urlscan.io logo urlscan.io
SecurityTrails logo

r.zredirect.com Open in urlscan Pro
66.165.243.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://secure.homehareware.ca/
Effective URL: https://r.zredirect.com/redirect?redirect_id=34e20b41ef38484e5706200bafae57ea&request_id=ba5191a454209b159e871f77fc30f8a2
Submission: On June 24 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 13 HTTP transactions. The main IP is 66.165.243.160, located in Los Angeles, United States and belongs to HVC-AS, US. The main domain is r.zredirect.com.
TLS certificate: Issued by R3 on May 9th 2024. Valid for: 3 months.
This is the only time r.zredirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.234.222.143 63949 (AKAMAI-LI...)
2 72.52.179.174 32244 (LIQUIDWEB)
4 66.165.243.160 29802 (HVC-AS)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.212.240.21 ()
3 4 2600:141b:f00... ()
1 1 52.24.145.159 ()
13 6
1    172.234.222.143 (Chicago, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-234-222-143.ip.linodeusercontent.com
secure.homehareware.ca
2    72.52.179.174 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
ww99.homehareware.ca
4    66.165.243.160 (Los Angeles, United States)

ASN29802 (HVC-AS, US)
PTR: 66-165-243-160.static.hvvc.us
r.zredirect.com
4    2607:f8b0:400d:c0e::64 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:400d:c1d::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6813:966b (United States)

ASN13335 (CLOUDFLARENET, US)
track.flexlinkspro.com
1    35.212.240.21 (None, )

ASN- ()
click.linksynergy.com
4    2600:141b:f000:36::1728:128d (None, )

ASN- ()
www.homehardware.ca
1    52.24.145.159 (None, )

ASN- ()
homehardware.ca
Apex Domain
Subdomains		 Transfer
5 homehardware.ca
www.homehardware.ca
homehardware.ca
4 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
21 KB
4 zredirect.com
r.zredirect.com
11 KB
3 homehareware.ca
secure.homehareware.ca
ww99.homehareware.ca
4 KB
1 linksynergy.com
click.linksynergy.com
1 KB
1 flexlinkspro.com
track.flexlinkspro.com — Cisco Umbrella Rank: 184690 Failed
342 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
92 KB
13 7
Domain Requested by
4 www.homehardware.ca 3 redirects
4 www.google-analytics.com r.zredirect.com
www.google-analytics.com
www.googletagmanager.com
4 r.zredirect.com ww99.homehareware.ca
r.zredirect.com
2 ww99.homehareware.ca ww99.homehareware.ca
1 homehardware.ca 1 redirects
1 click.linksynergy.com 1 redirects
1 track.flexlinkspro.com r.zredirect.com
1 www.googletagmanager.com www.google-analytics.com
1 secure.homehareware.ca 1 redirects
13 9

This site contains no links.

Subject Issuer Validity Valid
zredirect.com
R3		 2024-05-09 -
2024-08-07		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
tp1.kibocommerce.com
R3		 2024-05-30 -
2024-08-28		 3 months crt.sh

This page contains 2 frames:

Frame: https://www.homehardware.ca/en/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=PPkX79/c*b0&utm_term=1.47290.0FOF17013806878790130&ranMID=47290&ranEAID=1635394&ranSiteID=PPkX79_c.b0-hRGwIcyugEATK6RU_hUHvA
Frame ID: E2493D66DA9BB854AC33BC51D94E068A
Requests: 10 HTTP requests in this frame

Frame: https://r.zredirect.com/go?e=DwCaxHVbxKB9IPqxkUX09IsyVvF8AKC6jKWzD2XytwL8uvXv1KLefQsYSaC-MUqXy3C5kGVyj3KeHPrVclBvx0XbblF-AaVw1aqzNJsYOKL8gQpVcvC15wXbLPL9S2W5x3CNuTslgvFefQLNImqwtxs6p2E1VTAx5UWxO0ZuOJClLKqXgFX1xQA-LvEdRTqUyaCwuTs7jmF8IPpu13pdZTsXglBlfRLTIQXWEHr-D2F1pUrb13B84mZbVPL0V2VXSFW09yX-fFB95Gr6jKWvZJsYqFC9A3W6bvC0uRs7xGB8gGq9flp8ATsmWFL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Frame ID: FB3C3E9F62B1F3D4FDFFC349939346A1
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://secure.homehareware.ca/ HTTP 307
    https://secure.homehareware.ca/ HTTP 302
    http://ww99.homehareware.ca/ HTTP 307
    https://ww99.homehareware.ca/ HTTP 307
    http://ww99.homehareware.ca/ Page URL
  2. http://ww99.homehareware.ca/page/bouncy.php?&bpae=GbhGdKcm5Vx%2Fj%2FN0evU37cnMvHvL4O1UvlNm1pi4fmWsiyV9q%... Page URL
  3. https://r.zredirect.com/redirect?redirect_id=34e20b41ef38484e5706200bafae57ea&request_id=ba5191a4542... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

13
Requests

77 %
HTTPS

44 %
IPv6

7
Domains

9
Subdomains

6
IPs

1
Countries

127 kB
Transfer

331 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secure.homehareware.ca/ HTTP 307
    https://secure.homehareware.ca/ HTTP 302
    http://ww99.homehareware.ca/ HTTP 307
    https://ww99.homehareware.ca/ HTTP 307
    http://ww99.homehareware.ca/ Page URL
  2. http://ww99.homehareware.ca/page/bouncy.php?&bpae=GbhGdKcm5Vx%2Fj%2FN0evU37cnMvHvL4O1UvlNm1pi4fmWsiyV9q%2FlxdSAIog8F3BwXsDxr7Z9kMRl2utmWlf7oyGIHPZ2sFknnQIBwIyB53d0r%2BzXLMeWX8CLeC9gUB7oH8NgC4Dij3%2FeJmXf%2Bmhlr0O4kxd%2FUXi6oRRjvAhPRqckIbI3RG39oAykRsr0Xhd%2BYmR4hOAIHK0NieBAKPjYla98ekh%2F%2BmOAKUXyMEw985JGpgrRRmWxfE2NhsvfqOfBF0to%2BXV58ZDHPNFpi23kS%2FoR6kQ5Ho9WAj%2F%2Fx5WRxGAL%2BR4R%2FaH6sHYuzag75FjdJx2Ok3QYjycMk%2BLO18a%2FYmW7Y4VZfggVYIIq2KmdZYeAoZXiCV4HplruLeKvyGTfgn3%2B2q1JgqwDTin7HKMLL0JMKqhj7rpkt2bNRWEkwVgGdo%2B%2BjnDQG7btIBR4S5WD%2FOzVn6i%2F8d2tsgE4%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. https://r.zredirect.com/redirect?redirect_id=34e20b41ef38484e5706200bafae57ea&request_id=ba5191a454209b159e871f77fc30f8a2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://secure.homehareware.ca/ HTTP 307
  • https://secure.homehareware.ca/ HTTP 302
  • http://ww99.homehareware.ca/ HTTP 307
  • https://ww99.homehareware.ca/ HTTP 307
  • http://ww99.homehareware.ca/
Request Chain 14
  • https://track.flexlinkspro.com/g.ashx?foid=1.47290&trid=1360122.226169&foc=17&fot=9999&fos=1&fobs=tsyjaF9qKFNAGLt1wZ2IaFexFA5DwCzLxXuI3M8IPpV13B4VTs7xmM8gQrukKWdD2A21KB HTTP 302
  • https://click.linksynergy.com/deeplink?id=PPkX79/c*b0&mid=47290&murl=https%3a%2f%2fhomehardware.ca%2f&u1=1.47290.0FOF17013806878790130&subid=1360122 HTTP 302
  • https://www.homehardware.ca/rakuten/?ranMID=47290&ranEAID=1635394&ranSiteID=PPkX79_c.b0-hRGwIcyugEATK6RU_hUHvA&url=https%3A%2F%2Fhomehardware.ca%2F%3Futm_source%3Drakuten%26utm_medium%3Daffiliate%26utm_campaign%3DPPkX79%2Fc*b0%26utm_term%3D1.47290.0FOF17013806878790130%26ranMID%3D47290%26ranEAID%3D1635394%26ranSiteID%3DPPkX79_c.b0-hRGwIcyugEATK6RU_hUHvA HTTP 301
  • https://homehardware.ca/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=PPkX79/c*b0&utm_term=1.47290.0FOF17013806878790130&ranMID=47290&ranEAID=1635394&ranSiteID=PPkX79_c.b0-hRGwIcyugEATK6RU_hUHvA HTTP 301
  • https://www.homehardware.ca/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=PPkX79/c*b0&utm_term=1.47290.0FOF17013806878790130&ranMID=47290&ranEAID=1635394&ranSiteID=PPkX79_c.b0-hRGwIcyugEATK6RU_hUHvA HTTP 302
  • https://www.homehardware.ca/en?utm_source=rakuten&utm_medium=affiliate&utm_campaign=PPkX79/c*b0&utm_term=1.47290.0FOF17013806878790130&ranMID=47290&ranEAID=1635394&ranSiteID=PPkX79_c.b0-hRGwIcyugEATK6RU_hUHvA HTTP 301
  • https://www.homehardware.ca/en/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=PPkX79/c*b0&utm_term=1.47290.0FOF17013806878790130&ranMID=47290&ranEAID=1635394&ranSiteID=PPkX79_c.b0-hRGwIcyugEATK6RU_hUHvA

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ww99.homehareware.ca/
Redirect Chain
  • http://secure.homehareware.ca/
  • https://secure.homehareware.ca/
  • http://ww99.homehareware.ca/
  • https://ww99.homehareware.ca/
  • http://ww99.homehareware.ca/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww99.homehareware.ca/
Protocol
HTTP/1.1
Server
72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
2182
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jun 2024 12:48:53 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16

Redirect headers

Location
http://ww99.homehareware.ca/
Non-Authoritative-Reason
HttpsUpgrades
bouncy.php
ww99.homehareware.ca/page/ 		889 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww99.homehareware.ca/page/bouncy.php?&bpae=GbhGdKcm5Vx%2Fj%2FN0evU37cnMvHvL4O1UvlNm1pi4fmWsiyV9q%2FlxdSAIog8F3BwXsDxr7Z9kMRl2utmWlf7oyGIHPZ2sFknnQIBwIyB53d0r%2BzXLMeWX8CLeC9gUB7oH8NgC4Dij3%2FeJmXf%2Bmhlr0O4kxd%2FUXi6oRRjvAhPRqckIbI3RG39oAykRsr0Xhd%2BYmR4hOAIHK0NieBAKPjYla98ekh%2F%2BmOAKUXyMEw985JGpgrRRmWxfE2NhsvfqOfBF0to%2BXV58ZDHPNFpi23kS%2FoR6kQ5Ho9WAj%2F%2Fx5WRxGAL%2BR4R%2FaH6sHYuzag75FjdJx2Ok3QYjycMk%2BLO18a%2FYmW7Y4VZfggVYIIq2KmdZYeAoZXiCV4HplruLeKvyGTfgn3%2B2q1JgqwDTin7HKMLL0JMKqhj7rpkt2bNRWEkwVgGdo%2B%2BjnDQG7btIBR4S5WD%2FOzVn6i%2F8d2tsgE4%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: ww99.homehareware.ca
URL: http://ww99.homehareware.ca/
Protocol
HTTP/1.1
Server
72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb01.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
http://ww99.homehareware.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
889
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jun 2024 12:48:54 GMT
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16
Primary Request redirect
r.zredirect.com/ 		841 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.zredirect.com/redirect?redirect_id=34e20b41ef38484e5706200bafae57ea&request_id=ba5191a454209b159e871f77fc30f8a2
Requested by
Host: ww99.homehareware.ca
URL: http://ww99.homehareware.ca/page/bouncy.php?&bpae=GbhGdKcm5Vx%2Fj%2FN0evU37cnMvHvL4O1UvlNm1pi4fmWsiyV9q%2FlxdSAIog8F3BwXsDxr7Z9kMRl2utmWlf7oyGIHPZ2sFknnQIBwIyB53d0r%2BzXLMeWX8CLeC9gUB7oH8NgC4Dij3%2FeJmXf%2Bmhlr0O4kxd%2FUXi6oRRjvAhPRqckIbI3RG39oAykRsr0Xhd%2BYmR4hOAIHK0NieBAKPjYla98ekh%2F%2BmOAKUXyMEw985JGpgrRRmWxfE2NhsvfqOfBF0to%2BXV58ZDHPNFpi23kS%2FoR6kQ5Ho9WAj%2F%2Fx5WRxGAL%2BR4R%2FaH6sHYuzag75FjdJx2Ok3QYjycMk%2BLO18a%2FYmW7Y4VZfggVYIIq2KmdZYeAoZXiCV4HplruLeKvyGTfgn3%2B2q1JgqwDTin7HKMLL0JMKqhj7rpkt2bNRWEkwVgGdo%2B%2BjnDQG7btIBR4S5WD%2FOzVn6i%2F8d2tsgE4%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.23.3 / PHP/8.1.13
Resource Hash
16534b887d468c78b367a299e3c1ef7e1c082fb1b2d7720df8c73a40f4fa47e9

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
http://ww99.homehareware.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jun 2024 12:48:55 GMT
Server
nginx/1.23.3
Transfer-Encoding
chunked
X-Powered-By
PHP/8.1.13
adren.css
r.zredirect.com/css/ 		243 B
479 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r.zredirect.com/css/adren.css?n=2931064683
Requested by
Host: r.zredirect.com
URL: https://r.zredirect.com/redirect?redirect_id=34e20b41ef38484e5706200bafae57ea&request_id=ba5191a454209b159e871f77fc30f8a2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.23.3 /
Resource Hash
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://r.zredirect.com/redirect?redirect_id=34e20b41ef38484e5706200bafae57ea&request_id=ba5191a454209b159e871f77fc30f8a2
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 12:48:55 GMT
Last-Modified
Sat, 03 Jul 2021 05:46:18 GMT
Server
nginx/1.23.3
ETag
"60dff9aa-f3"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
243
adren.min.js
r.zredirect.com/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.zredirect.com/js/adren.min.js?n=2931064683
Requested by
Host: r.zredirect.com
URL: https://r.zredirect.com/redirect?redirect_id=34e20b41ef38484e5706200bafae57ea&request_id=ba5191a454209b159e871f77fc30f8a2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.23.3 /
Resource Hash
8597d8112ffa8f07199b715746aebe0bc4180e1c23cf4de02ef8fdc8f57e0bdc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://r.zredirect.com/redirect?redirect_id=34e20b41ef38484e5706200bafae57ea&request_id=ba5191a454209b159e871f77fc30f8a2
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 12:48:55 GMT
Last-Modified
Fri, 05 Apr 2024 12:36:31 GMT
Server
nginx/1.23.3
ETag
"660ff04f-1d72"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7538
go
r.zredirect.com/ Frame FB3C 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.zredirect.com/go?e=DwCaxHVbxKB9IPqxkUX09IsyVvF8AKC6jKWzD2XytwL8uvXv1KLefQsYSaC-MUqXy3C5kGVyj3KeHPrVclBvx0XbblF-AaVw1aqzNJsYOKL8gQpVcvC15wXbLPL9S2W5x3CNuTslgvFefQLNImqwtxs6p2E1VTAx5UWxO0ZuOJClLKqXgFX1xQA-LvEdRTqUyaCwuTs7jmF8IPpu13pdZTsXglBlfRLTIQXWEHr-D2F1pUrb13B84mZbVPL0V2VXSFW09yX-fFB95Gr6jKWvZJsYqFC9A3W6bvC0uRs7xGB8gGq9flp8ATsmWFL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Requested by
Host: r.zredirect.com
URL: https://r.zredirect.com/js/adren.min.js?n=2931064683
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.23.3 / PHP/8.1.13
Resource Hash
21e0bbd218a4134c0bfa4ee9321ff310439246740e12d45934d7754c51eac2c9

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://r.zredirect.com/redirect?redirect_id=34e20b41ef38484e5706200bafae57ea&request_id=ba5191a454209b159e871f77fc30f8a2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jun 2024 12:48:55 GMT
Server
nginx/1.23.3
Transfer-Encoding
chunked
X-Powered-By
PHP/8.1.13
analytics.js
www.google-analytics.com/ Frame FB3C 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: r.zredirect.com
URL: https://r.zredirect.com/go?e=DwCaxHVbxKB9IPqxkUX09IsyVvF8AKC6jKWzD2XytwL8uvXv1KLefQsYSaC-MUqXy3C5kGVyj3KeHPrVclBvx0XbblF-AaVw1aqzNJsYOKL8gQpVcvC15wXbLPL9S2W5x3CNuTslgvFefQLNImqwtxs6p2E1VTAx5UWxO0ZuOJClLKqXgFX1xQA-LvEdRTqUyaCwuTs7jmF8IPpu13pdZTsXglBlfRLTIQXWEHr-D2F1pUrb13B84mZbVPL0V2VXSFW09yX-fFB95Gr6jKWvZJsYqFC9A3W6bvC0uRs7xGB8gGq9flp8ATsmWFL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://r.zredirect.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 24 Jun 2024 11:48:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3641
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 24 Jun 2024 13:48:15 GMT
collect
www.google-analytics.com/j/ Frame FB3C 		15 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1670672084&t=pageview&_s=1&dl=https%3A%2F%2Fr.zredirect.com%2Fgo%3Fe%3DDwCaxHVbxKB9IPqxkUX09IsyVvF8AKC6jKWzD2XytwL8uvXv1KLefQsYSaC-MUqXy3C5kGVyj3KeHPrVclBvx0XbblF-AaVw1aqzNJsYOKL8gQpVcvC15wXbLPL9S2W5x3CNuTslgvFefQLNImqwtxs6p2E1VTAx5UWxO0ZuOJClLKqXgFX1xQA-LvEdRTqUyaCwuTs7jmF8IPpu13pdZTsXglBlfRLTIQXWEHr-D2F1pUrb13B84mZbVPL0V2VXSFW09yX-fFB95Gr6jKWvZJsYqFC9A3W6bvC0uRs7xGB8gGq9flp8ATsmWFL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-ca&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1787538198&gjid=1752309442&cid=28671549.1719233336&tid=UA-32454353-1&_gid=139415310.1719233336&_r=1&_slc=1&z=649051663
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aecaaef58c084f476b6e0ecd861e2bc414484e202fdb0a0e8d92e2f0bb800c2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://r.zredirect.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jun 2024 12:48:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.zredirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame FB3C 		35 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1670672084&t=pageview&_s=2&dl=https%3A%2F%2Fr.zredirect.com%2Fgo%3Fe%3DDwCaxHVbxKB9IPqxkUX09IsyVvF8AKC6jKWzD2XytwL8uvXv1KLefQsYSaC-MUqXy3C5kGVyj3KeHPrVclBvx0XbblF-AaVw1aqzNJsYOKL8gQpVcvC15wXbLPL9S2W5x3CNuTslgvFefQLNImqwtxs6p2E1VTAx5UWxO0ZuOJClLKqXgFX1xQA-LvEdRTqUyaCwuTs7jmF8IPpu13pdZTsXglBlfRLTIQXWEHr-D2F1pUrb13B84mZbVPL0V2VXSFW09yX-fFB95Gr6jKWvZJsYqFC9A3W6bvC0uRs7xGB8gGq9flp8ATsmWFL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-ca&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=28671549.1719233336&tid=UA-32454353-1&_gid=139415310.1719233336&cd1=LJA8rTIfMak8sUkuL3k4MJkzsUk8sN%3D%3D&z=1048744278
Requested by
Host: r.zredirect.com
URL: https://r.zredirect.com/go?e=DwCaxHVbxKB9IPqxkUX09IsyVvF8AKC6jKWzD2XytwL8uvXv1KLefQsYSaC-MUqXy3C5kGVyj3KeHPrVclBvx0XbblF-AaVw1aqzNJsYOKL8gQpVcvC15wXbLPL9S2W5x3CNuTslgvFefQLNImqwtxs6p2E1VTAx5UWxO0ZuOJClLKqXgFX1xQA-LvEdRTqUyaCwuTs7jmF8IPpu13pdZTsXglBlfRLTIQXWEHr-D2F1pUrb13B84mZbVPL0V2VXSFW09yX-fFB95Gr6jKWvZJsYqFC9A3W6bvC0uRs7xGB8gGq9flp8ATsmWFL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://r.zredirect.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 23 Jun 2024 19:14:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63257
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame FB3C 		259 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TG55WX34R2&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
353ba4f4c348eaed884c3c90bc05a57ffda7faa38081c908b9798105764adf1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://r.zredirect.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 12:48:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93903
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 24 Jun 2024 12:48:57 GMT
collect
www.google-analytics.com/g/ Frame FB3C 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-TG55WX34R2&gtm=45je46j0v9114755507za200&_p=1719233336673&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-ca&sr=1600x1200&cid=28671549.1719233336&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=1&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fr.zredirect.com%2Fgo%3Fe%3DDwCaxHVbxKB9IPqxkUX09IsyVvF8AKC6jKWzD2XytwL8uvXv1KLefQsYSaC-MUqXy3C5kGVyj3KeHPrVclBvx0XbblF-AaVw1aqzNJsYOKL8gQpVcvC15wXbLPL9S2W5x3CNuTslgvFefQLNImqwtxs6p2E1VTAx5UWxO0ZuOJClLKqXgFX1xQA-LvEdRTqUyaCwuTs7jmF8IPpu13pdZTsXglBlfRLTIQXWEHr-D2F1pUrb13B84mZbVPL0V2VXSFW09yX-fFB95Gr6jKWvZJsYqFC9A3W6bvC0uRs7xGB8gGq9flp8ATsmWFL59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&sid=1719233337&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1807&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TG55WX34R2&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://r.zredirect.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 24 Jun 2024 12:48:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://r.zredirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.ashx
track.flexlinkspro.com/ 		0
0
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		155 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
/
www.homehardware.ca/en/
Redirect Chain
  • https://track.flexlinkspro.com/g.ashx?foid=1.47290&trid=1360122.226169&foc=17&fot=9999&fos=1&fobs=tsyjaF9qKFNAGLt1wZ2IaFexFA5DwCzLxXuI3M8IPpV13B4VTs7xmM8gQrukKWdD2A21KB
  • https://click.linksynergy.com/deeplink?id=PPkX79/c*b0&mid=47290&murl=https%3a%2f%2fhomehardware.ca%2f&u1=1.47290.0FOF17013806878790130&subid=1360122
  • https://www.homehardware.ca/rakuten/?ranMID=47290&ranEAID=1635394&ranSiteID=PPkX79_c.b0-hRGwIcyugEATK6RU_hUHvA&url=https%3A%2F%2Fhomehardware.ca%2F%3Futm_source%3Drakuten%26utm_medium%3Daffiliate%2...
  • https://homehardware.ca/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=PPkX79/c*b0&utm_term=1.47290.0FOF17013806878790130&ranMID=47290&ranEAID=1635394&ranSiteID=PPkX79_c.b0-hRGwIcyugEATK6RU_...
  • https://www.homehardware.ca/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=PPkX79/c*b0&utm_term=1.47290.0FOF17013806878790130&ranMID=47290&ranEAID=1635394&ranSiteID=PPkX79_c.b0-hRGwIcyugEATK...
  • https://www.homehardware.ca/en?utm_source=rakuten&utm_medium=affiliate&utm_campaign=PPkX79/c*b0&utm_term=1.47290.0FOF17013806878790130&ranMID=47290&ranEAID=1635394&ranSiteID=PPkX79_c.b0-hRGwIcyugEA...
  • https://www.homehardware.ca/en/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=PPkX79/c*b0&utm_term=1.47290.0FOF17013806878790130&ranMID=47290&ranEAID=1635394&ranSiteID=PPkX79_c.b0-hRGwIcyugE...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.homehardware.ca/en/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=PPkX79/c*b0&utm_term=1.47290.0FOF17013806878790130&ranMID=47290&ranEAID=1635394&ranSiteID=PPkX79_c.b0-hRGwIcyugEATK6RU_hUHvA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:f000:36::1728:128d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://r.zredirect.com/redirect?redirect_id=34e20b41ef38484e5706200bafae57ea&request_id=ba5191a454209b159e871f77fc30f8a2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, no-cache
cf-cache-status
MISS
cf-ray
898cd5e3bb0f0165-ORD
content-encoding
gzip
content-length
14844
content-type
text/html; charset=utf-8
date
Mon, 24 Jun 2024 12:49:02 GMT
expect-ct
max-age=86400, enforce
expires
Mon, 24 Jun 2024 12:49:02 GMT
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-akamai-transformed
9 14651 0 pmb=mTOE,2
x-cloud-trace-context
d217e967afdce62d52327b34b2793a4c
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0, no-cache
cf-cache-status
MISS
cf-ray
898cd5e10de28f45-ORD
content-length
575
content-security-policy
default-src https://www.homehardware.ca/akam/13/ 'nonce-4c580c3ed880f3aae39a6e7bdbfc2589' 'none'
content-type
text/html; charset=UTF-8
date
Mon, 24 Jun 2024 12:49:01 GMT
expect-ct
max-age=86400, enforce
expires
Mon, 24 Jun 2024 12:49:01 GMT
location
/en/?utm_source=rakuten&utm_medium=affiliate&utm_campaign=PPkX79/c*b0&utm_term=1.47290.0FOF17013806878790130&ranMID=47290&ranEAID=1635394&ranSiteID=PPkX79_c.b0-hRGwIcyugEATK6RU_hUHvA
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
x-cloud-trace-context
24c8c3f537f623560053ef92dc1a4cce
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
track.flexlinkspro.com
URL
https://track.flexlinkspro.com/g.ashx?foid=1.47290&trid=1360122.226169&foc=17&fot=9999&fos=1&fobs=tsyjaF9qKFNAGLt1wZ2IaFexFA5DwCzLxXuI3M8IPpV13B4VTs7xmM8gQrukKWdD2A21KB

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

5 Cookies

Domain/Path Name / Value
r.zredirect.com/ Name: uuid
Value: 7972682788657267712
.zredirect.com/ Name: _ga
Value: GA1.2.28671549.1719233336
.zredirect.com/ Name: _gid
Value: GA1.2.139415310.1719233336
.zredirect.com/ Name: _gat
Value: 1
.zredirect.com/ Name: _ga_TG55WX34R2
Value: GS1.2.1719233337.1.1.1719233337.0.0.0