urlscan.io logo urlscan.io
SecurityTrails logo

www.redflagdeals.com Open in urlscan Pro
151.101.193.91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://url3161.redflagdeals.com/ls/click?upn=2b7bAo8ketkdSIJ6vuigZDcfWLqx2mLPMaySv2S1ECILHOo7XdzJrIUlhRjFuzpKj-2B3oIzuJOaSY3Ah-2...
Effective URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Submission: On January 24 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 1 countries across 28 domains to perform 96 HTTP transactions. The main IP is 151.101.193.91, located in United States and belongs to FASTLY, US. The main domain is www.redflagdeals.com. The Cisco Umbrella rank of the primary domain is 518008.
TLS certificate: Issued by R3 on December 20th 2023. Valid for: 3 months.
This is the only time www.redflagdeals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 151.101.193.91 54113 (FASTLY)
1 1 151.101.129.91 54113 (FASTLY)
13 151.101.1.91 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.194.217 54113 (FASTLY)
1 172.253.62.207 15169 (GOOGLE)
4 2a04:4e42:200... 54113 (FASTLY)
3 54.230.49.33 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 152.199.4.33 15133 (EDGECAST)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 37.19.207.34 60068 (CDN77 ^_^)
2 4 3.161.213.3 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
10 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 54.192.51.26 16509 (AMAZON-02)
3 3.161.213.4 16509 (AMAZON-02)
1 2a03:2880:f10... 32934 (FACEBOOK)
2 140.82.12.76 20473 (AS-CHOOPA)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.225.251.244 14618 (AMAZON-AES)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.251.16.149 15169 (GOOGLE)
1 34.233.28.229 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
9 12 23.39.185.111 16625 (AKAMAI-AS)
1 107.178.254.65 15169 (GOOGLE)
1 74.119.119.150 19750 (AS-CRITEO)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 2607:f8b0:400... ()
96 40
3    151.101.193.91 (United States)

ASN54113 (FASTLY, US)
url3161.redflagdeals.com
www.redflagdeals.com
1    151.101.129.91 (United States)

ASN54113 (FASTLY, US)
url3161.redflagdeals.com
13    151.101.1.91 (United States)

ASN54113 (FASTLY, US)
assets.rfdcontent.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
1    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
1    172.253.62.207 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f207.1e100.net
storage.googleapis.com
4    2a04:4e42:200::347 (United States)

ASN54113 (FASTLY, US)
config.htplayground.com
3    54.230.49.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-49-33.yul62.r.cloudfront.net
c.amazon-adsystem.com
2    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2607:f8b0:4004:c1b::54 (Washington, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
1    152.199.4.33 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
5    2607:f8b0:4004:c06::93 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4004:c1d::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
www.google.ca
1    2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 37-19-207-34.bunnyinfra.net
l.getsitecontrol.com
4    3.161.213.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-3.yul62.r.cloudfront.net
sb.scorecardresearch.com
1    2600:9000:215f:6600:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
10    2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4004:c07::8d (Washington, United States)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
1    54.192.51.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-26.yul62.r.cloudfront.net
config.aps.amazon-adsystem.com
3    3.161.213.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-4.yul62.r.cloudfront.net
tagan.adlightning.com
1    2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    140.82.12.76 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 140.82.12.76.vultrusercontent.com
e.htplayground.com
1    2600:1f18:730:b150:6603:655:735c:e3cb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    3.225.251.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-251-244.compute-1.amazonaws.com
rp4.liadm.com
4    2607:f8b0:4004:c1d::8a (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.251.16.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f149.1e100.net
ad.doubleclick.net
1    34.233.28.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-28-229.compute-1.amazonaws.com
i.liadm.com
1    2607:f8b0:4004:c07::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
12    23.39.185.111 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-185-111.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
stags.bluekai.com
x.dlx.addthis.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    2600:1f18:ed:550e:f339:4051:d8d6:6b16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    2607:f8b0:4004:c06::71 (None, )

ASN- ()
play.google.com
Apex Domain
Subdomains		 Transfer
14 gstatic.com
www.gstatic.com
fonts.gstatic.com
650 KB
13 rfdcontent.com
assets.rfdcontent.com — Cisco Umbrella Rank: 319372
49 KB
10 google.com
accounts.google.com — Cisco Umbrella Rank: 23
www.google.com — Cisco Umbrella Rank: 2
play.google.com Failed
158 KB
9 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1946
x.dlx.addthis.com — Cisco Umbrella Rank: 1651
5 KB
6 htplayground.com
config.htplayground.com — Cisco Umbrella Rank: 28872
e.htplayground.com — Cisco Umbrella Rank: 32252
221 KB
5 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3215
rp.liadm.com — Cisco Umbrella Rank: 1497
rp4.liadm.com — Cisco Umbrella Rank: 7027
i.liadm.com — Cisco Umbrella Rank: 550
i6.liadm.com — Cisco Umbrella Rank: 2884
18 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 881
api.btloader.com — Cisco Umbrella Rank: 960
47 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
1 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
75 KB
4 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 286
ajax.googleapis.com — Cisco Umbrella Rank: 369
fonts.googleapis.com — Cisco Umbrella Rank: 28
96 KB
4 redflagdeals.com
url3161.redflagdeals.com
www.redflagdeals.com — Cisco Umbrella Rank: 518008
12 KB
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 940
2 KB
3 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2221
75 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
ad.doubleclick.net — Cisco Umbrella Rank: 163
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net Failed
137 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 918
1 KB
2 getsitecontrol.com
l.getsitecontrol.com — Cisco Umbrella Rank: 18502
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
68 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
192 KB
2 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3034
77 KB
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 608
363 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 790
98 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9185
408 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 424
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
29 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2316
7 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 6426
9 KB
96 28
Domain Requested by
13 assets.rfdcontent.com www.redflagdeals.com
10 fonts.gstatic.com fonts.googleapis.com
www.google.com
6 e.dlx.addthis.com 6 redirects
5 www.google.com www.redflagdeals.com
www.gstatic.com
www.google.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 sb.scorecardresearch.com 2 redirects www.redflagdeals.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 accounts.google.com www.redflagdeals.com
accounts.google.com
4 config.htplayground.com www.redflagdeals.com
config.htplayground.com
3 x.dlx.addthis.com i.liadm.com
3 stags.bluekai.com 3 redirects
3 api.btloader.com btloader.com
3 tagan.adlightning.com config.htplayground.com
tagan.adlightning.com
3 c.amazon-adsystem.com www.redflagdeals.com
c.amazon-adsystem.com
2 ad-delivery.net
2 e.htplayground.com config.htplayground.com
2 l.getsitecontrol.com www.googletagmanager.com
l.getsitecontrol.com
2 connect.facebook.net www.redflagdeals.com
connect.facebook.net
2 www.googletagmanager.com www.redflagdeals.com
www.googletagmanager.com
2 ajax.googleapis.com www.redflagdeals.com
2 netdna.bootstrapcdn.com www.redflagdeals.com
netdna.bootstrapcdn.com
2 www.redflagdeals.com config.htplayground.com
2 url3161.redflagdeals.com 2 redirects
1 play.google.com
1 i6.liadm.com i.liadm.com
1 dis.criteo.com i.liadm.com
1 pippio.com i.liadm.com
1 www.google.ca
1 stats.g.doubleclick.net www.google-analytics.com
1 i.liadm.com tagan.adlightning.com
1 ad.doubleclick.net
1 btloader.com www.googletagmanager.com
1 rp4.liadm.com
1 rp.liadm.com 1 redirects
1 www.facebook.com www.redflagdeals.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 csp.withgoogle.com www.redflagdeals.com
1 b-code.liadm.com www.googletagmanager.com
1 securepubads.g.doubleclick.net www.googletagservices.com
1 fonts.googleapis.com ajax.googleapis.com
1 www.googletagservices.com assets.rfdcontent.com
1 ajax.aspnetcdn.com www.redflagdeals.com
1 storage.googleapis.com www.redflagdeals.com
1 cdn.speedcurve.com www.redflagdeals.com
0 cm.g.doubleclick.net Failed i.liadm.com
96 45
Subject Issuer Validity Valid
redflagdeals.com
R3		 2023-12-20 -
2024-03-19		 3 months crt.sh
rfdcontent.com
R3		 2024-01-03 -
2024-04-02		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-21 -
2025-02-21		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.htplayground.com
R3		 2023-12-17 -
2024-03-16		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2		 2023-03-07 -
2024-04-07		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M03		 2023-12-02 -
2024-12-29		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
btloader.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
ad-delivery.net
GTS CA 1P5		 2024-01-20 -
2024-04-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
pippio.com
GTS CA 1D4		 2024-01-05 -
2024-04-04		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Frame ID: 19D730876BDC3506F6DD85DEC7956FAE
Requests: 75 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&size=large&theme=filled_blue&text=continue_with&shape=rectangular&logo_alignment=left&width=200&client_id=469392466123-871u59f1qlnstlqhd7jer4fqbfd586st.apps.googleusercontent.com&iframe_id=gsi_753010_887740&as=3KnIwap%2FFRi49vheoZkq6g
Frame ID: 10858D6D601282D2C46686DF5486A48D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lce_ewZAAAAAFRAZIZhl0_TjRPLoERRlMkacQJJ&co=aHR0cHM6Ly93d3cucmVkZmxhZ2RlYWxzLmNvbTo0NDM.&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=1mm9hnzba04v
Frame ID: 3FCE61B3B76276F1591A28AA7915B7DB
Requests: 8 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-0918?duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&euns=0&s=&version=v2.11.7&cd=.redflagdeals.com&
Frame ID: 6C1BF0EC56E2D3D357C50CA1784D064E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Confirm your email address

Page URL History Show full URLs

  1. http://url3161.redflagdeals.com/ls/click?upn=2b7bAo8ketkdSIJ6vuigZDcfWLqx2mLPMaySv2S1ECILHOo7XdzJrIUlhRjFuzp... HTTP 301
    https://url3161.redflagdeals.com/ls/click?upn=2b7bAo8ketkdSIJ6vuigZDcfWLqx2mLPMaySv2S1ECILHOo7XdzJrIUlhRjFuzp... HTTP 302
    https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

96
Requests

92 %
HTTPS

54 %
IPv6

28
Domains

45
Subdomains

40
IPs

1
Countries

1945 kB
Transfer

5141 kB
Size

35
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://url3161.redflagdeals.com/ls/click?upn=2b7bAo8ketkdSIJ6vuigZDcfWLqx2mLPMaySv2S1ECILHOo7XdzJrIUlhRjFuzpKj-2B3oIzuJOaSY3Ah-2B8meyFQHFWw8izZbhoaWQerbHrQf0U9EBo5hVFPIVGMjG8Jo8hrEo_lMbV-2FZLY5fH0-2FCdn5iHHCBfbltDuO68xl-2BuMC3-2BZBGfL-2FzIo7ikhts2CI9U5cfWDvkl6FHnNKUDb3a3xRwmnkh7zq6wJBI4j3XXMuTMS68d9CS-2B6B1ADUkzhjQ5nucK28deVWLEqX-2FhOqcu6hNZHz9KNWCr-2FK4C3N4yXCcCexqYsd-2B-2BkSK-2BZ8FcGNH7BeUW3xVe-2BJFwxszeKGFSz7Mb0P0oxOtQapgyhAdYTTdlUBUs-3D HTTP 301
    https://url3161.redflagdeals.com/ls/click?upn=2b7bAo8ketkdSIJ6vuigZDcfWLqx2mLPMaySv2S1ECILHOo7XdzJrIUlhRjFuzpKj-2B3oIzuJOaSY3Ah-2B8meyFQHFWw8izZbhoaWQerbHrQf0U9EBo5hVFPIVGMjG8Jo8hrEo_lMbV-2FZLY5fH0-2FCdn5iHHCBfbltDuO68xl-2BuMC3-2BZBGfL-2FzIo7ikhts2CI9U5cfWDvkl6FHnNKUDb3a3xRwmnkh7zq6wJBI4j3XXMuTMS68d9CS-2B6B1ADUkzhjQ5nucK28deVWLEqX-2FhOqcu6hNZHz9KNWCr-2FK4C3N4yXCcCexqYsd-2B-2BkSK-2BZ8FcGNH7BeUW3xVe-2BJFwxszeKGFSz7Mb0P0oxOtQapgyhAdYTTdlUBUs-3D HTTP 302
    https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036030&ns__t=1706113752965&ns_c=UTF-8&c8=Confirm%20your%20email%20address&c7=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f23e98bc8e421de12340a8b&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036030&ns__t=1706113752965&ns_c=UTF-8&c8=Confirm%20your%20email%20address&c7=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f23e98bc8e421de12340a8b&c9=
Request Chain 67
  • https://rp.liadm.com/j?dtstmp=1706113754680&aid=a-0918&se=e30&duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&tv=v2.11.7&pu=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f23e98bc8e421de12340a8b&wpn=lc-bundle&c=PHRpdGxlPkNvbmZpcm0geW91ciBlbWFpbCBhZGRyZXNzIDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGxpbmsgaHJlZj0iaHR0cHM6Ly93d3cucmVkZmxhZ2RlYWxzLmNvbS91c2VyL3NpZ251cC8iIHJlbD0iY2Fub25pY2FsIj48aDE-Q29uZmlybWF0aW9uIEVycm9yPC9oMT4&cd=.redflagdeals.com HTTP 302
  • https://rp4.liadm.com/j?se=e30&duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&aid=a-0918&cd=.redflagdeals.com&dtstmp=1706113754680&tv=v2.11.7&n3pc=true&wpn=lc-bundle&i6=MjAwMTo0OTU4OjE0MjA6MTUxOjo0&pu=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f23e98bc8e421de12340a8b&c=PHRpdGxlPkNvbmZpcm0geW91ciBlbWFpbCBhZGRyZXNzIDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGxpbmsgaHJlZj0iaHR0cHM6Ly93d3cucmVkZmxhZ2RlYWxzLmNvbS91c2VyL3NpZ251cC8iIHJlbD0iY2Fub25pY2FsIj48aDE-Q29uZmlybWF0aW9uIEVycm9yPC9oMT4
Request Chain 72
  • https://sb.scorecardresearch.com/c2/6036030/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 85
  • https://he.lijit.com/merge?pid=8105&event_type=email&lc_md5=962956c4f43812cc52605ceaf923b2cb&lc_sha1=&lc_sha256=&duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&cd=.redflagdeals.com&version=v2.11.7&s=&euns=0 HTTP 302
  • https://he.lijit.com/merge?dnr=1&pid=8105&lc_md5=962956c4f43812cc52605ceaf923b2cb&uc_md5=&lc_sha1=&uc_sha1=&lc_sha256=&uc_sha256=&lc_domain_sha1= HTTP 302
  • https://p.alcmpn.com/em/173/110/2360.gif?gid=962956c4f43812cc52605ceaf923b2cb HTTP 302
  • https://e.dlx.addthis.com/e/a-1564/s-5719?ret=img&na_em=962956c4f43812cc52605ceaf923b2cb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm&google_hm=MjAyNDAxMjQxNjI5MjAwMDAxMDA2OTAyNjkwNA%3D%3D
Request Chain 86
  • https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=962956c4f43812cc52605ceaf923b2cb HTTP 302
  • https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=962956c4f43812cc52605ceaf923b2cb&rd=Y HTTP 302
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2024012416292000010069026904&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
Request Chain 87
  • https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=680a19afd608b4a9f3b0889f89881e67 HTTP 302
  • https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=680a19afd608b4a9f3b0889f89881e67&rd=Y HTTP 302
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2024012416292000017880163266&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
Request Chain 88
  • https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=c371f3a46a0cf80ccb6bb53ce85259a1 HTTP 302
  • https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=c371f3a46a0cf80ccb6bb53ce85259a1&rd=Y HTTP 302
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2024012416292000037713776015&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request f361dfbd69246f23e98bc8e421de12340a8b
www.redflagdeals.com/user/confirm-email/
Redirect Chain
  • http://url3161.redflagdeals.com/ls/click?upn=2b7bAo8ketkdSIJ6vuigZDcfWLqx2mLPMaySv2S1ECILHOo7XdzJrIUlhRjFuzpKj-2B3oIzuJOaSY3Ah-2B8meyFQHFWw8izZbhoaWQerbHrQf0U9EBo5hVFPIVGMjG8Jo8hrEo_lMbV-2FZLY5fH0-...
  • https://url3161.redflagdeals.com/ls/click?upn=2b7bAo8ketkdSIJ6vuigZDcfWLqx2mLPMaySv2S1ECILHOo7XdzJrIUlhRjFuzpKj-2B3oIzuJOaSY3Ah-2B8meyFQHFWw8izZbhoaWQerbHrQf0U9EBo5hVFPIVGMjG8Jo8hrEo_lMbV-2FZLY5fH0...
  • https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
40 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
25e55a46432e4d4e85eceaaab88c192840dccf8efd395db110f0a3c422472773
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
no-cache, private
content-encoding
gzip
content-length
10345
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 24 Jan 2024 16:29:10 GMT
expires
Wed, 24 Jan 2024 16:29:10 GMT
referrer-policy
no-referrer-when-downgrade
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-frame-options
SAMEORIGIN
x-mod-pagespeed
1.13.35.2-0
x-served-by
cache-chi-kigq8000046-CHI, cache-chi-kigq8000046-CHI, cache-yyz4534-YYZ
x-timer
S1706113750.456625,VS0,VE138
x-xss-protection
1; mode=block

Redirect headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
107
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 16:29:08 GMT
location
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-robots-tag
noindex, nofollow
x-served-by
cache-yyz4538-YYZ
account_management.css
assets.rfdcontent.com/css/rfd/v33.36.152/layout.css,pages/user/ 		68 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.rfdcontent.com/css/rfd/v33.36.152/layout.css,pages/user/account_management.css
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7740a3e3f51d036423b97ad9b316564788bf391025f96d2c5cdbfbbc67dfb6b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 2, 1
date
Wed, 24 Jan 2024 16:29:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
177899
x-cache
MISS, HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
11612
x-xss-protection
1; mode=block
x-served-by
cache-chi-klot8100141-CHI, cache-chi-klot8100134-CHI, cache-yyz4541-YYZ
x-timer
S1705935852.746756,VS0,VE32
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
expires
Tue, 21 Jan 2025 20:52:57
jquery.smartbanner.css
assets.rfdcontent.com/css/rfd/v33.36.152/external/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.rfdcontent.com/css/rfd/v33.36.152/external/jquery.smartbanner.css
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dc1d9ed3d8e4a2f9fd78aaec78f406b1dbd5782f534bd6fe77e709f8e5b6c32e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 0, 2654
date
Wed, 24 Jan 2024 16:29:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
178038
x-cache
MISS, MISS, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1034
x-xss-protection
1; mode=block
x-served-by
cache-chi-klot8100043-CHI, cache-chi-kigq8000125-CHI, cache-yyz4541-YYZ
x-timer
S1705935713.738200,VS0,VE42
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
expires
Tue, 21 Jan 2025 20:50:38
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.6.0/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
863
age
4858431
cdn-cachedat
11/18/2022 06:30:22
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"963f38577cc1586d78e83a4acdf39723"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
cd050cf4621eea3ed4906e91e421f0c7
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
84a9a76068f754b5-YYZ
cdn-requestpullsuccess
True
lux.js
cdn.speedcurve.com/js/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=4292841494
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
9694d8d27d49caa0293c36e65ec4c704941ab1654d7e7950de7d796923ba49bc

Request headers

Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Origin
https://www.redflagdeals.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 15:51:31 GMT
date
Wed, 24 Jan 2024 16:29:11 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
2260
x-cache
HIT
content-length
8052
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706111491&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=Yg9BMzMPp%2B12kxZlCzFV4sPFCLz%2FmmQkeqAwOt7U8%2Fc%3D
x-served-by
cache-yyz4526-YYZ
last-modified
Wed, 24 Jan 2024 15:51:31 GMT
server
Apache
x-timer
S1706113752.919562,VS0,VE0
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706111491&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=Yg9BMzMPp%2B12kxZlCzFV4sPFCLz%2FmmQkeqAwOt7U8%2Fc%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
43
intentiq.js
storage.googleapis.com/vs-scripts/intentiq/ 		54 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/vs-scripts/intentiq/intentiq.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.207 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f207.1e100.net
Software
UploadServer /
Resource Hash
af1fb7d3711bb1df62e5e7378a6900ad98e4d5a29ebe9591bfc0c0935d60998d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 15:38:01 GMT
age
3071
x-guploader-uploadid
ABPtcPoy4RRZf09zLObkc3K5IshZKvgSkktUgtggW1v3qtqEGOcCDtl-UxfwwtwsqWr4i28ZP7qZhg9lPA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55354
last-modified
Wed, 16 Aug 2023 19:31:08 GMT
server
UploadServer
etag
"49067e828120d89e7bb49442f3dca189"
x-goog-generation
1692214268295487
x-goog-hash
crc32c=cqCkLQ==, md5=SQZ+goEg2J57tJRC89yhiQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
55354
accept-ranges
bytes
expires
Wed, 24 Jan 2024 16:38:01 GMT
load-vs-cmp.js
config.htplayground.com/ 		26 B
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.htplayground.com/load-vs-cmp.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
b4f0f8912bf6596e863269b96ecb655eecf3f8009a64a9232645f019040d39a4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:12 GMT
content-encoding
br
via
1.1 varnish
x-cache
HIT
content-length
31
x-served-by
cache-yyz4534-YYZ
last-modified
Thu, 19 Jan 2023 14:02:42 GMT
server
nginx/1.24.0
x-timer
S1706113752.148189,VS0,VE0
etag
"63c94d82-1a"
access-control-max-age
86400
vary
Accept-Encoding, X-ht-source
content-type
application/javascript
access-control-allow-origin
*, *
cache-control
public, max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
1051
redflagdeals.com
config.htplayground.com/config/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config.htplayground.com/config/redflagdeals.com
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e167bf9f353483ab387fce229c4648982e6bbbd89e447350ce51f6860440c6da

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:12 GMT
content-encoding
br
via
1.1 varnish
x-cache
HIT
x-forwarded-proto
: https
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8589
x-ht-request-cache
HIT
x-served-by
cache-yyz4534-YYZ
webserver
file6
server
nginx/1.24.0
x-timer
S1706113752.148167,VS0,VE0
etag
v2313493b83108e0782fbfc90e4bddc87b
vary
Accept-Encoding, X-ht-source
content-type
application/javascript
cache-control
public, max-age=1800
x-ht-expires
Wed, 24 Jan 2024 17:45:29 GMT
x-ht-surrogate-key
htplayground/api/ads/config htplayground/api/ads htplayground rvguide/api api rvguide
accept-ranges
bytes
x-cache-hits
93
libs
config.htplayground.com/ 		709 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config.htplayground.com/libs
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.10.3 / PHP/7.2.30
Resource Hash
6330b390342c4b8e474101dec772e13ce56009caa7c3cffefff44d6fe09844dc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:12 GMT
content-encoding
br
via
1.1 varnish
x-powered-by
PHP/7.2.30
x-cache
HIT
x-forwarded-proto
: https
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
216737
x-ht-request-cache
HIT
x-served-by
cache-yyz4534-YYZ
webserver
file1
server
nginx/1.10.3
x-timer
S1706113752.148172,VS0,VE0
etag
265
vary
Accept-Encoding, X-ht-source
content-type
application/javascript
cache-control
public, max-age=1800
x-ht-expires
Wed, 24 Jan 2024 17:44:52 GMT
x-ht-surrogate-key
htplayground/api/ads/libs htplayground/api/ads htplayground rvguide/api api rvguide
accept-ranges
bytes
x-cache-hits
179
apstag.js
c.amazon-adsystem.com/aax2/ 		283 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.49.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-49-33.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 15:30:01 GMT
content-encoding
gzip
via
1.1 c889e9448c63bb4bf9dd41fcb2250e08.cloudfront.net (CloudFront), 1.1 0fb05a472bd2fcfe266ed8a7a987ab1e.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 20:58:08 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, YUL62-C2
age
3552
x-amz-server-side-encryption
AES256
etag
W/"40d0d68b26a97aab8ab324d2c4d4ad42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
giYZrILt2mwPJdytMILxpl2FVl1QeCeQ_7K_oviw_xAdiM_0aYfOJA==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133886
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 03:17:45 GMT
client
accounts.google.com/gsi/ 		207 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae425bb9fff120229fc66feeaee0d88d697f13d2b29bf148f539861917d4ff6f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wVLKdlWJKD_zUnxVUPQsRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:12 GMT
content-security-policy
script-src 'report-sample' 'nonce-wVLKdlWJKD_zUnxVUPQsRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 24 Jan 2024 16:29:12 GMT
responsive_base.png
assets.rfdcontent.com/graphics/rfd/v33.36.152/sprites/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.rfdcontent.com/graphics/rfd/v33.36.152/sprites/responsive_base.png
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
411382b67ed284126245a6cad60e2cd9d7e27ab5c7e8ed720e732ca63a19058c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 21 Jan 2025 20:50:38
date
Wed, 24 Jan 2024 16:29:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-served-by
vpop-kiad7010211
age
178038
x-cache
MISS, MISS, HIT
fastly-io-info
ifsz=15434 idim=359x202 ifmt=png ofsz=10942 odim=359x202 ofmt=webp
fastly-stats
io=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10942
x-xss-protection
1; mode=block
x-served-by
cache-chi-klot8100091-CHI, cache-chi-kigq8000024-CHI, cache-yyz4541-YYZ
x-timer
S1705935713.764875,VS0,VE131
etag
"oVkB2NMdgOUS9y55jNkspkl4deiCYZaUQasUp/a3ESA"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0, 2741
print.css
assets.rfdcontent.com/css/rfd/v33.36.152/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.rfdcontent.com/css/rfd/v33.36.152/print.css
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
261b08e0d6e59dee354c813dc76787a6e82076ab87b850a7eaa6f647f29ade32
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 0, 1259
date
Wed, 24 Jan 2024 16:29:12 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
178039
x-cache
MISS, MISS, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1164
x-xss-protection
1; mode=block
x-served-by
cache-chi-kigq8000164-CHI, cache-chi-klot8100035-CHI, cache-yyz4528-YYZ
x-timer
S1705935713.907198,VS0,VE32
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
expires
Tue, 21 Jan 2025 20:50:38
cookiemanager.js
assets.rfdcontent.com/js/rfd/v33.36.152/libraries/comments/rfd.responsive.commentcounts.js,libraries/cookies/ 		2 KB
955 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.rfdcontent.com/js/rfd/v33.36.152/libraries/comments/rfd.responsive.commentcounts.js,libraries/cookies/cookiemanager.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bd53c97b2705f762f6d91ba5014da85be283318275af6ddab8201475da4e9df8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 1, 788
date
Wed, 24 Jan 2024 16:29:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
177974
x-cache
MISS, HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
732
x-xss-protection
1; mode=block
x-served-by
cache-chi-kigq8000154-CHI, cache-chi-kigq8000107-CHI, cache-yyz4541-YYZ
last-modified
Tue, 16 Jan 2024 16:27:15 GMT
x-timer
S1705935776.451785,VS0,VE20
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
expires
Tue, 21 Jan 2025 20:51:42
enquire.min.js
assets.rfdcontent.com/js/rfd/v33.36.152/external/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.rfdcontent.com/js/rfd/v33.36.152/external/enquire.min.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f8cd294dd0e2de4a282a17e781b1c6c8b59f286a2724507952c2864f43901fe1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 0, 2565
date
Wed, 24 Jan 2024 16:29:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
178038
x-cache
MISS, MISS, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
961
x-xss-protection
1; mode=block
x-served-by
cache-chi-kigq8000148-CHI, cache-chi-klot8100031-CHI, cache-yyz4541-YYZ
last-modified
Tue, 16 Jan 2024 16:27:15 GMT
x-timer
S1705935713.903932,VS0,VE21
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
expires
Tue, 21 Jan 2025 20:50:38
intersection-observer.js
assets.rfdcontent.com/js/rfd/v33.36.152//external/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.rfdcontent.com/js/rfd/v33.36.152//external/intersection-observer.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6df8eba2a196c26631b9470b066b994cba82042a635bae1f881f466b4befcb97
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 1, 757
date
Wed, 24 Jan 2024 16:29:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
177974
x-cache
MISS, HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3135
x-xss-protection
1; mode=block
x-served-by
cache-chi-klot8100134-CHI, cache-chi-kigq8000065-CHI, cache-yyz4541-YYZ
last-modified
Tue, 16 Jan 2024 16:27:15 GMT
x-timer
S1705935776.485268,VS0,VE19
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
expires
Tue, 21 Jan 2025 20:51:42
rfd.lazyload.js,rfd.responsive.base.js
assets.rfdcontent.com/js/rfd/v33.36.152/external/jquery.menu-aim.js,external/jquery.hoverIntent.min.js,external/jquery.smartbanner.js,libraries/images/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.rfdcontent.com/js/rfd/v33.36.152/external/jquery.menu-aim.js,external/jquery.hoverIntent.min.js,external/jquery.smartbanner.js,libraries/images/rfd.lazyload.js,rfd.responsive.base.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cb98aaf8d7a5420159aa7f769b939ea14869af0ce512fe1f905679595592a53b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 1, 756
date
Wed, 24 Jan 2024 16:29:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
177974
x-cache
MISS, HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9660
x-xss-protection
1; mode=block
x-served-by
cache-chi-klot8100168-CHI, cache-chi-kigq8000177-CHI, cache-yyz4541-YYZ
last-modified
Tue, 16 Jan 2024 16:27:15 GMT
x-timer
S1705935777.564791,VS0,VE20
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
expires
Tue, 21 Jan 2025 20:51:42
rfd.scrapers.js
assets.rfdcontent.com/js/rfd/v33.36.152/libraries/coin/ 		141 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.rfdcontent.com/js/rfd/v33.36.152/libraries/coin/rfd.scrapers.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2c81dbc88c8c4d01ed5fb63ba91812047d1e1059bd607444e4df26f677df374f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 1, 427
date
Wed, 24 Jan 2024 16:29:12 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
177975
x-cache
MISS, HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
133
x-xss-protection
1; mode=block
x-served-by
cache-chi-kigq8000072-CHI, cache-chi-klot8100175-CHI, cache-yyz4528-YYZ
last-modified
Tue, 16 Jan 2024 16:27:15 GMT
x-timer
S1705935777.697785,VS0,VE17
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
expires
Tue, 21 Jan 2025 20:51:42
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.13.0/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.13.0/jquery.validate.min.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.33 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (cha/8178) /
Resource Hash
5fe55811cab9115f1733276abdc3e822047bd84f6ab9611fe64fcca43261e49f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20498197
x-cache
HIT
content-length
6755
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:42:29 GMT
server
ECAcc (cha/8178)
etag
"8020c71d033d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
rfd.lib.validators.js
assets.rfdcontent.com/js/rfd/v33.36.152/libraries/forms/rfd.validation.js,libraries/forms/ 		2 KB
1005 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.rfdcontent.com/js/rfd/v33.36.152/libraries/forms/rfd.validation.js,libraries/forms/rfd.lib.validators.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0648f735b64350bc19e52a60baa91a7a49a069185790273ee28b561f4f60f8cd
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 2, 3
date
Wed, 24 Jan 2024 16:29:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
177899
x-cache
MISS, HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
632
x-xss-protection
1; mode=block
x-served-by
cache-chi-klot8100113-CHI, cache-chi-klot8100070-CHI, cache-yyz4528-YYZ
last-modified
Tue, 16 Jan 2024 16:27:15 GMT
x-timer
S1705935852.750308,VS0,VE19
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
expires
Tue, 21 Jan 2025 20:52:57
rfd.events.sitewide.js
assets.rfdcontent.com/js/rfd/v33.36.152/libraries/analytics/rfd.trackers.js,libraries/analytics/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.rfdcontent.com/js/rfd/v33.36.152/libraries/analytics/rfd.trackers.js,libraries/analytics/rfd.events.sitewide.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e038e5959f49b865e58fc9c528bc0d56f374cbe356e3f0fb941aa7332c18e946
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 1, 422
date
Wed, 24 Jan 2024 16:29:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
177974
x-cache
MISS, HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2605
x-xss-protection
1; mode=block
x-served-by
cache-chi-klot8100075-CHI, cache-chi-kigq8000105-CHI, cache-yyz4528-YYZ
last-modified
Tue, 16 Jan 2024 16:27:15 GMT
x-timer
S1705935777.576115,VS0,VE18
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
expires
Tue, 21 Jan 2025 20:51:42
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lce_ewZAAAAAFRAZIZhl0_TjRPLoERRlMkacQJJ
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
26700182a1bc4bd0ebd4ce5bd66327330a47e7ab2fdebecc5be3afabbea29a62
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 24 Jan 2024 16:29:11 GMT
rfd.lib.placements.js
assets.rfdcontent.com/js/rfd/v33.36.152/libraries/placements/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.rfdcontent.com/js/rfd/v33.36.152/libraries/placements/rfd.lib.placements.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b5780df1c5242c493a84897545d5759546b3b56d884f17624043531ace4d5682
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 0, 1290
date
Wed, 24 Jan 2024 16:29:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
178038
x-cache
MISS, MISS, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1659
x-xss-protection
1; mode=block
x-served-by
cache-chi-klot8100178-CHI, cache-chi-klot8100124-CHI, cache-yyz4528-YYZ
last-modified
Tue, 16 Jan 2024 16:27:15 GMT
x-timer
S1705935713.903083,VS0,VE27
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
expires
Tue, 21 Jan 2025 20:50:38
rfd.compat.muniversal.js
assets.rfdcontent.com/js/rfd/v33.36.152/libraries/placements/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.rfdcontent.com/js/rfd/v33.36.152/libraries/placements/rfd.compat.muniversal.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
071ce441ef06d2667f2e9c9248d0f3ac935d6733162e35bc66804efe3de62e80
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0, 0, 1281
date
Wed, 24 Jan 2024 16:29:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
178038
x-cache
MISS, MISS, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1629
x-xss-protection
1; mode=block
x-served-by
cache-chi-kigq8000071-CHI, cache-chi-kigq8000092-CHI, cache-yyz4528-YYZ
last-modified
Tue, 16 Jan 2024 16:27:15 GMT
x-timer
S1705935713.904935,VS0,VE168
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
expires
Tue, 21 Jan 2025 20:50:39
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.16/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 17:27:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5480
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 17:27:03 GMT
gtm.js
www.googletagmanager.com/ 		370 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDZPGKH
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
434671cf1d508a2fb3388b5ef2b4cd37192fde6a53b7955ad9ba0ac5a433147e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108861
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 Jan 2024 16:29:12 GMT
fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.6.0/fonts/ 		69 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.6.0/fonts/fontawesome-webfont.woff2?v=4.6.0
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://netdna.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css
Origin
https://www.redflagdeals.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
940
age
4949558
cdn-cachedat
11/29/2022 01:43:54
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
70700
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
"7b4635e4bc709f12d7ac73f4d8c5261e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
d5105ef3c31bdbf0379c26444e4542fc
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
84a9a764984f39c5-YYZ
cdn-requestpullsuccess
True
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 		503 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lce_ewZAAAAAFRAZIZhl0_TjRPLoERRlMkacQJJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Origin
https://www.redflagdeals.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 15:16:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206076
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jan 2025 15:16:04 GMT
gpt.js
www.googletagservices.com/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: assets.rfdcontent.com
URL: https://assets.rfdcontent.com/js/rfd/v33.36.152/libraries/placements/rfd.lib.placements.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
848c108e1eefe054208ba591dfceff40c30f5bee990eda5bf68bbf13d5eb087b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29497
x-xss-protection
0
server
cafe
etag
519 / 19746 / 31080679 / config-hash: 4512623167969600628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:29:12 GMT
css
fonts.googleapis.com/ 		49 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=DM+Sans:500%7COpen+Sans:300,300i,400,400i,600,600i,700%7CRoboto:300,400,400i,500,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5d15d0028431f52bc20c2bc94db7a81faa3232e53ed7c81fa62c8ae3963192f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jan 2024 16:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 16:29:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jan 2024 16:29:12 GMT
data
config.htplayground.com/ 		106 B
192 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.htplayground.com/data
Requested by
Host: config.htplayground.com
URL: https://config.htplayground.com/libs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ebec6ebcfcb19b1f0889d5a4cbd9ceec998e2659df8f76b9b9232f823498d2f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-yyz4534-YYZ
date
Wed, 24 Jan 2024 16:29:12 GMT
via
1.1 varnish
server
Varnish
x-timer
S1706113753.503566,VS0,VE0
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=1800
accept-ranges
bytes
content-length
106
retry-after
0
x-cache-hits
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.49.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-49-33.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 09:38:55 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
24618
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
O9Ot45eS3h35nUKPuPoOpoo96IzVI7H7Ubc6rkMYFSZrdiOwp_n1FQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401240101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401240101/pubads_impl.js?cb=31080679
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4de3f2c85751bffda4d0fe23ab5e6f37ad4560503bb44b8ef122fe5112584994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 11:42:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
17227
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137734
x-xss-protection
0
server
cafe
etag
16079809720530243235
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 23 Jan 2025 11:42:06 GMT
fbevents.js
connect.facebook.net/en_US/ 		213 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Jan 2024 16:29:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57021
x-xss-protection
0
pragma
public
x-fb-debug
4gGiCIT3I9NOo7J2Hp4g6GCFeQCbFkmFPAKNrPo0RCIFY/RV3D7MqiO07JTywotXSV/XgtTYZihY4hP0eiK33Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
z4qnen94.js
l.getsitecontrol.com/ 		433 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/z4qnen94.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZPGKH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
8b3d4fb78691596ee888930eaf65a8debcc669e200e39b07c243eca95ca42337

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:13 GMT
content-encoding
br
cdn-edgestorageid
925
x-amz-request-id
RESFSD73PK24KAMQ
cdn-cachedat
10/30/2023 02:05:33
cdn-pullzone
89704
cross-origin-resource-policy
cross-origin
x-amz-id-2
H7CgGil2T81eUsMC6d187iO73PN+UewBz1lkU/wtYibpIDytnFJ8nBU8U/DZJz1AKIg9bivHj9Mx4iNPXTqHmQ==
last-modified
Thu, 24 Nov 2022 16:11:00 GMT
server
BunnyCDN-ASB1-925
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"f7053edb49a73206bea43312dc15c0a2"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
cdn-requestid
b749ec495933e831dfe6cfda207d40cf
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036030&ns__t=1706113752965&ns_c=UTF-8&c8=Confirm%20your%20email%20address&c7=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f23...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036030&ns__t=1706113752965&ns_c=UTF-8&c8=Confirm%20your%20email%20address&c7=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f2...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036030&ns__t=1706113752965&ns_c=UTF-8&c8=Confirm%20your%20email%20address&c7=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f23e98bc8e421de12340a8b&c9=
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Server
3.161.213.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-3.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:13 GMT
via
1.1 83a743ed393a5cd20768ea48e9372bca.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P1
x-amz-cf-id
UOTwn5BIwZqMDEql1V5i6Hq-3KZIm-5YQ1eUJOX4MsXK0rPazeGQvQ==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 24 Jan 2024 16:29:13 GMT
via
1.1 83a743ed393a5cd20768ea48e9372bca.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6036030&ns__t=1706113752965&ns_c=UTF-8&c8=Confirm%20your%20email%20address&c7=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f23e98bc8e421de12340a8b&c9=
content-length
0
x-amz-cf-id
pO2PjDy3JR50CcrBCpBQoDLx9FVAiFISwqRuQrz5DzhEgTS2pFeAPg==
a-0918.min.js
b-code.liadm.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-0918.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZPGKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:6600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9096fee1917ed3608ff1695dd94cd9b4c817718df2319546a6c556a9014dd2df

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 19:13:34 GMT
content-encoding
gzip
via
1.1 5457c222c2d16dbac9187bfa0ba2f8f2.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
76540
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
mGidTeq16oGMmMF1A8t_-NNitNXDTLDK1_yfePEbZtIfvkKgg7OTcQ==
style
accounts.google.com/gsi/ 		533 B
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-bylwu3KNgs6AN6qhbLTDHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:13 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-bylwu3KNgs6AN6qhbLTDHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 24 Jan 2024 16:29:13 GMT
button
accounts.google.com/gsi/ Frame 1085 		115 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=standard&size=large&theme=filled_blue&text=continue_with&shape=rectangular&logo_alignment=left&width=200&client_id=469392466123-871u59f1qlnstlqhd7jer4fqbfd586st.apps.googleusercontent.com&iframe_id=gsi_753010_887740&as=3KnIwap%2FFRi49vheoZkq6g
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a2a2de240988b267ace552bff3a6f2c03af314465c92c9b3834bd1caba2d4e3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Bqnjx2UuQ0puBxW918k4Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Bqnjx2UuQ0puBxW918k4Fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
same-site
date
Wed, 24 Jan 2024 16:29:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAkJxRSW32.woff2
fonts.gstatic.com/s/dmsans/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAkJxRSW32.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:500%7COpen+Sans:300,300i,400,400i,600,600i,700%7CRoboto:300,400,400i,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
768363372883bb5406490e620d629f98a429f189a7cf48bf74b8a638091abbc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.redflagdeals.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:27:23 GMT
x-content-type-options
nosniff
age
504110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14276
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 22:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:27:23 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:500%7COpen+Sans:300,300i,400,400i,600,600i,700%7CRoboto:300,400,400i,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.redflagdeals.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:23:53 GMT
x-content-type-options
nosniff
age
504320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:23:53 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:500%7COpen+Sans:300,300i,400,400i,600,600i,700%7CRoboto:300,400,400i,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.redflagdeals.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:23:54 GMT
x-content-type-options
nosniff
age
504319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50296
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:23:54 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:500%7COpen+Sans:300,300i,400,400i,600,600i,700%7CRoboto:300,400,400i,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.redflagdeals.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:29:02 GMT
x-content-type-options
nosniff
age
504011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:29:02 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:500%7COpen+Sans:300,300i,400,400i,600,600i,700%7CRoboto:300,400,400i,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.redflagdeals.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:16:29 GMT
x-content-type-options
nosniff
age
504764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:16:29 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:500%7COpen+Sans:300,300i,400,400i,600,600i,700%7CRoboto:300,400,400i,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.redflagdeals.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 10:08:12 GMT
x-content-type-options
nosniff
age
109261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 10:08:12 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:500%7COpen+Sans:300,300i,400,400i,600,600i,700%7CRoboto:300,400,400i,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.redflagdeals.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:11:23 GMT
x-content-type-options
nosniff
age
505070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:11:23 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:500%7COpen+Sans:300,300i,400,400i,600,600i,700%7CRoboto:300,400,400i,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.redflagdeals.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:23:54 GMT
x-content-type-options
nosniff
age
504319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:23:54 GMT
anchor
www.google.com/recaptcha/api2/ Frame 3FCE 		44 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lce_ewZAAAAAFRAZIZhl0_TjRPLoERRlMkacQJJ&co=aHR0cHM6Ly93d3cucmVkZmxhZ2RlYWxzLmNvbTo0NDM.&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=1mm9hnzba04v
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fac2b9c51fb7e30910a6c1e7ec70ad447fcf38a6d4ef13608ad564b10a1df65f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-slkr2w1hddYmB3nRBZsOrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-slkr2w1hddYmB3nRBZsOrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 16:29:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 1085 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::8d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers
styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 3FCE 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lce_ewZAAAAAFRAZIZhl0_TjRPLoERRlMkacQJJ&co=aHR0cHM6Ly93d3cucmVkZmxhZ2RlYWxzLmNvbTo0NDM.&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=1mm9hnzba04v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 15:16:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jan 2025 15:16:05 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 3FCE 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lce_ewZAAAAAFRAZIZhl0_TjRPLoERRlMkacQJJ&co=aHR0cHM6Ly93d3cucmVkZmxhZ2RlYWxzLmNvbTo0NDM.&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=1mm9hnzba04v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 15:16:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206076
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jan 2025 15:16:04 GMT
z4qnen94.json
l.getsitecontrol.com/ 		26 B
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/z4qnen94.json
Requested by
Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/z4qnen94.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
2388df780f154980d5f334830101f63540ae55f3601ed8a2d3eb4053a6a9f4e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:14 GMT
content-encoding
br
cdn-edgestorageid
925
x-amz-request-id
C0CC4F8BD5M9R49D
x-amz-server-side-encryption
AES256
cdn-cachedat
11/26/2023 04:27:54
cdn-pullzone
89704
cross-origin-resource-policy
cross-origin
x-amz-id-2
i+6gqwNl7YdLRxvS0O161+pEfa7SgNxOIWWkk11N41hUu+oUDhTsbtRDYdVoth8mbjZfykpWcf88mQ0XdQsqfQ==
last-modified
Fri, 03 Nov 2023 19:15:08 GMT
server
BunnyCDN-ASB1-925
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"50d8d592da6202f5125398648b0e29c4"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
access-control-max-age
3000
cdn-requestid
59ff6aa42be982c3fda7473176b690e2
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
527508991626148
connect.facebook.net/signals/config/ 		51 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/527508991626148?v=2.9.142&r=stable&domain=www.redflagdeals.com&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e6f13c08e189bed1fd0154cd408896bcd851f8d3e472adf22afbd6ab31f7d8a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Jan 2024 16:29:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10805
x-xss-protection
0
pragma
public
x-fb-debug
hfFj2cqUeo7Dl6Uz9uquVtVIjOXM3Gmc3Hqg07HQ91oIxZktmj1n51KeSNTR+NvyWi4QfVz17qnsigjLs2x7Rg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
sc
www.redflagdeals.com/p/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.redflagdeals.com/p/sc
Requested by
Host: config.htplayground.com
URL: https://config.htplayground.com/libs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-cache-hits
0
date
Wed, 24 Jan 2024 16:29:13 GMT
via
1.1 varnish
x-cache
MISS
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
0
x-served-by
cache-yyz4534-YYZ, cache-yyz4534-YYZ
5129
config.aps.amazon-adsystem.com/configs/ 		532 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/5129
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-26.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
8292cea51efa06df0e77b5b9289b375f03f6262afab44b69437aad3556b191b8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 15:53:59 GMT
via
1.1 0df778cadb5eaa000de4f1d7838b16e0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
2115
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
rX72m710h1BfNDDYV4Ej8SrsNaxbA6vELaDRs7bA9G1ilRSLyt3Ngw==
config
c.amazon-adsystem.com/cdn/prod/ 		482 B
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5129&u=https%3A%2F%2Fwww.redflagdeals.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.49.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-49-33.yul62.r.cloudfront.net
Software
Server /
Resource Hash
d4fb97ca219cfd55fb9fbb040a763ab4c542700339ba61332449b1228c9aa242

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:13 GMT
via
1.1 0fb05a472bd2fcfe266ed8a7a987ab1e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.redflagdeals.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
482
x-amz-cf-id
wA5ZvccV785cOzFLhEC_LecXDFsvVE0WRC4yiV8lxIXsw5O3JGKQ-w==
op.js
tagan.adlightning.com/verticalscope-test-d/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/verticalscope-test-d/op.js
Requested by
Host: config.htplayground.com
URL: https://config.htplayground.com/libs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-4.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9d812e993827acd651d4c414696f99ec11b321ea7facd64952cef4cdfe050d8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
atk6RsddH2WGwyr.Q4wEBVCjy9fEEx44
content-encoding
gzip
via
1.1 5f3758e5ae00fa64427cf258109c7a90.cloudfront.net (CloudFront)
date
Wed, 24 Jan 2024 16:01:33 GMT
x-amz-cf-pop
YUL62-P1
age
1662
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7970
x-amz-meta-git_commit
2805e46
last-modified
Tue, 23 Jan 2024 14:51:14 GMT
server
AmazonS3
etag
"e313e9a7081379e2d8dda53b17900fb1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
TZyOc-2usFAxZs4QB1maXuVAMzXgtC0mYEkAM0Spl0vAkqdwFtocjA==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=527508991626148&ev=PageView&dl=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f23e98bc8e421de12340a8b&rl=&if=false&ts=1706113753969&sw=1600&sh=1200&v=2.9.142&r=stable&ec=0&o=4126&fbp=fb.1.1706113753968.33054375&ler=empty&it=1706113753691&coo=false&exp=d3&rqm=GET
Requested by
Host: www.redflagdeals.com
URL: https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 24 Jan 2024 16:29:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
zftWH1OehvU7cp4CwShG1rGJcDUeSLUwVTlpfhapoYQ.js
www.google.com/js/bg/ Frame 3FCE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/zftWH1OehvU7cp4CwShG1rGJcDUeSLUwVTlpfhapoYQ.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdfb561f539e86f53b729e02c12846d6b18970351e48b5305539697e16a9a184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lce_ewZAAAAAFRAZIZhl0_TjRPLoERRlMkacQJJ&co=aHR0cHM6Ly93d3cucmVkZmxhZ2RlYWxzLmNvbTo0NDM.&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=1mm9hnzba04v
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 15:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
4388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6922
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jan 2025 15:16:06 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3FCE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:02:10 GMT
x-content-type-options
nosniff
age
433624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 26 Jan 2024 16:02:10 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3FCE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lce_ewZAAAAAFRAZIZhl0_TjRPLoERRlMkacQJJ&co=aHR0cHM6Ly93d3cucmVkZmxhZ2RlYWxzLmNvbTo0NDM.&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=1mm9hnzba04v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:16:29 GMT
x-content-type-options
nosniff
age
504765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:16:29 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3FCE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lce_ewZAAAAAFRAZIZhl0_TjRPLoERRlMkacQJJ&co=aHR0cHM6Ly93d3cucmVkZmxhZ2RlYWxzLmNvbTo0NDM.&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=1mm9hnzba04v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:21:21 GMT
x-content-type-options
nosniff
age
504473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 20:21:21 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 3FCE 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lce_ewZAAAAAFRAZIZhl0_TjRPLoERRlMkacQJJ&co=aHR0cHM6Ly93d3cucmVkZmxhZ2RlYWxzLmNvbTo0NDM.&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=1mm9hnzba04v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
28bd191bba13945f81b09f2df5f54b9208309f4da0e7bb202c1e61c7adf039b9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lce_ewZAAAAAFRAZIZhl0_TjRPLoERRlMkacQJJ&co=aHR0cHM6Ly93d3cucmVkZmxhZ2RlYWxzLmNvbTo0NDM.&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=1mm9hnzba04v
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 24 Jan 2024 16:29:14 GMT
b-2805e46-20bb7c10.js
tagan.adlightning.com/verticalscope-test-d/ 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/verticalscope-test-d/b-2805e46-20bb7c10.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/verticalscope-test-d/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-4.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
428edab091862712f1148b97089b3bdeb65a9e1b9d37280ad5f3fb5cc5c332a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 18:25:54 GMT
content-encoding
gzip
via
1.1 5f3758e5ae00fa64427cf258109c7a90.cloudfront.net (CloudFront)
x-amz-version-id
71gDkv.SBpq2SPb.qMuOQlg5Mu5Xglwa
x-amz-cf-pop
YUL62-P1
age
2412201
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26335
x-amz-meta-git_commit
2805e46
last-modified
Wed, 27 Dec 2023 18:25:32 GMT
server
AmazonS3
etag
"86ec969965f720e133b569fa743a7bb2"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
FJZkitPCT1QvxSiLMrYUSgf_5-blJGh0U0eJ07yh1Gzkyx1TXDlHkA==
bl-904ac2d-bbaf4442.js
tagan.adlightning.com/verticalscope-test-d/ 		96 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/verticalscope-test-d/bl-904ac2d-bbaf4442.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/verticalscope-test-d/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-4.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96c4a6a18463cf58fe2750f5a52448e3e26176020ed9f2b14547d4dbfe63bbdf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:01:18 GMT
content-encoding
gzip
via
1.1 5f3758e5ae00fa64427cf258109c7a90.cloudfront.net (CloudFront)
x-amz-version-id
KPsZopAGyQVp1zfOlrmF_IggezCbXdoz
x-amz-cf-pop
YUL62-P1
age
91677
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
41085
x-amz-meta-git_commit
904ac2d
last-modified
Tue, 23 Jan 2024 14:50:47 GMT
server
AmazonS3
etag
"ca9c805d1b174c0551b5368ff00d3046"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
8BLP-8N7QKJhjXD41HgApO5Cqt01mzgMCaXLTq2KhmQ4G4SQbGT80g==
/
e.htplayground.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://e.htplayground.com/
Requested by
Host: config.htplayground.com
URL: https://config.htplayground.com/libs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
140.82.12.76 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
140.82.12.76.vultrusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 24 Jan 2024 16:29:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
access-control-max-age
86400
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
/
e.htplayground.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://e.htplayground.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
140.82.12.76 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
140.82.12.76.vultrusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.redflagdeals.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
access-control-allow-origin
*
access-control-max-age
31536000
content-length
0
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1706113754680&aid=a-0918&se=e30&duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&tv=v2.11.7&pu=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f2...
  • https://rp4.liadm.com/j?se=e30&duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&aid=a-0918&cd=.redflagdeals.com&dtstmp=1706113754680&tv=v2.11.7&n3pc=true&wpn=lc-bundle&i6=MjAwMTo0OTU4OjE0MjA6MTUxOjo0&...
13 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?se=e30&duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&aid=a-0918&cd=.redflagdeals.com&dtstmp=1706113754680&tv=v2.11.7&n3pc=true&wpn=lc-bundle&i6=MjAwMTo0OTU4OjE0MjA6MTUxOjo0&pu=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f23e98bc8e421de12340a8b&c=PHRpdGxlPkNvbmZpcm0geW91ciBlbWFpbCBhZGRyZXNzIDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGxpbmsgaHJlZj0iaHR0cHM6Ly93d3cucmVkZmxhZ2RlYWxzLmNvbS91c2VyL3NpZ251cC8iIHJlbD0iY2Fub25pY2FsIj48aDE-Q29uZmlybWF0aW9uIEVycm9yPC9oMT4
Protocol
H2
Server
3.225.251.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-251-244.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:17 GMT
x-pixel-event-id
b2899f18-ff24-48f9-be39-770e1e7b753b
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
13

Redirect headers

location
https://rp4.liadm.com/j?se=e30&duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&aid=a-0918&cd=.redflagdeals.com&dtstmp=1706113754680&tv=v2.11.7&n3pc=true&wpn=lc-bundle&i6=MjAwMTo0OTU4OjE0MjA6MTUxOjo0&pu=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f23e98bc8e421de12340a8b&c=PHRpdGxlPkNvbmZpcm0geW91ciBlbWFpbCBhZGRyZXNzIDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PGxpbmsgaHJlZj0iaHR0cHM6Ly93d3cucmVkZmxhZ2RlYWxzLmNvbS91c2VyL3NpZ251cC8iIHJlbD0iY2Fub25pY2FsIj48aDE-Q29uZmlybWF0aW9uIEVycm9yPC9oMT4
access-control-allow-origin
https://www.redflagdeals.com
date
Wed, 24 Jan 2024 16:29:15 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
status
accounts.google.com/gsi/ 		40 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=469392466123-871u59f1qlnstlqhd7jer4fqbfd586st.apps.googleusercontent.com&as=3KnIwap%2FFRi49vheoZkq6g
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::54 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
363ccb983c1510a1e2efd8cf8f8c4a86d73203cd245fcac5fe7ee476163abef7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-RCTJ1gvjCmP4kqbsibADLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:15 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-RCTJ1gvjCmP4kqbsibADLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.redflagdeals.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		251 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1ZTDNG7R8Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZPGKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5790cc34f78c46c44d074e8c6274cfa5e6f6bede86231883eccd206a13dad257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87666
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 16:29:15 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZPGKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Jan 2024 15:47:50 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2487
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 24 Jan 2024 17:47:50 GMT
tag
btloader.com/ 		199 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5729616248438784&upapi=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZPGKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34234f3d54826b131057c5b7bc0f5292fd423929961d36ddccebb046c2543751

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:17 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 24 Jan 2024 15:47:27 GMT
server
cloudflare
age
2307
etag
"5df8cd9421ce56f3d2c15750a82d7411"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
84a9a7893fce36fb-YYZ
content-length
47446
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6036030/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
3.161.213.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-3.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 13:38:02 GMT
via
1.1 83a743ed393a5cd20768ea48e9372bca.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
10274
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
GzCbDrS_25TU7G2OEW77yOJkiskNHjdIpuyozRl9vmoSk-eWUkqApA==

Redirect headers

date
Wed, 24 Jan 2024 16:29:15 GMT
via
1.1 83a743ed393a5cd20768ea48e9372bca.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
YoE5AxVuE_E9c_oUjdhkDG_3IargD78D0uoWLf5aygrCx6SHocBWbA==
collect
www.google-analytics.com/g/ 		0
175 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1ZTDNG7R8Z&gtm=45je41m0v867927242z8831309566&_p=1706113751321&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=1268597394.1706113756&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706113755&sct=1&seg=0&dl=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f23e98bc8e421de12340a8b&dt=Confirm%20your%20email%20address&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=13647
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1ZTDNG7R8Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 16:29:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.redflagdeals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1264624963&t=pageview&_s=1&dl=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f23e98bc8e421de12340a8b&ul=en-us&de=UTF-8&dt=Confirm%20your%20email%20address&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1384040119&gjid=1552859018&cid=1268597394.1706113756&tid=UA-220893-1&_gid=1257380122.1706113758&_r=1&_slc=1&gtm=45He41m0n81NDZPGKHv831309566&cd18=&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&z=1141122463
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 16:29:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.redflagdeals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5729616248438784&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 24 Jan 2024 16:29:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1714562
x-guploader-uploadid
ABPtcPq4NT1ZuvVThBw6ycEphJ3ygn-xPkVcUycFebBzSRGYP7sJSkF_rRbB8FBgNRCWqsxsh7Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7AO1zBGlIBmBdzUegkM7kxkKz6zQyq4crQ4dtJEIYqbLZAGzYICFtmaDgtENMjgesiPKpeEb0K9Oo5vYjrNugDzQUHYxT7oafRJYVpTQJdjxE2NgO1YupAXirWZkt1QgxE7Uf3PhOpO%2B8YdbA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
84a9a7946846a1d8-YYZ
expires
Thu, 04 Jan 2024 20:16:49 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f149.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:52:02 GMT
x-content-type-options
nosniff
age
34637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1078
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Jan 2024 06:52:02 GMT
px.gif
ad-delivery.net/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.294999956623613
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1714562
x-guploader-uploadid
ABPtcPq4NT1ZuvVThBw6ycEphJ3ygn-xPkVcUycFebBzSRGYP7sJSkF_rRbB8FBgNRCWqsxsh7Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47cTScAlSGMfu1XEf1PLs8cV4Zsevg0%2BjvMowy0l1r4IR0lCEG1mxXCf2hQNMVmiS5DMKALv8dtY9CztygSK8Fneu8T8NQNkY4ERt9FUYRT4nvtr9LHjumAcrziHzX%2F6Jll10j%2FwWYeAhzZR3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
84a9a7946848a1d8-YYZ
expires
Thu, 04 Jan 2024 20:16:49 GMT
a-0918
i.liadm.com/s/c/ Frame 6C1B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-0918?duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&euns=0&s=&version=v2.11.7&cd=.redflagdeals.com&
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/verticalscope-test-d/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.28.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-28-229.compute-1.amazonaws.com
Software
/
Resource Hash
c5100ea9c7dbce8678ddb1585651689b7a7307e3caed05e3ae559cb0aae6ed76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
694
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 Jan 2024 16:29:19 GMT
Request-Time
272
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
collect
stats.g.doubleclick.net/j/ 		4 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-220893-1&cid=1268597394.1706113756&jid=1384040119&gjid=1552859018&_gid=1257380122.1706113758&_u=YADAAEAAAAAAACAAI~&z=763300423
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 24 Jan 2024 16:29:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.redflagdeals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
country
api.btloader.com/ 		16 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5729616248438784&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:19 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=upC5EkcnMq&w=5635655437647872&o=5729616248438784&cv=2.1.27-2-g1727909&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f23e98bc8e421de12340a8b&sid=f3rnNeV1y&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5729616248438784&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 24 Jan 2024 16:29:19 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-220893-1&cid=1268597394.1706113756&jid=1384040119&_u=YADAAEAAAAAAACAAI~&z=2071275892
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 16:29:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-220893-1&cid=1268597394.1706113756&jid=1384040119&_u=YADAAEAAAAAAACAAI~&z=2071275892
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 16:29:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6C1B
Redirect Chain
  • https://he.lijit.com/merge?pid=8105&event_type=email&lc_md5=962956c4f43812cc52605ceaf923b2cb&lc_sha1=&lc_sha256=&duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&cd=.redflagdeals.com&version=v2.11.7&s...
  • https://he.lijit.com/merge?dnr=1&pid=8105&lc_md5=962956c4f43812cc52605ceaf923b2cb&uc_md5=&lc_sha1=&uc_sha1=&lc_sha256=&uc_sha256=&lc_domain_sha1=
  • https://p.alcmpn.com/em/173/110/2360.gif?gid=962956c4f43812cc52605ceaf923b2cb
  • https://e.dlx.addthis.com/e/a-1564/s-5719?ret=img&na_em=962956c4f43812cc52605ceaf923b2cb
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm&google_hm=MjAyNDAxMjQxNjI5MjAwMDAxMDA2OTAyNjkwNA%3D%3D
0
0
bk_sync.xgi
x.dlx.addthis.com/e/ Frame 6C1B
Redirect Chain
  • https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=962956c4f43812cc52605ceaf923b2cb
  • https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=962956c4f43812cc52605ceaf923b2cb&rd=Y
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2024012416292000010069026904&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
43 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0918?duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&euns=0&s=&version=v2.11.7&cd=.redflagdeals.com&
Protocol
H2
Server
23.39.185.111 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-185-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 24 Jan 2024 16:29:21 GMT
pragma
no-cache
date
Wed, 24 Jan 2024 16:29:21 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
date
Wed, 24 Jan 2024 16:29:21 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
bk_sync.xgi
x.dlx.addthis.com/e/ Frame 6C1B
Redirect Chain
  • https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=680a19afd608b4a9f3b0889f89881e67
  • https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=680a19afd608b4a9f3b0889f89881e67&rd=Y
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2024012416292000017880163266&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
43 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0918?duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&euns=0&s=&version=v2.11.7&cd=.redflagdeals.com&
Protocol
H2
Server
23.39.185.111 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-185-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 24 Jan 2024 16:29:21 GMT
pragma
no-cache
date
Wed, 24 Jan 2024 16:29:21 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
date
Wed, 24 Jan 2024 16:29:21 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
bk_sync.xgi
x.dlx.addthis.com/e/ Frame 6C1B
Redirect Chain
  • https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=c371f3a46a0cf80ccb6bb53ce85259a1
  • https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=c371f3a46a0cf80ccb6bb53ce85259a1&rd=Y
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2024012416292000037713776015&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
43 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0918?duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&euns=0&s=&version=v2.11.7&cd=.redflagdeals.com&
Protocol
H2
Server
23.39.185.111 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-185-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 24 Jan 2024 16:29:21 GMT
pragma
no-cache
date
Wed, 24 Jan 2024 16:29:21 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
date
Wed, 24 Jan 2024 16:29:21 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
sync
pippio.com/api/ Frame 6C1B 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=710914&_=6&it=4&iv=962956c4f43812cc52605ceaf923b2cb&it=4&it=4
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0918?duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&euns=0&s=&version=v2.11.7&cd=.redflagdeals.com&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 16:29:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 6C1B 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0918?duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&euns=0&s=&version=v2.11.7&cd=.redflagdeals.com&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 16:29:20 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
476950
expires
Wed, 24 Jan 2024 00:00:00 GMT
a-0918
i6.liadm.com/s/c/ Frame 6C1B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/c/a-0918?duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&cd=.redflagdeals.com&version=v2.11.7&s=&euns=0
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0918?duid=064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v&euns=0&s=&version=v2.11.7&cd=.redflagdeals.com&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:ed:550e:f339:4051:d8d6:6b16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1ZTDNG7R8Z&gtm=45je41m0v867927242&_p=1706113751321&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=1268597394.1706113756&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1706113755&sct=1&seg=0&dl=https%3A%2F%2Fwww.redflagdeals.com%2Fuser%2Fconfirm-email%2Ff361dfbd69246f23e98bc8e421de12340a8b&dt=Confirm%20your%20email%20address&en=scroll&epn.percent_scrolled=90&_et=6&tfd=18664
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1ZTDNG7R8Z&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.redflagdeals.com/user/confirm-email/f361dfbd69246f23e98bc8e421de12340a8b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 16:29:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.redflagdeals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
play.google.com/ Frame 1085 		0
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 -, , ASN (),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://accounts.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://accounts.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 24 Jan 2024 16:29:23 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm&google_hm=MjAyNDAxMjQxNjI5MjAwMDAxMDA2OTAyNjkwNA%3D%3D
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| deployads object| apstag object| WebFontConfig function| loadCSS function| $ function| jQuery boolean| MOBILE_APP_DETECTED boolean| FORUMS_APP_DETECTED object| spotCommands object| MUNIVERSAL object| dataLayer object| body object| RFD object| countCommment object| CookieManager object| enquire function| lazyload_manual function| lazyload_scroll function| loadListImages object| scope boolean| anchorHidden boolean| userLoginStatus function| detectMobileBrowser function| showSearch function| hideSearch function| showUserboxMenu function| hideUserboxMenu function| activateMainMenu function| activateSubMenu function| deactivateSubMenu function| toggleHeaderSize function| deactivateOffcanvas undefined| userbox undefined| userbox_api_endpoint undefined| userbox_phpbb_endpoint function| addCsrfTokenToForm function| verifyRecaptcha function| addBreakingNewsDataToHtml function| isbreakingNewsDisabledByUser object| enquireQueries function| initHeaderLeaderboardSlotTimer function| rfdTdPixel boolean| scrollLock object| jQuery1111011077787598479549 number| largeHeaderStickInterval function| buildErrorContainer function| buildErrorMarker function| buildFormDefaults function| attachRFDClickTracker function| attachRFDShareTracker function| attachRFDProductViewTracker function| attachRFDFlyerViewTracker function| attachRFDProductWebsiteVisitTracker function| trackTCEvent function| attachTCEventTracker object| RFDAnalytics object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| RFD_Placements object| googletag function| MUniversalCompatibility function| adTakeover function| _typeof function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| PartnersWinEvent object| findRFDRe object| foundRFD object| htAdsJSON object| HT boolean| noCmpNeeded object| WebFont object| htAdsJS function| adUnits object| pbjsChunk object| pbjs object| _pbjsGlobals object| ADAGIO object| mnet object| regeneratorRuntime number| adBundleVersion object| _aps boolean| apstagLOADED object| htLocationData boolean| ccpaHeader boolean| gdprHeader boolean| gdprMightApply boolean| ccmpMightApply object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| postscribe object| google_tag_manager_external undefined| attributionValue function| fbq function| _fbq object| default_gsi object| _F_toggles object| google object| __G_ID_CLIENT__ object| closure_lm_90236 object| recaptcha object| closure_lm_94989 function| gsc undefined| google_measure_js_timing object| pbjsSortable boolean| waitingForFloorsScript function| HT_DATA_LAYER object| apscustom object| ats object| VVEHqJ function| VVEHqO object| xop object| fnisahevxmo object| e3ypny3rbi8 object| LI object| __li__evt_bus object| liQ object| liQ_instances object| tN4apO2 function| tN4apO3 function| xblocker object| CRmgbQ function| CRmgbV object| xblacklist string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am boolean| __bt_already_invoked

35 Cookies

Domain/Path Name / Value
.liadm.com/j Name: lidid
Value: abc2eb71-af54-490e-b5a5-c0c6ad5fff74
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARCGFwoJCP____8HEJAXEh8N7vKPLxIYCgYIlAEQhBcKBgirARCEFwoGCMoBEIYXEg8NIjO51RIICgYIqwEQhBcSDw2_JnLGEggKBgirARCEFw
i6.liadm.com/s Name: _li_ss
Value: CgA
.redflagdeals.com/ Name: PHPSESSID
Value: e4dbcbd96cf78957cf0da0a05709811c
.redflagdeals.com/ Name: location
Value: toronto
www.redflagdeals.com/ Name: lux_uid
Value: 170611375196706059
.redflagdeals.com/ Name: _gcl_au
Value: 1.1.577634486.1706113753
.scorecardresearch.com/ Name: UID
Value: 16Fd8297d633b50ccfbcdba1706113753
.www.redflagdeals.com/ Name: fctrl
Value: {"intentiq":13}
.redflagdeals.com/ Name: _fbp
Value: fb.1.1706113753968.33054375
.redflagdeals.com/ Name: _li_dcdm_c
Value: .redflagdeals.com
.redflagdeals.com/ Name: _lc2_fpi
Value: 064c8d92ab53--01hmy4vsbp3h8nvz5776e9r38v
.redflagdeals.com/ Name: _lc2_fpi_meta
Value: {%22w%22:1706113754486}
.redflagdeals.com/ Name: _ga_1ZTDNG7R8Z
Value: GS1.1.1706113755.1.0.1706113755.0.0.0
.liadm.com/ Name: lidid
Value: abc2eb71-af54-490e-b5a5-c0c6ad5fff74
.redflagdeals.com/ Name: _ga
Value: GA1.2.1268597394.1706113756
.redflagdeals.com/ Name: _gid
Value: GA1.2.1257380122.1706113758
.redflagdeals.com/ Name: _gat_UA-220893-1
Value: 1
.redflagdeals.com/ Name: _li_ss
Value: ChMKBgjdARCGFwoJCP____8HEJAXEh8N7vKPLxIYCgYIlAEQhBcKBgirARCEFwoGCMoBEIYXEg8NIjO51RIICgYIqwEQhBcSDw2_JnLGEggKBgirARCEFw
.redflagdeals.com/ Name: _li_ss_meta
Value: {%22w%22:1706113759999%2C%22e%22:1708705759999}
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.lijit.com/ Name: ljt_reader
Value: e1e032d96ab141166960a13a
.lijit.com/ Name: 3pids
Value: "8105:962956c4f43812cc52605ceaf923b2cb,,,,,,"
.addthis.com/ Name: na_tc
Value: Y
.dlx.addthis.com/ Name: na_sr
Value: 20240124
.addthis.com/ Name: na_id
Value: 2024012416292000010069026904
.addthis.com/ Name: uid
Value: 65b13ae093351be0
.addthis.com/ Name: ouid
Value: 65b13ae00001b341b184fb7b25f8f252e205984274fc663683eb
.bluekai.com/ Name: bku
Value: 4yD99mWbLVUYKwGj
.bluekai.com/ Name: bkpa
Value: KJy9MxO0d02pSUHknpW61ezdzsa05s8kzM6hJ7PGSV86wV8CUtkAwE/y1Mxy1E/61ER0mE/y1e9y1EzTme9hBM10BMRZzZPASU/2ScH6zc1k16Wk1ARk1AjTnZHLKY8CjsH6SskpnZBFquD0HZDk1AjiSN2pKV8Mn7C7SuDpHZ8CUtPTSVxk16xk1MH4xA+4PPPJH919FPL38x==
.alcmpn.com/ Name: _3ci
Value: ba79f821-bad5-11ee-9ff9-0904693f9093
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.dlx.addthis.com/ Name: na_rn
Value: 1
.dlx.addthis.com/ Name: na_srp
Value: 5719
.dlx.addthis.com/ Name: na_sc_e
Value: 1

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pippio.com/api/sync?pid=710914&_=6&it=4&iv=962956c4f43812cc52605ceaf923b2cb&it=4&it=4
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ad-delivery.net
ad.doubleclick.net
ajax.aspnetcdn.com
ajax.googleapis.com
api.btloader.com
assets.rfdcontent.com
b-code.liadm.com
btloader.com
c.amazon-adsystem.com
cdn.speedcurve.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
config.htplayground.com
connect.facebook.net
csp.withgoogle.com
dis.criteo.com
e.dlx.addthis.com
e.htplayground.com
fonts.googleapis.com
fonts.gstatic.com
i.liadm.com
i6.liadm.com
l.getsitecontrol.com
netdna.bootstrapcdn.com
pippio.com
play.google.com
rp.liadm.com
rp4.liadm.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stags.bluekai.com
stats.g.doubleclick.net
storage.googleapis.com
tagan.adlightning.com
url3161.redflagdeals.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.redflagdeals.com
x.dlx.addthis.com
cm.g.doubleclick.net
play.google.com
107.178.254.65
130.211.23.194
140.82.12.76
142.251.16.149
151.101.1.91
151.101.129.91
151.101.193.91
151.101.194.217
152.199.4.33
172.253.62.207
23.39.185.111
2600:1f18:730:b150:6603:655:735c:e3cb
2600:1f18:ed:550e:f339:4051:d8d6:6b16
2600:9000:215f:6600:8:8845:1500:93a1
2606:4700:10::6816:4bd8
2606:4700:20::681a:246
2606:4700::6812:bcf
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::71
2607:f8b0:4004:c06::93
2607:f8b0:4004:c07::8d
2607:f8b0:4004:c07::9a
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c1b::54
2607:f8b0:4004:c1b::9a
2607:f8b0:4004:c1d::5f
2607:f8b0:4004:c1d::61
2607:f8b0:4004:c1d::8a
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42:200::347
3.161.213.3
3.161.213.4
3.225.251.244
34.233.28.229
37.19.207.34
54.192.51.26
54.230.49.33
74.119.119.150
0648f735b64350bc19e52a60baa91a7a49a069185790273ee28b561f4f60f8cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
071ce441ef06d2667f2e9c9248d0f3ac935d6733162e35bc66804efe3de62e80
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
2388df780f154980d5f334830101f63540ae55f3601ed8a2d3eb4053a6a9f4e3
25e55a46432e4d4e85eceaaab88c192840dccf8efd395db110f0a3c422472773
261b08e0d6e59dee354c813dc76787a6e82076ab87b850a7eaa6f647f29ade32
26700182a1bc4bd0ebd4ce5bd66327330a47e7ab2fdebecc5be3afabbea29a62
28bd191bba13945f81b09f2df5f54b9208309f4da0e7bb202c1e61c7adf039b9
2c81dbc88c8c4d01ed5fb63ba91812047d1e1059bd607444e4df26f677df374f
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775
34234f3d54826b131057c5b7bc0f5292fd423929961d36ddccebb046c2543751
363ccb983c1510a1e2efd8cf8f8c4a86d73203cd245fcac5fe7ee476163abef7
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
411382b67ed284126245a6cad60e2cd9d7e27ab5c7e8ed720e732ca63a19058c
428edab091862712f1148b97089b3bdeb65a9e1b9d37280ad5f3fb5cc5c332a6
434671cf1d508a2fb3388b5ef2b4cd37192fde6a53b7955ad9ba0ac5a433147e
4de3f2c85751bffda4d0fe23ab5e6f37ad4560503bb44b8ef122fe5112584994
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5790cc34f78c46c44d074e8c6274cfa5e6f6bede86231883eccd206a13dad257
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fe55811cab9115f1733276abdc3e822047bd84f6ab9611fe64fcca43261e49f
6330b390342c4b8e474101dec772e13ce56009caa7c3cffefff44d6fe09844dc
6df8eba2a196c26631b9470b066b994cba82042a635bae1f881f466b4befcb97
74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f
768363372883bb5406490e620d629f98a429f189a7cf48bf74b8a638091abbc1
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a2a2de240988b267ace552bff3a6f2c03af314465c92c9b3834bd1caba2d4e3
8292cea51efa06df0e77b5b9289b375f03f6262afab44b69437aad3556b191b8
848c108e1eefe054208ba591dfceff40c30f5bee990eda5bf68bbf13d5eb087b
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8b3d4fb78691596ee888930eaf65a8debcc669e200e39b07c243eca95ca42337
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225
9096fee1917ed3608ff1695dd94cd9b4c817718df2319546a6c556a9014dd2df
9694d8d27d49caa0293c36e65ec4c704941ab1654d7e7950de7d796923ba49bc
96c4a6a18463cf58fe2750f5a52448e3e26176020ed9f2b14547d4dbfe63bbdf
9e6f13c08e189bed1fd0154cd408896bcd851f8d3e472adf22afbd6ab31f7d8a
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa
a9d812e993827acd651d4c414696f99ec11b321ea7facd64952cef4cdfe050d8
ae425bb9fff120229fc66feeaee0d88d697f13d2b29bf148f539861917d4ff6f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1fb7d3711bb1df62e5e7378a6900ad98e4d5a29ebe9591bfc0c0935d60998d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b4f0f8912bf6596e863269b96ecb655eecf3f8009a64a9232645f019040d39a4
b5780df1c5242c493a84897545d5759546b3b56d884f17624043531ace4d5682
bd53c97b2705f762f6d91ba5014da85be283318275af6ddab8201475da4e9df8
c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3
c5100ea9c7dbce8678ddb1585651689b7a7307e3caed05e3ae559cb0aae6ed76
cb98aaf8d7a5420159aa7f769b939ea14869af0ce512fe1f905679595592a53b
cdfb561f539e86f53b729e02c12846d6b18970351e48b5305539697e16a9a184
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4fb97ca219cfd55fb9fbb040a763ab4c542700339ba61332449b1228c9aa242
d5d15d0028431f52bc20c2bc94db7a81faa3232e53ed7c81fa62c8ae3963192f
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dc1d9ed3d8e4a2f9fd78aaec78f406b1dbd5782f534bd6fe77e709f8e5b6c32e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e038e5959f49b865e58fc9c528bc0d56f374cbe356e3f0fb941aa7332c18e946
e167bf9f353483ab387fce229c4648982e6bbbd89e447350ce51f6860440c6da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebec6ebcfcb19b1f0889d5a4cbd9ceec998e2659df8f76b9b9232f823498d2f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7740a3e3f51d036423b97ad9b316564788bf391025f96d2c5cdbfbbc67dfb6b
f8cd294dd0e2de4a282a17e781b1c6c8b59f286a2724507952c2864f43901fe1
fac2b9c51fb7e30910a6c1e7ec70ad447fcf38a6d4ef13608ad564b10a1df65f