debug AFiP6mCZ2MoQEmBDB9cam8ljuE1ipXBZ8WQXXp021Z898CmnGAyF7wkq7iVm5spno4LiKq5tjX7aNVXpaCC/qA== x-fb-trip-id 1512268381 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Wed, 13 Jul 2022 18:47:01 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	zmoxe3d2.js Show response d81mfvml8p5ml.cloudfront.net/	13 KB 5 KB	86ms 22ms	Script application/javascript	2600:9000:21dd:5800:2:36a1:2f40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d81mfvml8p5ml.cloudfront.net/zmoxe3d2.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-59W8LSP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21dd:5800:2:36a1:2f40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7dd4b799e13581412f4ccbffbfeb03cbd9831b8885fbb262d5ca081a52fd9148 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:38:07 GMT content-encoding br last-modified Tue, 19 Apr 2022 11:08:22 GMT server AmazonS3 age 545 etag W/"6296f2d3177763eda91187bab64aab06" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 via 1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront) cache-control max-age=600 x-amz-cf-pop EWR53-C2 x-amz-cf-id 7tLnYCiozmcQkCsvCiWB2pkTjfc55oLenN-lfIG-8WxceQm6666xSg==
GET H2	200	container.js Show response cdn.auryc.com/862-redtagca/	36 KB 10 KB	50ms 12ms	Script application/javascript	34.120.103.20 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.auryc.com/862-redtagca/container.js Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.103.20 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 20.103.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash cd4caa43f34006caffba741e2ddbd4fcbcddf4692b781e00b877943bca5f34f9 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:33:59 GMT content-encoding gzip age 782 x-guploader-uploadid ADPycdsuEbsYz_GRQRGtkSd28jdVg5r_TlgPOPklIXET-bpGj4eOVBdndfGNNJyCKgcDzBvoBO94m1xhmhmSQW0_7lk3Eg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9838 last-modified Thu, 09 Jun 2022 19:53:03 GMT server UploadServer etag "e07a658041f0b1e39a1f2edb4ef8fe3e" vary Accept-Encoding x-goog-hash crc32c=7wjZHg==, md5=4HplgEHwseOaHy7bTvj+Pg== x-goog-generation 1654804383805839 cache-control public,max-age=3600 x-goog-stored-content-length 9838 accept-ranges bytes content-type application/javascript expires Wed, 13 Jul 2022 19:33:59 GMT
GET H2	200	optinly.js Show response cdn.optinly.net/v1/	25 KB 9 KB	134ms 33ms	Script binary/octet-stream	2600:9000:21ea:7200:c:3afb:f040:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.optinly.net/v1/optinly.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-59W8LSP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ea:7200:c:3afb:f040:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 40785fa0247d4870b5f62c56009b2694879e7f580d83f6c4e62d8b422d9473d6 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-amz-version-id pugxd9YM1NMGr0PBVv4XrTaq_w5KZaX5 content-encoding gzip last-modified Mon, 20 Jun 2022 08:10:02 GMT server AmazonS3 age 47834 etag "f43001cc299869548fa1ce148bc05f31" vary Accept-Encoding x-cache Hit from cloudfront content-type binary/octet-stream via 1.1 f91b1dd39ce8309d7fc575add365607e.cloudfront.net (CloudFront) date Wed, 13 Jul 2022 05:31:08 GMT x-amz-cf-pop EWR50-C1 accept-ranges bytes content-length 8851 x-amz-cf-id _kEvIcKfH4C_iTQhtf8IUOlO8QShzlv02ZNvwF3JvPVSpSsIiyrUtw==
GET H2	200	loader.js Show response static.olark.com/jsclient/	9 KB 3 KB	97ms 21ms	Script application/javascript	72.21.91.42 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://static.olark.com/jsclient/loader.js Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.21.91.42 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (nyb/1D2D) / Resource Hash afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT content-encoding gzip last-modified Tue, 21 Jun 2022 17:01:10 GMT server ECS (nyb/1D2D) age 6030 etag W/"62b1f956-2227" vary Accept-Encoding x-cache HIT content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=10800 accept-ranges bytes content-length 3120 via 1.1 google expires Wed, 13 Jul 2022 21:47:01 GMT
GET H2	200	vacations Show response secure.redtag.ca/res/vacations//engine/	75 KB 26 KB	405ms 403ms	XHR application/json	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/res/vacations//engine/vacations Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/dist/js/15.3de5c2d5edc2dcfc3692.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Apache / Resource Hash 860801a6836b20f2043e27ac5f1e1147c7a8f8891c45ee6bb5d54ddfe3f1ca83 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Wed, 13 Jul 2022 18:47:01 GMT content-encoding gzip server Apache content-type application/json x-iinfo 14-23026958-23026964 PNYN RT(1657738020405 882) q(0 1 1 -1) r(2 2) U2 cache-control no-store, no-cache, must-revalidate x-cdn Imperva expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	21.742c0ba0626285c6f774.js Show response secure.redtag.ca/res/dist/js/	2 KB 1 KB	322ms 321ms	Script application/javascript	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/res/dist/js/21.742c0ba0626285c6f774.js Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/dist/js/vacations.js?ver=2022061701 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash c9b9830ae8ce77220a5a527fccc5918dc35fb1ef8b3e43c4f3ec07275353a2e9 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT content-encoding gzip last-modified Fri, 17 Jun 2022 20:02:20 GMT x-cdn Imperva etag "906-5e1aa3b691640" content-type application/javascript x-iinfo 14-23026958-0 0CNN RT(1657738020405 932) q(0 -1 -1 -1) r(0 -1) cache-control max-age=64838, public content-length 1025 expires Thu, 14 Jul 2022 12:47:39 GMT
GET H2	200	24.9fce69cb68370ff625dd.js Show response secure.redtag.ca/res/dist/js/	667 B 631 B	326ms 326ms	Script application/javascript	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/res/dist/js/24.9fce69cb68370ff625dd.js Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/dist/js/vacations.js?ver=2022061701 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash d7d73e7abb8ed314f240e04f89d588ea2f4aba7b4b6ecba3ce2bf9e1fd317ab3 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT content-encoding gzip last-modified Fri, 17 Jun 2022 20:00:33 GMT x-cdn Imperva etag "29b-5e1aa3502e2af" content-type application/javascript x-iinfo 14-23026958-0 0CNN RT(1657738020405 950) q(0 -1 -1 -1) r(0 -1) cache-control max-age=63113, public content-length 414 expires Thu, 14 Jul 2022 12:18:54 GMT
GET H3	200	1423052371291939 Show response connect.facebook.net/signals/config/	292 KB 84 KB	57ms 19ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1423052371291939?v=2.9.65&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 10a9b3c639bebb242f3a4d32f01aa8188ad82abad54baa9bb45dee7dae3250a9 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 85612 x-xss-protection 0 pragma public x-fb-debug HlhaMMldG2I33AllmYH2ecukYMyLof1k6Oq2j68mXutPnenY5D3AgAI5lVH9uu47LYLsMuRwE9kQJ49fyKuNLw== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Wed, 13 Jul 2022 18:47:01 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	releasesettings Show response client-api.auryc.com/	2 B 154 B	54ms 54ms	XHR application/json	34.67.250.180 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://client-api.auryc.com/releasesettings?lib=Web Requested by Host: cdn.auryc.com URL: https://cdn.auryc.com/862-redtagca/container.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 180.250.67.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers x-authorized-identity 862-redtagca Referer https://secure.redtag.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 x-authorized-token 4ffe693a7b6713dd0dda6232e73eeed0 Response headers pragma no-cache date Wed, 13 Jul 2022 18:47:01 GMT content-encoding gzip x-content-type-options nosniff server istio-envoy x-frame-options DENY content-type application/json access-control-allow-origin https://secure.redtag.ca cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 5 vary accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding content-length 28 x-xss-protection 1; mode=block expires 0
OPTIONS H2	200	releasesettings client-api.auryc.com/ Frame	0 0	155ms 42ms	Preflight	34.67.250.180 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://client-api.auryc.com/releasesettings?lib=Web Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 180.250.67.34.bc.googleusercontent.com Software istio-envoy / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers x-authorized-identity,x-authorized-token Access-Control-Request-Method GET Origin https://secure.redtag.ca Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers x-authorized-identity, x-authorized-token access-control-allow-methods OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH access-control-allow-origin https://secure.redtag.ca cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0 date Wed, 13 Jul 2022 18:47:01 GMT expires 0 pragma no-cache server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-content-type-options nosniff x-envoy-upstream-service-time 1 x-frame-options DENY x-xss-protection 1; mode=block
GET BLOB	200 OK	dda73774-851a-46d5-85c0-e5726facbd63 Show response https://secure.redtag.ca/ Frame 1FF0	147 B 0		Document text/html
General Check archive.org Show headers Download Go to Full URL blob:https://secure.redtag.ca/dda73774-851a-46d5-85c0-e5726facbd63 Requested by Host: static.olark.com URL: https://static.olark.com/jsclient/loader.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash ef75b33904d93af24fa40e39bfc332becf6145911fb0715a252445b5e2bcb79e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Content-Length 147 Content-Type text/html
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	70ms 31ms	XHR text/plain	2607:f8b0:4006:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1477593774&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&ul=en-us&de=UTF-8&dt=Redtag%20Booking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1803931321&gjid=1910671748&cid=1701559048.1657738021&tid=UA-227765-1&_gid=1779616253.1657738021&_r=1&gtm=2wg7b059W8LSP&z=122914960 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://secure.redtag.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 13 Jul 2022 18:47:01 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://secure.redtag.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response dn1i8v75r669j.cloudfront.net/v/	47 B 324 B	72ms 20ms	Script application/json	2600:9000:210b:3800:7:5031:dc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dn1i8v75r669j.cloudfront.net/v/?w=zmoxe3d2 Requested by Host: d81mfvml8p5ml.cloudfront.net URL: https://d81mfvml8p5ml.cloudfront.net/zmoxe3d2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:3800:7:5031:dc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 91fe3ff860a0697cc1bd44f0fea8d07b2cbebc724ebe8f328cec474709695e9f Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:42:58 GMT via 1.1 8726e9cde2774d888ce72f8ebf7f8d30.cloudfront.net (CloudFront) age 243 x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=300 x-amz-cf-pop EWR53-C3 x-amz-cf-id zHny244jO87TtVR3OgIwQbbdEzRSOOqe9pc-5P5Hpg3gnZr4TzGO3w==
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/1069919061/	2 KB 2 KB	85ms 38ms	Script text/javascript	2607:f8b0:4006:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069919061/?random=1657738021349&cv=9&fst=1657738021349&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7b0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&tiba=Redtag%20Booking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash caf6bfad228cc9de71269cb5894786857775f4d2cd0c3f77a25a190abc28652b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Wed, 13 Jul 2022 18:47:01 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1072 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	32ms 32ms	Ping text/plain	2607:f8b0:4006:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-BKCNDSYS1X&gtm=2oe7b0&_p=1477593774&_z=ccd.v9B&cid=1701559048.1657738021&ul=en-us&sr=1600x1200&_s=1&sid=1657738021&sct=1&seg=0&dl=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&dt=Redtag%20Booking&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-BKCNDSYS1X&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Wed, 13 Jul 2022 18:47:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://secure.redtag.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	sync cs.admanmedia.com/ Frame 8B5B	42 B 326 B	64ms 19ms	Image image/gif	88.214.206.142 NATCOWEB
General Check archive.org Show headers Download Go to Show image Full URL https://cs.admanmedia.com/sync?dsp=acuity&dsp_id=680377986581&to=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D134%26auid%3D680377986581%26uid%3D%5BADM%5D Requested by Host: acuityplatform.com URL: https://acuityplatform.com/Adserver/pxli/4538148610718304036 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.214.206.142 , United Kingdom, ASN46636 (NATCOWEB, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Frame-Options DENY Request headers accept-language en-CA,en;q=0.9 Referer https://acuityplatform.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Wed, 13 Jul 2022 18:47:01 GMT Transfer-Encoding chunked Server nginx Connection keep-alive X-Frame-Options DENY Strict-Transport-Security max-age=63072000; includeSubdomains; preload Content-Type image/gif
GET H/1.1	200 OK	bswsync crb.kargo.com/api/v1/ Frame 8B5B Redirect Chain https://x.bidswitch.net/sync?dsp_id=236&user_id=680377986581&expires=30&user_group=1 https://x.bidswitch.net/ul_cb/sync?dsp_id=236&user_id=680377986581&expires=30&user_group=1 https://crb.kargo.com/api/v1/bswsync?bsw_uuid=03a410d2-c21e-4d13-94de-3916aa2c85a0&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=	43 B 504 B	167ms 73ms	Image image/gif	18.210.133.247 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://crb.kargo.com/api/v1/bswsync?bsw_uuid=03a410d2-c21e-4d13-94de-3916aa2c85a0&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy= Requested by Host: acuityplatform.com URL: https://acuityplatform.com/Adserver/pxli/4538148610718304036 Protocol HTTP/1.1 Server 18.210.133.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-210-133-247.compute-1.amazonaws.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers accept-language en-CA,en;q=0.9 Referer https://acuityplatform.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Pragma no-cache Date Wed, 13 Jul 2022 18:47:01 GMT Vary Origin Content-Type image/gif Cache-Control no-cache, no-store, must-revalidate, private, max-age=0 Connection keep-alive Content-Length 43 X-Accel-Expires 0 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location //crb.kargo.com/api/v1/bswsync?bsw_uuid=03a410d2-c21e-4d13-94de-3916aa2c85a0&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy= Date Wed, 13 Jul 2022 18:47:01 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H2	204	sync ups.analytics.yahoo.com/ups/55950/ Frame 8B5B Redirect Chain https://pixel.advertising.com/ups/55950/sync?uid=680377986581&_origin=1 https://ups.analytics.yahoo.com/ups/55950/sync?uid=680377986581&_origin=1 https://ups.analytics.yahoo.com/ups/55950/sync?uid=680377986581&_origin=1&verify=true	0 121 B	44ms 44ms	Image text/plain	54.175.87.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55950/sync?uid=680377986581&_origin=1&verify=true Requested by Host: acuityplatform.com URL: https://acuityplatform.com/Adserver/pxli/4538148610718304036 Protocol H2 Server 54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-175-87-114.compute-1.amazonaws.com Software ATS/9.1.0.46 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://acuityplatform.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT server ATS/9.1.0.46 age 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/55950/sync?uid=680377986581&_origin=1&verify=true date Wed, 13 Jul 2022 18:47:01 GMT server ATS/9.1.0.46 age 0 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	204 No Content	sum ums.acuityplatform.com/ Frame 8B5B Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=3150&partner_device_id=680377986581&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D680377986581%26uid%3D%24%7BTA_DE... https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3150&partner_device_id=680377986581&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D680377986581%26uid%3D%24%7... https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=be1e7936-d147-43e8-936c-8e85399c9649%252Chttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D64%2526auid%253D... https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=be1e7936-d147-43e8-936c-8e85399c9649%252Chttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D64%2526auid%253D... https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=dd6f2e05-8749-4a42-a7c0-0f68ea51aa58&ttd_puid=be1e7936-d147-43e8-936c-8e85399c9649%2Chttps%3A%2F%2Fums.acuityplatform.com... https://ums.acuityplatform.com/sum?umid=64&auid=680377986581&uid=be1e7936-d147-43e8-936c-8e85399c9649	0 782 B	84ms 26ms	Image text/plain	69.90.254.78 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://ums.acuityplatform.com/sum?umid=64&auid=680377986581&uid=be1e7936-d147-43e8-936c-8e85399c9649 Requested by Host: acuityplatform.com URL: https://acuityplatform.com/Adserver/pxli/4538148610718304036 Protocol HTTP/1.1 Server 69.90.254.78 Herndon, United States, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://acuityplatform.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Acuity-UserID X-Acuity-UserID 680377986581 Redirect headers location https://ums.acuityplatform.com/sum?umid=64&auid=680377986581&uid=be1e7936-d147-43e8-936c-8e85399c9649 date Wed, 13 Jul 2022 18:47:01 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.3/	94 KB 33 KB	71ms 21ms	Script text/javascript	2607:f8b0:4006:817::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js Requested by Host: cdn.optinly.net URL: https://cdn.optinly.net/v1/optinly.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200a New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 12 Jul 2022 18:43:04 GMT content-encoding gzip x-content-type-options nosniff age 86637 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33507 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Jul 2023 18:43:04 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 442 B	87ms 34ms	XHR text/plain	2607:f8b0:4004:c09::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-227765-1&cid=1701559048.1657738021&jid=1803931321&gjid=1910671748&_gid=1779616253.1657738021&_u=YEBAAEAAAAAAAC~&z=110643258 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://secure.redtag.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 13 Jul 2022 18:47:01 GMT content-type text/plain access-control-allow-origin https://secure.redtag.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dest5.html Show response redtagvacations.demdex.net/ Frame 12AA	7 KB 3 KB	417ms 101ms	Document text/html	54.148.62.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://redtagvacations.demdex.net/dest5.html?d_nsid=0 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/cf6231cb8197/bcd2616a1b87/launch-2722f9ec14da.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.62.93 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-148-62-93.us-west-2.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://secure.redtag.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 2791 Content-Type text/html;charset=UTF-8 DCS dcs-prod-usw2-1-v033-0d6ce0964.edge-usw2.demdex.com 0 ms Expires Thu, 01 Jan 1970 00:00:00 UTC P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID bPRnqO24Qgs= content-encoding gzip date Wed, 13 Jul 2022 18:47:01 GMT last-modified Thu, 30 Jun 2022 15:20:59 GMT vary accept-encoding
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=Ys8TJQAAAF036gNz dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=54448549736509130324479164224432619518 https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ys8TJQAAAF036gNz	42 B 942 B	93ms 92ms	Image image/gif	35.164.255.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ys8TJQAAAF036gNz Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol HTTP/1.1 Server 35.164.255.147 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-164-255-147.us-west-2.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers DCS dcs-prod-usw2-1-v033-050ea9eec.edge-usw2.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID klfAi5W/Qww= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ys8TJQAAAF036gNz Date Wed, 13 Jul 2022 18:47:01 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H2	200	json Show response redtag.tt.omtrdc.net/m2/redtag/mbox/	96 B 398 B	139ms 29ms	XHR application/json	3.233.199.123 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://redtag.tt.omtrdc.net/m2/redtag/mbox/json?mbox=target-global-mbox&mboxSession=293b0b19d1c14555a3b05a26032c40c1&mboxPC=&mboxPage=353a65725c3a43cbb5b7000b20b56278&mboxRid=d6ac51d2b6bb4f45839eeab836459593&mboxVersion=1.8.2&mboxCount=1&mboxTime=1657738021116&mboxHost=secure.redtag.ca&mboxURL=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&mboxMCSDID=19253FDBB05BA989-7052B92D5CCB8459&mboxMCGVID=54477096540890857634477446576305392565&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=9 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/cf6231cb8197/bcd2616a1b87/launch-2722f9ec14da.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.233.199.123 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-233-199-123.compute-1.amazonaws.com Software / Resource Hash 1584a58b206cb1eb001567a2d99f16296ea8a2f8b90c24b10b8ce2f05ad7b86a Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Wed, 13 Jul 2022 18:47:01 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://secure.redtag.ca cache-control no-cache access-control-allow-credentials true timing-allow-origin * content-length 96 x-request-id d6ac51d2b6bb4f45839eeab836459593
POST H2	200	Gaine-Be-come-sicke-to-me-euery-Sir-charge-becat Show response secure.redtag.ca/	625 B 769 B	116ms 113ms	Fetch application/json	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/Gaine-Be-come-sicke-to-me-euery-Sir-charge-becat?d=secure.redtag.ca Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/Gaine-Be-come-sicke-to-me-euery-Sir-charge-becat Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software connector / Resource Hash a9053283dc8a6cbbc46732aad1c7c367fca7b44fc23b64fb0bf9dc4c5f71a639 Request headers Accept application/json; charset=utf-8 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain; charset=utf-8 Response headers date Wed, 13 Jul 2022 18:47:01 GMT content-encoding gzip server connector content-type application/json access-control-allow-origin * x-iinfo 14-23026958-23026986 PNYN RT(1657738020405 1037) q(0 0 0 -1) r(0 0) U6 cache-control no-cache, no-store server-timing bon, total;dur=28.670143 x-cdn Imperva
GET H3	200	auryc.lib.js Show response cdn.auryc.com/libs/latest/	654 KB 174 KB	45ms 13ms	Script application/javascript	34.120.103.20 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.auryc.com/libs/latest/auryc.lib.js Requested by Host: cdn.auryc.com URL: https://cdn.auryc.com/862-redtagca/container.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.103.20 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 20.103.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash 39ef35d62f296cad8202b699f273e020db3ce7d5227e59cf21d9d67942726877 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:33:06 GMT content-encoding gzip age 835 x-guploader-uploadid ADPycdtFgbd4JJ9e3pBJVNPMcI4GfSvZfx7rHsMRE39yXg-qWz814OoVHxslfWMesh1p9rK5f-KklHgyauzEzflqm0E8dg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 178380 last-modified Tue, 12 Jul 2022 22:59:17 GMT server UploadServer etag "5693148e56eed32212790f3f4bc7ef0c" x-goog-hash crc32c=2UvfMw==, md5=VpMUjlbu0yISeQ8/S8fvDA== x-goog-generation 1657666757193335 cache-control public, max-age=3600,no-transform x-goog-stored-content-length 178380 accept-ranges bytes content-type application/javascript expires Wed, 13 Jul 2022 19:33:06 GMT
GET H3	200	1631044430362864 Show response connect.facebook.net/signals/config/	291 KB 84 KB	19ms 18ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1631044430362864?v=2.9.65&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5b6164386956e871a36c40f1038631f2ac2eee3c889cdb62de37e7c73876569c Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 85575 x-xss-protection 0 pragma public x-fb-debug EzEh3dpBzSYBjORjQkU1UnngxZSrG1dwG3TCm3qi/8LMVWACd4ihJT4+0m61lZIifUtGZRlgosSjH7qzGZgVkA== x-frame-options DENY date Wed, 13 Jul 2022 18:47:01 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 409 B	66ms 18ms	Image image/gif	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1423052371291939&ev=PageView&dl=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&rl=&if=false&ts=1657738021563&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1657738021562.1022893938&it=1657738021289&coo=false&exp=u0&rqm=GET Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Wed, 13 Jul 2022 18:47:01 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/1069919061/	42 B 548 B	92ms 38ms	Image image/gif	2607:f8b0:4006:822::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/1069919061/?random=1657738021349&cv=9&fst=1657735200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7b0&sendb=1&frm=0&url=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&tiba=Redtag%20Booking&async=1&fmt=3&is_vtc=1&random=2348487474&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Wed, 13 Jul 2022 18:47:01 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.ca/pagead/1p-user-list/1069919061/	42 B 548 B	96ms 38ms	Image image/gif	2607:f8b0:4006:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/pagead/1p-user-list/1069919061/?random=1657738021349&cv=9&fst=1657735200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7b0&sendb=1&frm=0&url=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&tiba=Redtag%20Booking&async=1&fmt=3&is_vtc=1&random=2348487474&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Wed, 13 Jul 2022 18:47:01 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	zmoxe3d2_1650366501625.js Show response dkpklk99llpj0.cloudfront.net/	55 KB 18 KB	96ms 18ms	Script application/javascript	2600:9000:21da:a400:e:98bf:5f00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dkpklk99llpj0.cloudfront.net/zmoxe3d2_1650366501625.js Requested by Host: d81mfvml8p5ml.cloudfront.net URL: https://d81mfvml8p5ml.cloudfront.net/zmoxe3d2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21da:a400:e:98bf:5f00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e8d0f9e468242347eec98152687542d27e70109a3b46d8db0bd0b97cb52721c4 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 24 May 2022 06:24:09 GMT content-encoding gzip last-modified Tue, 19 Apr 2022 11:08:30 GMT server AmazonS3 age 4364573 etag W/"6e2a99dd905d7fb3b4bd4395fa621956" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 via 1.1 151ae48d84442f69dffa181fc68bc1da.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop EWR53-C1 x-amz-cf-id ICnbVOGHUKLameZbZn9Rsdo-0wbtjs3EDYnSdx97y0-yjm59WxQwiQ==
GET H2	200	4.918582071a8fbaa7616e.js Show response secure.redtag.ca/res/dist/js/	13 KB 5 KB	97ms 85ms	Script application/javascript	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/res/dist/js/4.918582071a8fbaa7616e.js Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/dist/js/vacations.js?ver=2022061701 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 8dfb594cf65304d8e15838c2f20031fa63bb4c3e4f93dc151eb0591d60f13c8c Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT content-encoding gzip last-modified Fri, 17 Jun 2022 20:01:39 GMT x-cdn Imperva etag "33f3-5e1aa38f144bf" content-type application/javascript x-iinfo 14-23026958-0 0CNN RT(1657738020405 1066) q(0 -1 -1 -1) r(0 -1) cache-control max-age=62901, public content-length 4659 expires Thu, 14 Jul 2022 12:15:22 GMT
GET H2	200	22.5f7f0c626b6f41843b76.js Show response secure.redtag.ca/res/dist/js/	44 KB 9 KB	99ms 87ms	Script application/javascript	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/res/dist/js/22.5f7f0c626b6f41843b76.js Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/dist/js/vacations.js?ver=2022061701 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash d0b6c17d5531fc5f81268d527f0f2746034c402f2a1d3c3537f47133d718624f Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT content-encoding gzip last-modified Fri, 17 Jun 2022 20:01:39 GMT x-cdn Imperva etag "b1f0-5e1aa38edb2ae" content-type application/javascript x-iinfo 14-23026958-0 0CNN RT(1657738020405 1068) q(0 -1 -1 -1) r(0 -1) cache-control max-age=62901, public content-length 8592 expires Thu, 14 Jul 2022 12:15:22 GMT
GET H2	200	23.07e7c76634f931ae7453.js Show response secure.redtag.ca/res/dist/js/	9 KB 3 KB	97ms 85ms	Script application/javascript	45.60.73.47 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://secure.redtag.ca/res/dist/js/23.07e7c76634f931ae7453.js Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/dist/js/vacations.js?ver=2022061701 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.73.47 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 2a7d587b2f8756a09cb6db770f643e6199590045646c6cd4bc8fb6fa4f797a27 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT content-encoding gzip last-modified Fri, 17 Jun 2022 20:01:05 GMT x-cdn Imperva etag "2441-5e1aa36eebf6b" content-type application/javascript x-iinfo 14-23026958-0 0CNN RT(1657738020405 1076) q(0 -1 -1 -1) r(0 -1) cache-control max-age=63144, public content-length 3203 expires Thu, 14 Jul 2022 12:19:25 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	66ms 39ms	Image image/gif	2607:f8b0:4006:822::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-227765-1&cid=1701559048.1657738021&jid=1803931321&_u=YEBAAEAAAAAAAC~&z=2030593308 Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2004 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Wed, 13 Jul 2022 18:47:01 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 107 B	77ms 46ms	Image image/gif	2607:f8b0:4006:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-227765-1&cid=1701559048.1657738021&jid=1803931321&_u=YEBAAEAAAAAAAC~&z=2030593308 Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Wed, 13 Jul 2022 18:47:01 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	styles.css cdn.optinly.net/v1/	8 KB 2 KB	19ms 18ms	Stylesheet text/css	2600:9000:21ea:7200:c:3afb:f040:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.optinly.net/v1/styles.css Requested by Host: cdn.optinly.net URL: https://cdn.optinly.net/v1/optinly.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ea:7200:c:3afb:f040:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7bcf9b0cbc37399f629768693207f34c3ea661e7cbf1a7de7d0b387dfbc7431c Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-amz-version-id mvGo7RTW0fpSaFjDFyTysjmkgI6OXBGw content-encoding gzip etag "7d6414535175bde00f6c3b8bf929dc88" age 112982 x-cache Hit from cloudfront content-length 1434 last-modified Wed, 01 Jun 2022 06:18:14 GMT server AmazonS3 date Tue, 12 Jul 2022 11:23:59 GMT vary Accept-Encoding content-type text/css via 1.1 f91b1dd39ce8309d7fc575add365607e.cloudfront.net (CloudFront) cache-control max-age=604800 x-amz-cf-pop EWR50-C1 accept-ranges bytes x-amz-cf-id ydkGolNhrjOSsywLNvpRSsiSNKp-Gkg_rG1PVVXWIwDjLN7j_iRZkg==
GET H2	200	settings.json Show response static.optinly.net/sites/1447dcd3-8ed0-479f-a9c2-c5a876a6c7bc/	2 B 779 B	116ms 72ms	XHR application/octet-stream	2606:4700:3030::6815:1380 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.optinly.net/sites/1447dcd3-8ed0-479f-a9c2-c5a876a6c7bc/settings.json?_=1657738021603 Requested by Host: cdn.optinly.net URL: https://cdn.optinly.net/v1/optinly.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1380 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT access-control-allow-methods GET cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id Y3AKMG0TC3D55QRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2 x-amz-id-2 qK3DBDa+gzbZ+sSnstpqEAJc7IS90ubRsYwV8UcJSU2Jw/PsQZr/8wlDIGHG2p1712vwsAgDRfs= last-modified Tue, 19 Apr 2022 11:26:43 GMT server cloudflare etag "d751713988987e9331980363e24189ce" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1OtOnhMZRU0Ok0csLfFdaLiwZjcIjfCKlKkPQ4pU8P5ukWD5%2BpYKR2Me6pqOSRDXeihdSvW1h2Stex32Q311a6io9XWgxGDcI%2FwqNPQEhcIvxuGfN5XKYLITIYvnEQmcwO9uHRIKtOiQEAd3duupJQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=UTF-8 access-control-allow-origin * cf-ray 72a42f4b5ed87151-YUL
GET H2	200	trace Show response www.cloudflare.com/cdn-cgi/	286 B 433 B	77ms 20ms	XHR text/plain	2606:4700::6810:7b60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.cloudflare.com/cdn-cgi/trace Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7b60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9abc424783703dc84f2a95588e798484b950871dcf3259505004647b5079af4d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept */* Referer https://secure.redtag.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY content-type text/plain access-control-allow-origin * cache-control no-cache cf-ray 72a42f4b6b16ca5f-YUL expires Thu, 01 Jan 1970 00:00:01 GMT
GET H3	200	884369102301899 Show response connect.facebook.net/signals/config/	292 KB 84 KB	21ms 20ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/884369102301899?v=2.9.65&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 70921bc80c9fbefbe7284b48f39272d762bab7660a7a5e983fd9807ddc5bac29 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 85627 x-xss-protection 0 pragma public x-fb-debug I2p/sJ3TdktT852mVaOSPhPZBQ1HAyhuPt4UkeYy929o5iUHVdPnOZrVbrrJv3Aq+X8RhwVKvEgEsz660WYVVQ== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Wed, 13 Jul 2022 18:47:01 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 214 B	22ms 16ms	Image image/gif	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1631044430362864&ev=PageView&dl=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&rl=&if=false&ts=1657738021613&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1657738021562.1022893938&it=1657738021289&coo=false&exp=u0&rqm=GET Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Wed, 13 Jul 2022 18:47:01 GMT
GET H2	200	siteconfig Show response client-api.auryc.com/	14 KB 3 KB	44ms 44ms	XHR application/json	34.67.250.180 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://client-api.auryc.com/siteconfig?lib=web Requested by Host: cdn.auryc.com URL: https://cdn.auryc.com/libs/latest/auryc.lib.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 180.250.67.34.bc.googleusercontent.com Software istio-envoy / Resource Hash 41393886f9ebde28ec7ebeedfcbf7c2af7310960bd9c12e276786dcbe8a85ea1 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers x-authorized-identity 862-redtagca Referer https://secure.redtag.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 x-authorized-token 4ffe693a7b6713dd0dda6232e73eeed0 Content-Type application/json Response headers pragma no-cache date Wed, 13 Jul 2022 18:47:01 GMT content-encoding gzip x-content-type-options nosniff server istio-envoy x-frame-options DENY content-type application/json access-control-allow-origin https://secure.redtag.ca cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 2 vary accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding content-length 2798 x-xss-protection 1; mode=block expires 0
OPTIONS H2	200	siteconfig client-api.auryc.com/ Frame	0 0	56ms 54ms	Preflight	34.67.250.180 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://client-api.auryc.com/siteconfig?lib=web Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.67.250.180 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 180.250.67.34.bc.googleusercontent.com Software istio-envoy / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type,x-authorized-identity,x-authorized-token Access-Control-Request-Method GET Origin https://secure.redtag.ca Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type, x-authorized-identity, x-authorized-token access-control-allow-methods OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH access-control-allow-origin https://secure.redtag.ca cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0 date Wed, 13 Jul 2022 18:47:01 GMT expires 0 pragma no-cache server istio-envoy vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers x-content-type-options nosniff x-envoy-upstream-service-time 1 x-frame-options DENY x-xss-protection 1; mode=block
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	39ms 19ms	Image image/gif	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=884369102301899&ev=PageView&dl=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&rl=&if=false&ts=1657738021732&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1657738021562.1022893938&it=1657738021289&coo=false&exp=u0&rqm=GET Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Wed, 13 Jul 2022 18:47:01 GMT
GET BLOB	200 OK	eb22b14c-2295-44bf-a5ff-9a73e4ea0825 https://secure.redtag.ca/	67 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://secure.redtag.ca/eb22b14c-2295-44bf-a5ff-9a73e4ea0825 Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash af2090527babea2e20eba22eaae877ed8725189e5cb319807042e7f65c56f354 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Length 67 Content-Type application/javascript
GET H2	200	s46251440244561 rtvnewprod.112.2o7.net/b/ss/rtvnewprod/1/JS-2.22.0-LCS4/	43 B 394 B	122ms 26ms	Image image/gif	63.140.38.201 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://rtvnewprod.112.2o7.net/b/ss/rtvnewprod/1/JS-2.22.0-LCS4/s46251440244561?AQB=1&ndh=1&pf=1&t=13%2F6%2F2022%2018%3A47%3A1%203%200&sdid=19253FDBB05BA989-7052B92D5CCB8459&mid=54477096540890857634477446576305392565&aamlh=9&ce=UTF-8&pageName=redtag%3Ares%3Avacations%3Asearch%3Ahotel&g=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&c.&getVisitNum=4.2&endOfDatePeriod=1.2&getPreviousValue=3.0&getAndPersistValue=3.0&getValOnce=3.0&getNewRepeat=3.0&.c&cc=CAD&ch=vacations&server=secure.redtag.ca&events=prodView%2Cevent8%2Cevent33&products=vacations%3B%3B%3B%3B%3BeVar4%3D%7CeVar23%3DNo%20Trip%20Advisor&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&v1=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&c2=D%3Dv25&c3=product%20details&v3=product%20details&c6=First%20Visit&v7=New&v8=1&v9=1%3A47PM%7C1%3A30PM%7CWednesday%7CWeekday&c14=desktop&v18=First%20Visit&v25=54477096540890857634477446576305392565&v26=desktop&v56=redtag%3Ares%3Avacations%3Asearch%3Ahotel&v57=redtag%3Ares%3Avacations%3Asearch%3Ahotel&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=52BC0C3A53DB25230A490D4D%40AdobeOrg&AQE=1 Requested by Host: secure.redtag.ca URL: https://secure.redtag.ca/res/vacations/search/hotel?sid=adbc74d65884ddaaa383040f0ae72ae5&hotel_id=1596 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.38.201 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:01 GMT x-content-type-options nosniff x-c main-1661.I2f39db.M0-585 p3p CP="This is not a P3P policy" content-length 43 x-xss-protection 1; mode=block pragma no-cache last-modified Thu, 14 Jul 2022 18:47:01 GMT server jag xserver anedge-6b6dcbbdc8-997qj etag 3559965293153615872-4619555019053390341 vary * content-type image/gif;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, no-transform, private expires Tue, 12 Jul 2022 18:47:01 GMT
GET H2	200	/ Show response c6.dycdn.net/zmoxe3d2/campaigns/	249 B 555 B	174ms 114ms	XHR application/json	2600:9000:21ea:b200:16:f02f:46c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c6.dycdn.net/zmoxe3d2/campaigns/?k=rr3mroi&d=05b37yf04x&url=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&sbr=redtag&curr=CAD&lang=en Requested by Host: cdn.auryc.com URL: https://cdn.auryc.com/libs/latest/auryc.lib.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ea:b200:16:f02f:46c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 5ffe1da4c07c1861ea923ec1969ee2ad9e265358444d77d5c53ab0d7919c8742 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:02 GMT via 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront) x-amz-cf-pop EWR50-C1 x-cache Miss from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, must-revalidate content-length 249 x-amz-cf-id 7V7SctATh-WtKSbJ5W5DkUceMtzNXh-MRX28gtDyxxxzUy7xtq5XSw==
GET H2	200	get Show response am.freshrelevance.com/	1 B 97 B	321ms 106ms	XHR text/plain	52.19.22.1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://am.freshrelevance.com/get?data=%7B%22type%22%3A%22heartbeat%22%2C%22data%22%3A%7B%22c%22%3A%2205b37yf04x%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36%22%2C%22w%22%3A%22zmoxe3d2%22%7D%7D Requested by Host: cdn.auryc.com URL: https://cdn.auryc.com/libs/latest/auryc.lib.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.19.22.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-19-22-1.eu-west-1.compute.amazonaws.com Software / Resource Hash 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers access-control-allow-origin * date Wed, 13 Jul 2022 18:47:02 GMT content-type text/plain; charset=utf-8
GET H2	200	/ Show response dn1i8v75r669j.cloudfront.net/e/	548 B 833 B	55ms 18ms	XHR application/json	2600:9000:210b:3800:7:5031:dc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dn1i8v75r669j.cloudfront.net/e/?w=zmoxe3d2&id=62751c328c01312fd9f6d319 Requested by Host: cdn.auryc.com URL: https://cdn.auryc.com/libs/latest/auryc.lib.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:3800:7:5031:dc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 9ea9697e7334923feaeb925c705753386366a0268a2feaf728c0c0781dc9bda5 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 06 May 2022 13:09:02 GMT via 1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront) age 5895480 x-cache Hit from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 x-amz-cf-pop EWR53-C3 x-amz-cf-id nJdxoJ5R_00HM0VnwQPvK7d-J8F4F2FbGoO3i130aejL5q6xW25Vew==
GET H2	200	/ Show response c6.dycdn.net/zmoxe3d2/s/red-tag-data-capture/	167 B 498 B	109ms 109ms	XHR application/json	2600:9000:21ea:b200:16:f02f:46c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c6.dycdn.net/zmoxe3d2/s/red-tag-data-capture/?k=rr3mroi&format=full&exp_slug=2fzln8b&view_id=nig60e&d=05b37yf04x&url=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&sbr=redtag&curr=CAD&lang=en Requested by Host: cdn.auryc.com URL: https://cdn.auryc.com/libs/latest/auryc.lib.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ea:b200:16:f02f:46c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f1b28bd959810cfb8e3681a05706b8887c9f03a699538f9fb100e19eabf83e63 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:02 GMT via 1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront) x-amz-cf-pop EWR50-C1 x-cache Miss from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * cache-control private,max-age=20, must-revalidate, stale-while-revalidate=40, stale-if-error=40 content-length 167 x-amz-cf-id CIvSHwVEQ11Pu39fDZPydKn1NzxupPTLtpG-bNarn_qQX3LymX3_AA==
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	23ms 22ms	Image image/gif	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1423052371291939&ev=Microdata&dl=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&rl=&if=false&ts=1657738023066&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Redtag%20Booking%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1657738021562.1022893938&it=1657738021289&coo=false&es=automatic&tm=3&exp=u0&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:03 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Wed, 13 Jul 2022 18:47:03 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	18ms 18ms	Image image/gif	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1631044430362864&ev=Microdata&dl=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&rl=&if=false&ts=1657738023116&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Redtag%20Booking%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1657738021562.1022893938&it=1657738021289&coo=false&es=automatic&tm=3&exp=u0&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:03 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Wed, 13 Jul 2022 18:47:03 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	19ms 19ms	Image image/gif	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=884369102301899&ev=Microdata&dl=https%3A%2F%2Fsecure.redtag.ca%2Fres%2Fvacations%2Fsearch%2Fhotel%3Fsid%3Dadbc74d65884ddaaa383040f0ae72ae5%26hotel_id%3D1596&rl=&if=false&ts=1657738023234&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Redtag%20Booking%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1657738021562.1022893938&it=1657738021289&coo=false&es=automatic&tm=3&exp=u0&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://secure.redtag.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:47:03 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Wed, 13 Jul 2022 18:47:03 GMT