urlscan.io logo urlscan.io
SecurityTrails logo

regionaffair.com Open in urlscan Pro
192.124.249.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://m17.ca/e29szG
Effective URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&...
Submission: On November 30 via manual from CZ — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 16 domains to perform 44 HTTP transactions. The main IP is 192.124.249.20, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is regionaffair.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on May 15th 2023. Valid for: a year.
This is the only time regionaffair.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 140.82.45.219 20473 (AS-CHOOPA)
1 1 34.237.83.64 14618 (AMAZON-AES)
2 2 195.160.203.18 44949 (GIGACODES-AS)
1 1 34.102.247.186 396982 (GOOGLE-CL...)
16 192.124.249.20 30148 (SUCURI-SEC)
2 172.253.122.95 15169 (GOOGLE)
3 151.101.1.229 54113 (FASTLY)
2 172.64.140.13 13335 (CLOUDFLAR...)
3 151.101.66.137 54113 (FASTLY)
1 104.17.24.14 13335 (CLOUDFLAR...)
6 172.253.63.103 15169 (GOOGLE)
2 142.250.31.97 15169 (GOOGLE)
6 172.253.122.94 15169 (GOOGLE)
1 18.160.41.53 16509 (AMAZON-02)
1 142.251.16.101 15169 (GOOGLE)
1 99.84.191.81 16509 (AMAZON-02)
44 12
1    140.82.45.219 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: module17.biz
m17.ca
1    34.237.83.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-83-64.compute-1.amazonaws.com
tracking.rmkr.lu
2    195.160.203.18 (Germany)

ASN44949 (GIGACODES-AS, DE)
www.tiltosh.com
www.koketti.com
1    34.102.247.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.247.102.34.bc.googleusercontent.com
www.aht42trk.com
16    192.124.249.20 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10020.sucuri.net
regionaffair.com
2    172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net
fonts.googleapis.com
3    151.101.1.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    172.64.140.13 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
3    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    172.253.63.103 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f103.1e100.net
www.google.com
2    142.250.31.97 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f97.1e100.net
www.googletagmanager.com
6    172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net
fonts.gstatic.com
www.gstatic.com
1    18.160.41.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-53.iad55.r.cloudfront.net
static.hotjar.com
1    142.251.16.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f101.1e100.net
www.google-analytics.com
1    99.84.191.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-81.iad89.r.cloudfront.net
script.hotjar.com
Apex Domain
Subdomains		 Transfer
16 regionaffair.com
regionaffair.com
3 MB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
646 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
69 KB
3 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
158 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
51 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 700
script.hotjar.com — Cisco Umbrella Rank: 933
61 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
150 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 971
85 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
254 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
19 KB
1 aht42trk.com
www.aht42trk.com
561 B
1 koketti.com
www.koketti.com
92 B
1 tiltosh.com
www.tiltosh.com
160 B
1 rmkr.lu
tracking.rmkr.lu
2 KB
1 m17.ca
m17.ca
330 B
44 16
Domain Requested by
16 regionaffair.com regionaffair.com
6 www.google.com regionaffair.com
www.gstatic.com
www.google.com
5 www.gstatic.com www.google.com
3 code.jquery.com regionaffair.com
3 cdn.jsdelivr.net regionaffair.com
2 www.googletagmanager.com regionaffair.com
www.googletagmanager.com
2 use.fontawesome.com regionaffair.com
use.fontawesome.com
2 fonts.googleapis.com regionaffair.com
1 script.hotjar.com static.hotjar.com
1 www.google-analytics.com www.googletagmanager.com
1 static.hotjar.com regionaffair.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdnjs.cloudflare.com regionaffair.com
1 www.aht42trk.com 1 redirects
1 www.koketti.com 1 redirects
1 www.tiltosh.com 1 redirects
1 tracking.rmkr.lu 1 redirects
1 m17.ca 1 redirects
44 18

This site contains no links.

Subject Issuer Validity Valid
regionaffair.com
Starfield Secure Certificate Authority - G2		 2023-05-15 -
2024-05-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Frame ID: 3906356315FDF9A27E7C0542D9DE1514
Requests: 36 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtq-MkAAAAAMK2D59D2ZdnuOojX0G3X4CjwFpd&co=aHR0cHM6Ly9yZWdpb25hZmZhaXIuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=7rbvt4rg8cfi
Frame ID: 159CD299D3E87562B88A4B90BC24C7AA
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtq-MkAAAAAMK2D59D2ZdnuOojX0G3X4CjwFpd&co=aHR0cHM6Ly9yZWdpb25hZmZhaXIuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=z5hqrykxj3mq
Frame ID: 1A8423BA967B8CD2AF4AB1F3DFABFBD5
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RegionAffair - Landing 1

Page URL History Show full URLs

  1. https://m17.ca/e29szG HTTP 302
    https://tracking.rmkr.lu/aff_c?offer_id=14856&aff_id=4832 HTTP 302
    https://www.tiltosh.com/gekko/18/6413246C-8369-B221-E54A-2F47E68F97F0?w=33890&ws=4832&wt=1022e0f6f39... HTTP 307
    https://www.koketti.com/gekko/dating/18/?w=33890&ws=4832&wt=1022e0f6f397bb641e4c16065264b9 HTTP 307
    https://www.aht42trk.com/211B3J6/WPPGZ4/?sub1=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832 HTTP 302
    https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

44
Requests

100 %
HTTPS

0 %
IPv6

16
Domains

18
Subdomains

12
IPs

3
Countries

4440 kB
Transfer

6569 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://m17.ca/e29szG HTTP 302
    https://tracking.rmkr.lu/aff_c?offer_id=14856&aff_id=4832 HTTP 302
    https://www.tiltosh.com/gekko/18/6413246C-8369-B221-E54A-2F47E68F97F0?w=33890&ws=4832&wt=1022e0f6f397bb641e4c16065264b9 HTTP 307
    https://www.koketti.com/gekko/dating/18/?w=33890&ws=4832&wt=1022e0f6f397bb641e4c16065264b9 HTTP 307
    https://www.aht42trk.com/211B3J6/WPPGZ4/?sub1=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832 HTTP 302
    https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request affsignup1
regionaffair.com/
Redirect Chain
  • https://m17.ca/e29szG
  • https://tracking.rmkr.lu/aff_c?offer_id=14856&aff_id=4832
  • https://www.tiltosh.com/gekko/18/6413246C-8369-B221-E54A-2F47E68F97F0?w=33890&ws=4832&wt=1022e0f6f397bb641e4c16065264b9
  • https://www.koketti.com/gekko/dating/18/?w=33890&ws=4832&wt=1022e0f6f397bb641e4c16065264b9
  • https://www.aht42trk.com/211B3J6/WPPGZ4/?sub1=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832
  • https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_...
38 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
423a21296057dd001b023d1af2c60cffd2326972c26e300b0e47316fd6475cf4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, private no-transform
content-encoding
gzip
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Thu, 30 Nov 2023 08:03:39 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-robots-tag
none
x-sucuri-cache
MISS
x-sucuri-id
14020
x-ua-compatible
ie=edge
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
257
content-type
text/html; charset=utf-8
date
Thu, 30 Nov 2023 08:03:39 GMT
location
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
100be2d7-72fc-4aec-8c61-c97f26af40d8
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
94cfee61769b56cc380e0b858294d20980dafad66177fa801a8f1c55ef8e3d8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 08:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 06:48:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 08:03:39 GMT
css
fonts.googleapis.com/ 		2 KB
645 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 08:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 06:30:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 08:03:39 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 		160 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://regionaffair.com/
Origin
https://regionaffair.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 30 Nov 2023 08:03:39 GMT
x-content-type-options
nosniff
content-encoding
br
age
16827809
x-jsd-version
5.1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26333
x-served-by
cache-fra-eddf8230037-FRA, cache-yul12834-YUL
x-jsd-version-type
version
etag
W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
all.css
use.fontawesome.com/releases/v5.8.2/css/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.2/css/all.css
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.140.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

Referer
https://regionaffair.com/
Origin
https://regionaffair.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
167505
etag
W/"77cbad34e5ce95e70847b074e05faeab"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b69jzzZB1KaZ4B39qvgypaezc5pctva3JafqRsABzY1upiqLRmeQaVu%2Fw%2Fo0LjcsaJQchuG9o7n8a4t8K06aO9Y2UsZmCyQieknT7o6FNsgdg1xuV%2FeWbknK447Js%2B4mnTlUQONn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
82e1933e7ad38c1b-EWR
alt-svc
h3=":443"; ma=86400
jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
6529221
x-cache
HIT, HIT
content-length
8323
x-served-by
cache-lga13627-LGA, cache-yul12832-YUL
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1701331420.897864,VS0,VE0
etag
W/"28feccc0-8c85"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
21, 16788
main.css
regionaffair.com/css/landing/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://regionaffair.com/css/landing/main.css?id=37217d5bd87b8f949ad44e78d63b23b9
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
5d92b4f214c322095d65bf86db679f12fdd48049dbce822a2a6301f7ceb86ad5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
via
1.1 google
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2373
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 16:06:06 GMT
server
nginx
etag
"65660fee-945"
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14020
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
landing10.css
regionaffair.com/global/css/landing/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://regionaffair.com/global/css/landing/landing10.css
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
c5d7a7fcf4ccfe119dec6c3d67a47b3810be90ff322ee1e584045a326927c4de
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
via
1.1 google
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2496
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 16:04:27 GMT
server
nginx
etag
"65660f8b-9c0"
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14020
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
regionaffair.png
regionaffair.com/theme/003/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://regionaffair.com/theme/003/images/regionaffair.png
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
d3555e9b58024e94fc0eb05336a82be7302973cdaa3c4aa80a848af5435f00e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
via
1.1 google
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20121
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 16:04:27 GMT
server
nginx
etag
"65660f8b-4e99"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14020
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
1.png
regionaffair.com/global/img/landing109/ 		233 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://regionaffair.com/global/img/landing109/1.png
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
d5dd3c9fcfe48c6d48063bc4f7e4a20b52ba64fbf2e56437e928aa63c1c861b5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
via
1.1 google
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
238462
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 16:04:27 GMT
server
nginx
etag
"65660f8b-3a37e"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14020
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
2.png
regionaffair.com/global/img/landing109/ 		286 KB
287 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://regionaffair.com/global/img/landing109/2.png
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
8c3ff0a09984c3487a73ba4951ea2bf095c59d62d8b6c05daadfd4df9e202e48
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
via
1.1 google
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
292651
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 16:04:27 GMT
server
nginx
etag
"65660f8b-4772b"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14020
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
9.png
regionaffair.com/global/img/landing109/ 		211 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://regionaffair.com/global/img/landing109/9.png
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
b407746cc6b01810dbaf06728ffe19f047e62ef11bc75583a34c4f5f9a5387e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
via
1.1 google
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216512
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 16:04:27 GMT
server
nginx
etag
"65660f8b-34dc0"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14020
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
3.png
regionaffair.com/global/img/landing109/ 		309 KB
310 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://regionaffair.com/global/img/landing109/3.png
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
650c1aa18e6b4dee00c40b6fecbeea41f9c1944df404d884b638f084dc0bf192
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
via
1.1 google
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316444
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 16:04:27 GMT
server
nginx
etag
"65660f8b-4d41c"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14020
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
4.png
regionaffair.com/global/img/landing109/ 		230 KB
230 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://regionaffair.com/global/img/landing109/4.png
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
23e57e7779f3e8859a31748efad8b0df67e9253d275a955627aa2d2e6da7032c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
via
1.1 google
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
235153
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 16:04:27 GMT
server
nginx
etag
"65660f8b-39691"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14020
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
8.png
regionaffair.com/global/img/landing109/ 		375 KB
375 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://regionaffair.com/global/img/landing109/8.png
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
f2e20c31999e3063f91ac034bc65aee8056d1dc9974855ecff2eadaff7511ae5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
via
1.1 google
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
383576
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 16:04:27 GMT
server
nginx
etag
"65660f8b-5da58"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14020
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
5.png
regionaffair.com/global/img/landing109/ 		303 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://regionaffair.com/global/img/landing109/5.png
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
456398cf480708a8061a3e758ff598359e6399269fe57bf8b5847b150a24d2ec
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
via
1.1 google
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
310563
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 16:04:27 GMT
server
nginx
etag
"65660f8b-4bd23"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14020
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
6.png
regionaffair.com/global/img/landing109/ 		276 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://regionaffair.com/global/img/landing109/6.png
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
f4fb03c1b8dd80b73bba152f03c4547c65c8447383869b1f7d7d160b0fb8b624
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
via
1.1 google
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
282834
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 16:04:27 GMT
server
nginx
etag
"65660f8b-450d2"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14020
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
7.png
regionaffair.com/global/img/landing109/ 		279 KB
279 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://regionaffair.com/global/img/landing109/7.png
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
18a0d5fddd69b89b0ef45c40d36784e94c1125397d1afdbab7967bbb83053bdd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
via
1.1 google
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285332
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 16:04:27 GMT
server
nginx
etag
"65660f8b-45a94"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14020
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
10.png
regionaffair.com/global/img/landing109/ 		243 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://regionaffair.com/global/img/landing109/10.png
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
1f5236c63d384a17bf9d1393e350031004d32c29fe7b4dafac87eddf641f10b5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
via
1.1 google
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248778
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 16:04:27 GMT
server
nginx
etag
"65660f8b-3cbca"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14020
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.6.0.js
code.jquery.com/ 		282 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.js
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

Request headers

Referer
https://regionaffair.com/
Origin
https://regionaffair.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:40 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
6530805
x-cache
HIT, HIT
content-length
84714
x-served-by
cache-lga21935-LGA, cache-yul12830-YUL
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1701331420.001657,VS0,VE0
etag
W/"28feccc0-46744"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
122, 77277
luxon.min.js
cdnjs.cloudflare.com/ajax/libs/luxon/2.3.2/ 		69 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/luxon/2.3.2/luxon.min.js
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab188e3cdf6de52bed869ce97f4c5bc3e3d0c1b48ed3ceee4271a4ff8b0857f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://regionaffair.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
620129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18866
last-modified
Sun, 17 Apr 2022 14:01:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"625c1dc8-49b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBNLdcAd2bnI5yrL6CMjdMBqLodlHQVEFwBceR%2BDMixvh1Ws5tedxpug9t53%2Fyax%2Fho%2FhQvv0mKRDLYLppBhhU6bProISryJI%2F8YAiDH%2FQQv3EVg%2FMDQcDfNDIaeaIcHWfNgQp0L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82e1933f0a0b4bd6-YUL
expires
Tue, 19 Nov 2024 08:03:40 GMT
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://regionaffair.com/
Origin
https://regionaffair.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 30 Nov 2023 08:03:39 GMT
x-content-type-options
nosniff
content-encoding
br
age
15868312
x-jsd-version
1.16.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7835
x-served-by
cache-fra-eddf8230104-FRA, cache-yul12834-YUL
x-jsd-version-type
version
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.min.js
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://regionaffair.com/
Origin
https://regionaffair.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 30 Nov 2023 08:03:39 GMT
x-content-type-options
nosniff
content-encoding
br
age
22446234
x-jsd-version
5.1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17624
x-served-by
cache-fra-eddf8230103-FRA, cache-yul12834-YUL
x-jsd-version-type
version
etag
W/"e753-GQgMO4F5hTNqq14c5pJcmYA/Lv0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery-ui.min.js
code.jquery.com/ui/1.12.1/ 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
6529220
x-cache
HIT, HIT
content-length
67751
x-served-by
cache-lga13623-LGA, cache-yul12832-YUL
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1701331420.971099,VS0,VE0
etag
W/"28feccc0-3dee4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
45, 13631
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ldtq-MkAAAAAMK2D59D2ZdnuOojX0G3X4CjwFpd
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f103.1e100.net
Software
GSE /
Resource Hash
52c8fd5a1f005b17c7ca401381b66ca33f667b7ac02b5c20c5215eea2869c12f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 30 Nov 2023 08:03:40 GMT
landing.js
regionaffair.com/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://regionaffair.com/js/landing.js?id=f87c5e5536e3bff3988a877e2ff81810
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
7a9d0a971205d2043f8b509f035a7bfa7a4a1b55b545965685121f0def42f87f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
via
1.1 google
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9115
x-xss-protection
1; mode=block
last-modified
Wed, 29 Nov 2023 15:33:24 GMT
server
nginx
etag
"656759c4-239b"
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14020
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		212 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N72JQT4
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.97 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
526c3bf46299d579796c0d9290c30737b7fbf679adefe1e2a1c88926fc77cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71315
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Nov 2023 08:03:40 GMT
bg-main-ca.jpg
regionaffair.com/global/img/landing109/ 		401 KB
402 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://regionaffair.com/global/img/landing109/bg-main-ca.jpg
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.20 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10020.sucuri.net
Software
nginx /
Resource Hash
d57a0497c32c86483d54f185a065bbb9801943436d46f7f89c0314c4c1a06e7d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:39 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
via
1.1 google
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
410603
x-xss-protection
1; mode=block
last-modified
Tue, 28 Nov 2023 16:04:27 GMT
server
nginx
etag
"65660f8b-643eb"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14020
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://regionaffair.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 22:41:29 GMT
x-content-type-options
nosniff
age
465731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39124
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:02:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 22:41:29 GMT
js
www.googletagmanager.com/gtag/ 		229 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2NKGK5Q37E&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N72JQT4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.97 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
54568e2780b6048f86ce2191106a877613a367b1212d03d710a8beb3496b4cf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 Nov 2023 08:03:40 GMT
hotjar-3553971.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3553971.js?sv=6
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-53.iad55.r.cloudfront.net
Software
/
Resource Hash
19365474b0acbcab378bb5472e8dfcc616d185fb8bf1a63e704d5bc209a14286
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 30 Nov 2023 08:03:30 GMT
via
1.1 0003b3450f3f9fac44312c4622a410c2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P1
age
10
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/701d0e401d1a6be96b6e5700ba2b8f92
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
4lfDsnvaFpYsMo4zvhxu9idM_RSGbNf3jnH6uRdYjoH6cmkPh9qfeg==
collect
www.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2NKGK5Q37E&gtm=45je3b60v9124618645z89124494182&_p=1701331419955&gcd=11l1l1l1l1&dma=0&cid=2059462851.1701331420&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=null&sid=1701331420&sct=1&seg=0&dl=https%3A%2F%2Fregionaffair.com%2Faffsignup1%3Freq_id%3Domnitrk%26aff_id%3Domnitrk_617_33890_4832%26sub_id%3D17814aecc13c4dfabb935730813847d5%26transaction_id%3D656841db6c9cd4c842e90cd5e268c911%26sub2%3D33890%26sub3%3D4832%26source_id%3D33890_4832&dt=RegionAffair%20-%20Landing%201&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=8128
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2NKGK5Q37E&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 08:03:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://regionaffair.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.28e3191d8757c557b4b7.js
script.hotjar.com/ 		227 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.28e3191d8757c557b4b7.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3553971.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-81.iad89.r.cloudfront.net
Software
/
Resource Hash
77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 14:01:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 27eb501c8caff149895f88cac34554ae.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C2
age
583354
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
57395
last-modified
Thu, 23 Nov 2023 14:00:23 GMT
etag
"1ab24a53e715dcb189ab626bacc0e88b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
RK_HHlfYV345uX8294V28l-3y1XOLQOlXQP2FBEld-J3ZeVFqlmn8w==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 		465 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ldtq-MkAAAAAMK2D59D2ZdnuOojX0G3X4CjwFpd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://regionaffair.com/
Origin
https://regionaffair.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 02:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190682
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 02:18:04 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.2/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.140.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

Request headers

Referer
https://use.fontawesome.com/releases/v5.8.2/css/all.css
Origin
https://regionaffair.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1462788
alt-svc
h3=":443"; ma=86400
content-length
74328
last-modified
Fri, 22 Sep 2023 01:45:59 GMT
server
cloudflare
etag
"64b3e814a66c2719b15abf8f7998bd73"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZB90SdH03e7ZRKtp6ttmuYamLgZgBOOc5ARQQ6v98Iam69k9h5v4%2FLF1QlBGgJBJlSnJvOZgUh7XCarmpk1%2B3lc2Oz2vjsQau33ZBTrOt34mVAvsbLLTYyuL2aNuHdjbjEEHOJzg"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
82e193416c5e8c1b-EWR
api.js
www.google.com/recaptcha/ 		1 KB
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ldtq-MkAAAAAMK2D59D2ZdnuOojX0G3X4CjwFpd
Requested by
Host: regionaffair.com
URL: https://regionaffair.com/affsignup1?req_id=omnitrk&aff_id=omnitrk_617_33890_4832&sub_id=17814aecc13c4dfabb935730813847d5&transaction_id=656841db6c9cd4c842e90cd5e268c911&sub2=33890&sub3=4832&source_id=33890_4832
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f103.1e100.net
Software
GSE /
Resource Hash
52c8fd5a1f005b17c7ca401381b66ca33f667b7ac02b5c20c5215eea2869c12f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://regionaffair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 30 Nov 2023 08:03:40 GMT
anchor
www.google.com/recaptcha/api2/ Frame 159C 		59 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtq-MkAAAAAMK2D59D2ZdnuOojX0G3X4CjwFpd&co=aHR0cHM6Ly9yZWdpb25hZmZhaXIuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=7rbvt4rg8cfi
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f103.1e100.net
Software
GSE /
Resource Hash
b679311483d7014aba642dc7bfc75d2b86a0090a676ce16eb45e6b62d4139ce8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ndky4xrK_WA1XDB9EsoQ3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://regionaffair.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Ndky4xrK_WA1XDB9EsoQ3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 08:03:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame 1A84 		59 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtq-MkAAAAAMK2D59D2ZdnuOojX0G3X4CjwFpd&co=aHR0cHM6Ly9yZWdpb25hZmZhaXIuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=z5hqrykxj3mq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f103.1e100.net
Software
GSE /
Resource Hash
065a18e99a702dc0ae42bc245cfc4d3e2533e4a4f55104c700e607c4d918a0c2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XW00h6a0QfY0qBp8k-1N-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://regionaffair.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-XW00h6a0QfY0qBp8k-1N-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 08:03:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 159C 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtq-MkAAAAAMK2D59D2ZdnuOojX0G3X4CjwFpd&co=aHR0cHM6Ly9yZWdpb25hZmZhaXIuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=7rbvt4rg8cfi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 05:15:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 05:15:11 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 159C 		465 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtq-MkAAAAAMK2D59D2ZdnuOojX0G3X4CjwFpd&co=aHR0cHM6Ly9yZWdpb25hZmZhaXIuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=7rbvt4rg8cfi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 02:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190682
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 02:18:04 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 1A84 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtq-MkAAAAAMK2D59D2ZdnuOojX0G3X4CjwFpd&co=aHR0cHM6Ly9yZWdpb25hZmZhaXIuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=z5hqrykxj3mq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 05:15:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 05:15:11 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 1A84 		465 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtq-MkAAAAAMK2D59D2ZdnuOojX0G3X4CjwFpd&co=aHR0cHM6Ly9yZWdpb25hZmZhaXIuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=z5hqrykxj3mq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
sffe /
Resource Hash
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 02:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190682
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 02:18:04 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 159C 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtq-MkAAAAAMK2D59D2ZdnuOojX0G3X4CjwFpd&co=aHR0cHM6Ly9yZWdpb25hZmZhaXIuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=7rbvt4rg8cfi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f103.1e100.net
Software
GSE /
Resource Hash
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtq-MkAAAAAMK2D59D2ZdnuOojX0G3X4CjwFpd&co=aHR0cHM6Ly9yZWdpb25hZmZhaXIuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=7rbvt4rg8cfi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 30 Nov 2023 08:03:40 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 1A84 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtq-MkAAAAAMK2D59D2ZdnuOojX0G3X4CjwFpd&co=aHR0cHM6Ly9yZWdpb25hZmZhaXIuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=z5hqrykxj3mq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f103.1e100.net
Software
GSE /
Resource Hash
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtq-MkAAAAAMK2D59D2ZdnuOojX0G3X4CjwFpd&co=aHR0cHM6Ly9yZWdpb25hZmZhaXIuY29tOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=z5hqrykxj3mq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 08:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 30 Nov 2023 08:03:40 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| dataLayer function| $ function| jQuery object| google_tag_manager object| google_tag_data function| hj object| _hjSettings object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| luxon function| Popper number| uidEvent object| bootstrap object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| mapFormDataToObject object| recaptcha object| closure_lm_562652

17 Cookies

Domain/Path Name / Value
tracking.rmkr.lu/ Name: enc_aff_session_14856
Value: ENC0372e786f6939fb2c8fca09616d27176924c8dc6f2dea9a3cabd1db5f4261110c82429596044b760c625652fd5ecaa039590da588731e97e1eb2ca7d6e4e38df945666714dd591e6674918a0592ad12a5b402771ea491fbabc67f5815404fca7519705f16960528f35e5dfcc2f9d3749b94511ffeeed4338bf75121bc8b6603b0b0061c2a8
tracking.rmkr.lu/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTkiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExOS4wLjYwNDUuMTk5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1DQSxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
www.aht42trk.com/ Name: uniqueClick_WPPGZ4
Value: fa611b36-b336-4485-910a-7199a1a20577:1701331419
www.aht42trk.com/ Name: transaction_id
Value: 17814aecc13c4dfabb935730813847d5
regionaffair.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InlKNGVDcEljZW5yNndDcXVnQkVhZ2c9PSIsInZhbHVlIjoiMmFudWh5cEpXYURpMVc1QVhxNVlMb0xSRVZqRFhkb0Q0N2tiaE9wcjBqZkVxUjlRK20yeW80YUdtUmsrMVowRVc4aXRpNmYzOVU2STVjamFjRjdvQkMxODdFSll2SHlBRTE2cHVQSVJBMFhhZVVkalV5Y2FNWjZHaG9tWmlTUnAiLCJtYWMiOiI2NmFlNmRhNjI3ZTZjMzBkN2JmNGQ4OTlkM2EwZDc1ZThkMDU3NWIwY2QwODg4NTcwYzRmYWZhOGM2ZDhhYmZjIiwidGFnIjoiIn0%3D
regionaffair.com/ Name: regionaffair_session
Value: eyJpdiI6IjV6RlpyWjh1SUI5dkZOVFpuU0hzQ1E9PSIsInZhbHVlIjoiRmhGdnZSblBSZGI2Z1piSXhSeDVRejNwa1ZDTWE3dUw5dnI5aDZCSGVsTGdHelJFbmVtd090bmtFY3g1UzNkSTcza2ptZnh4ckRRTTFkVHNiUlJ6Z2RseUs0dStkbjh2eVhEVmoxWEdKc0pOajUrbkkrMXdWSGN0aXE5TC92SFMiLCJtYWMiOiJmMTY2MGViYTkzNGVhN2ZiZmRmNWQ5ZTk3OTI5MDA2NjNhODgxYjdjNWMyMDNjYjUzMjQ1YTdkYTRiMjkyNGEwIiwidGFnIjoiIn0%3D
regionaffair.com/ Name: transaction_id
Value: eyJpdiI6InpoZGpudVYwOE9qZWdUKzh3VTJaMlE9PSIsInZhbHVlIjoibDg2MUZnbHlpTnNJQ0R5Sk95V2txL3lGRUcyZGg2dU9NWXh2bmlTdWFpa2daWmk2aTRMUGpKQWZzYjNRd3pybEk1enp6TjJiQjZqNHIvaEQ0dmNoQWZoUStrTlJnQzBMRVlmK1cxNXRXYTA9IiwibWFjIjoiMjkyN2NkNTQzNzk4YjhiN2MzNWM3ODEwMmU3ZGMzMmQ0YWE0MDAxZjRjY2YwZWJlMGY3NWVmN2FiMGNhNzg0MSIsInRhZyI6IiJ9
regionaffair.com/ Name: req_id
Value: eyJpdiI6InNTT2V1ZFVBSHZXU3EwOTJucmF0bFE9PSIsInZhbHVlIjoiYngrMHRLZnpjMWdTUGFJV1VMRDJMdnd1VmlkTkd2WDN0TjMvb2tQZmhZek1icC9KcjNiZ1VSbURCZ2RuaENvU1dPZ2dlREVZTTlXNTM5eER3bUN2TEE9PSIsIm1hYyI6IjI5ODJiMTJmODhkYThkOGI1ZTQ4NGZhODAxMzczNTRiMzkwMjBkY2QwMWY3M2Q2ZGQ1MTk0M2NjZGU2MzRlYzUiLCJ0YWciOiIifQ%3D%3D
regionaffair.com/ Name: aff_id
Value: eyJpdiI6ImxucG5qcXlZZjRvOWx3U3FORTBGQkE9PSIsInZhbHVlIjoiTTg3TGdnRFZwZUlhcUY4UGowakRkaEE2U1NxYmlCZ093dldIWDJGcG53ZUlLMHVVR0ZxVFdpUll0Vk9VRDM1UkV0d202ZHgwZ20wdXVWdlVTZnA0dVE9PSIsIm1hYyI6ImIyNzliY2E5Zjc2ZWI0ODJhNWI2NTM3MzMzNWNkYjdmNTg0MjY5MDhiMTkzZjdjOGI0NDg0NTIwOTQ4ZmE1OTkiLCJ0YWciOiIifQ%3D%3D
regionaffair.com/ Name: sub_id
Value: eyJpdiI6IjNWWUxVV1ZFeHFvTHNrR3ZMMmloUEE9PSIsInZhbHVlIjoid1BHSVAySTNkeklSaUU3YzRpbjVrZjhzTWVEVSt5WjduWEdxWERiMkVIeTJZa1lvbmdETGw0dkxnOVNBZU8ydC9wREtna1VNbWIvUkFBc2txTDlQaXB2bElVdkxDbTRxWlcveEdPM3J3RWc9IiwibWFjIjoiNjAzZjgzYjYzNmVjYzZiYmMxYzgyYTg4OTY2OTk2NWMzODIzM2E0OTczYmI0Yjg1NzI4YWM4OGIxODBkMmQ3OSIsInRhZyI6IiJ9
.regionaffair.com/ Name: _ga_2NKGK5Q37E
Value: GS1.1.1701331420.1.0.1701331420.0.0.0
.regionaffair.com/ Name: _ga
Value: GA1.1.2059462851.1701331420
.regionaffair.com/ Name: _hjSessionUser_3553971
Value: eyJpZCI6ImU0Nzc4OTcwLWNkZGQtNTMzNy05NTBjLTg0ZjFjMjYzNTM1ZCIsImNyZWF0ZWQiOjE3MDEzMzE0MjA0MzgsImV4aXN0aW5nIjpmYWxzZX0=
.regionaffair.com/ Name: _hjFirstSeen
Value: 1
.regionaffair.com/ Name: _hjIncludedInSessionSample_3553971
Value: 0
.regionaffair.com/ Name: _hjSession_3553971
Value: eyJpZCI6ImI2MDYyODY2LTY1MjctNDU2My1iM2JkLWNmN2JlMmQ3ZGQ1ZiIsImNyZWF0ZWQiOjE3MDEzMzE0MjA0NDEsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.regionaffair.com/ Name: _hjAbsoluteSessionInProgress
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
m17.ca
regionaffair.com
script.hotjar.com
static.hotjar.com
tracking.rmkr.lu
use.fontawesome.com
www.aht42trk.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.koketti.com
www.tiltosh.com
104.17.24.14
140.82.45.219
142.250.31.97
142.251.16.101
151.101.1.229
151.101.66.137
172.253.122.94
172.253.122.95
172.253.63.103
172.64.140.13
18.160.41.53
192.124.249.20
195.160.203.18
34.102.247.186
34.237.83.64
99.84.191.81
065a18e99a702dc0ae42bc245cfc4d3e2533e4a4f55104c700e607c4d918a0c2
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
18a0d5fddd69b89b0ef45c40d36784e94c1125397d1afdbab7967bbb83053bdd
19365474b0acbcab378bb5472e8dfcc616d185fb8bf1a63e704d5bc209a14286
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1f5236c63d384a17bf9d1393e350031004d32c29fe7b4dafac87eddf641f10b5
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
23e57e7779f3e8859a31748efad8b0df67e9253d275a955627aa2d2e6da7032c
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
423a21296057dd001b023d1af2c60cffd2326972c26e300b0e47316fd6475cf4
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
456398cf480708a8061a3e758ff598359e6399269fe57bf8b5847b150a24d2ec
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
526c3bf46299d579796c0d9290c30737b7fbf679adefe1e2a1c88926fc77cbd7
52c8fd5a1f005b17c7ca401381b66ca33f667b7ac02b5c20c5215eea2869c12f
54568e2780b6048f86ce2191106a877613a367b1212d03d710a8beb3496b4cf3
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5d92b4f214c322095d65bf86db679f12fdd48049dbce822a2a6301f7ceb86ad5
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
650c1aa18e6b4dee00c40b6fecbeea41f9c1944df404d884b638f084dc0bf192
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a9d0a971205d2043f8b509f035a7bfa7a4a1b55b545965685121f0def42f87f
8c3ff0a09984c3487a73ba4951ea2bf095c59d62d8b6c05daadfd4df9e202e48
94cfee61769b56cc380e0b858294d20980dafad66177fa801a8f1c55ef8e3d8d
ab188e3cdf6de52bed869ce97f4c5bc3e3d0c1b48ed3ceee4271a4ff8b0857f6
b407746cc6b01810dbaf06728ffe19f047e62ef11bc75583a34c4f5f9a5387e7
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
b679311483d7014aba642dc7bfc75d2b86a0090a676ce16eb45e6b62d4139ce8
c5d7a7fcf4ccfe119dec6c3d67a47b3810be90ff322ee1e584045a326927c4de
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
d3555e9b58024e94fc0eb05336a82be7302973cdaa3c4aa80a848af5435f00e4
d57a0497c32c86483d54f185a065bbb9801943436d46f7f89c0314c4c1a06e7d
d5dd3c9fcfe48c6d48063bc4f7e4a20b52ba64fbf2e56437e928aa63c1c861b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2e20c31999e3063f91ac034bc65aee8056d1dc9974855ecff2eadaff7511ae5
f4fb03c1b8dd80b73bba152f03c4547c65c8447383869b1f7d7d160b0fb8b624