authentication.confused.com Open in urlscan Pro
104.16.52.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://my.confused.com/?utm_medium=email&utm_source=travel%2Bpq&utm_campaign=idol%2Bpost%2Bquote&utm_content=travel
Effective URL:
https://authentication.confused.com/Account/Login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirec...
Submission Tags: falconsandbox
Submission: On April 03 via api (April 3rd 2024, 11:22:53 pm UTC) from US — Scanned from DE

Summary HTTP 31 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 31 HTTP transactions. The main IP is 104.16.52.69, located in and belongs to CLOUDFLARENET, US. The main domain is authentication.confused.com. The Cisco Umbrella rank of the primary domain is 592984.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 28th 2023. Valid for: a year.

This is the only time authentication.confused.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 24	104.16.52.69 104.16.52.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:46::67 2620:1ec:46::67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.166.40.65 20.166.40.65	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
31	9

24 104.16.52.69 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

my.confused.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
authentication.confused.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.confused.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sst.confused.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::67 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.166.40.65 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

northeurope-2.in.applicationinsights.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	confused.com 6 redirects my.confused.com — Cisco Umbrella Rank: 873473 authentication.confused.com — Cisco Umbrella Rank: 592984 secure.confused.com — Cisco Umbrella Rank: 952247 sst.confused.com — Cisco Umbrella Rank: 462924	314 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2709	21 KB
3	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 622 northeurope-2.in.applicationinsights.azure.com — Cisco Umbrella Rank: 21697	57 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	172 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115	64 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 866	7 KB
31	7

	Domain	Requested by
21	authentication.confused.com	4 redirects authentication.confused.com js.monitor.azure.com
3	bat.bing.com	authentication.confused.com bat.bing.com
2	northeurope-2.in.applicationinsights.azure.com	js.monitor.azure.com
2	www.google-analytics.com	sst.confused.com js.monitor.azure.com
2	www.googletagmanager.com	sst.confused.com
1	pagead2.googlesyndication.com	sst.confused.com
1	region1.google-analytics.com	www.googletagmanager.com
1	js.monitor.azure.com	authentication.confused.com
1	sst.confused.com	authentication.confused.com
1	static.cloudflareinsights.com	authentication.confused.com
1	secure.confused.com	1 redirects
1	my.confused.com	1 redirects
31	12

This site contains links to these domains. Also see Links.

Domain
www.confused.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-28` - `2024-05-27`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 07	`2024-03-18` - `2025-03-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2024-04-03` - `2024-06-27`	3 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 08	`2024-02-01` - `2025-01-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://authentication.confused.com/Account/Login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirect_uri%3Dhttps%253A%252F%252Fmy.confused.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520external%2520externalemail%26code_challenge%3DUgl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl%26acr_values%3D%2520queryString%253A%253Futm_medium%253Demail%2526utm_source%253Dtravel%25252Bpq%2526utm_campaign%253Didol%25252Bpost%25252Bquote%2526utm_content%253Dtravel%26trafficType%3D42%26state%3DCfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6%26x-client-SKU%3DID_NET6_0%26x-client-ver%3D6.35.0.0&accountRedirectBypass=false&externalCheck=false
Frame ID: 3A00E11D8187BFF473CF049199B42FA7
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Confused.com authentication

Page URL History Show full URLs

https://my.confused.com/?utm_medium=email&utm_source=travel%2Bpq&utm_campaign=idol%2Bpost%2Bquote&ut... HTTP 302
https://authentication.confused.com/connect/authorize?client_id=customerportal&redirect_uri=https%3A%2F%2Fmy.con... HTTP 302
https://authentication.confused.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcust... HTTP 302
https://authentication.confused.com/External/Challenge?scheme=ConfusedOAuth&returnUrl=%2Fconnect%2Fauthorize%2Fc... HTTP 302
https://secure.confused.com/OAuth/Authenticate?realm=https://authentication.confused.com/&returnurl=http... HTTP 302
https://authentication.confused.com/signin-oidc?ReturnUrl=https://authentication.confused.com/signin-oidc?nt=1&s... HTTP 302
https://authentication.confused.com/Account/Login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcust... Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

12
Subdomains

9
IPs

4
Countries

571 kB
Transfer

1415 kB
Size

28
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.confused.com/

Search URL Search Domain Scan URL

URL: https://www.confused.com/rewards/terms-and-conditions
Title: T&Cs apply.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://my.confused.com/?utm_medium=email&utm_source=travel%2Bpq&utm_campaign=idol%2Bpost%2Bquote&utm_content=travel HTTP 302
https://authentication.confused.com/connect/authorize?client_id=customerportal&redirect_uri=https%3A%2F%2Fmy.confused.com%2Fsignin-oidc&response_type=code&scope=openid%20profile%20external%20externalemail&code_challenge=Ugl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0&code_challenge_method=S256&response_mode=form_post&nonce=638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl&acr_values=%20queryString%3A%3Futm_medium%3Demail%26utm_source%3Dtravel%252Bpq%26utm_campaign%3Didol%252Bpost%252Bquote%26utm_content%3Dtravel&trafficType=42&state=CfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6&x-client-SKU=ID_NET6_0&x-client-ver=6.35.0.0 HTTP 302
https://authentication.confused.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirect_uri%3Dhttps%253A%252F%252Fmy.confused.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520external%2520externalemail%26code_challenge%3DUgl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl%26acr_values%3D%2520queryString%253A%253Futm_medium%253Demail%2526utm_source%253Dtravel%25252Bpq%2526utm_campaign%253Didol%25252Bpost%25252Bquote%2526utm_content%253Dtravel%26trafficType%3D42%26state%3DCfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6%26x-client-SKU%3DID_NET6_0%26x-client-ver%3D6.35.0.0 HTTP 302
https://authentication.confused.com/External/Challenge?scheme=ConfusedOAuth&returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirect_uri%3Dhttps%253A%252F%252Fmy.confused.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520external%2520externalemail%26code_challenge%3DUgl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl%26acr_values%3D%2520queryString%253A%253Futm_medium%253Demail%2526utm_source%253Dtravel%25252Bpq%2526utm_campaign%253Didol%25252Bpost%25252Bquote%2526utm_content%253Dtravel%26trafficType%3D42%26state%3DCfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6%26x-client-SKU%3DID_NET6_0%26x-client-ver%3D6.35.0.0 HTTP 302
https://secure.confused.com/OAuth/Authenticate?realm=https://authentication.confused.com/&returnurl=https://authentication.confused.com/signin-oidc&state=CfDJ8GIf9NH3wT5NkkfyHmV1YfurHeBPaTlWDlS3orhMYEh0lWXTR54tAifNngWvFIBZS2OzS9f1tbYTzzFFyXnHmWffii3ugzgYTCJLd15RoKH2LteYzed0b4Cnc_z8DviMAj8BsnJsKIA7Of9IDl9TnPHN0AtRzQjc2S-KxG8yF73McRpXtd0HL4hmaSIRML3TT6qM8ojs8oNxiHVJTk8n6_kKQk6NfJbmi4X2tMtbAlgUcHxC1JJqTtfeKxJfOqfoRtUIcYwmZP692vsFRAWUek55Y66poDZggolI81eDVcCE98RIJRrdsWiH2DKAgTlmrJg8dopsUBIpW8YN97Fz8j20v3gE5ojQw69HRkpAdBE1pIG5DDPgzs2_2byjPHhMIDsvqpozUFOYF94QrTyEbH1jMIkVQ8AHhPniO3yuPjFiiAu3Eusws5e-YR8gqXf9JjCsIPyTiQLPYL7iYMDDmRr8VjqVhPTHEOJ7GD3qpo25Q40sRLk8cyCBlMdxe3dTCxR7rFE_gWqjUwg2CsiveClzhBZB9X68Thp8kIAlkCIl7DOPUFOUKJS94RNC-waaC73ZxpR2t1K3FrLpj4y0eAngvxL9fBSrAqCPh2AAiMlm_NTtBQT7YijBOe4lu3ehbDmnJC083NKcSXOLkiyss0cNStewz28URgo5PbQ9EFp9j5FwrXqOfAMbgEpzwmoZ039qbIp57h5p267YUJoUjBlK_5ln4n_MmWfSAR2mK5j4XScYMOVrqWjLt1Ilk33qqmyxA0K-Yzg6mXUmzdyuLdq4Xq9Zj17T-jeazh9MkI6gNRgxReNUq8fX30zCVn6R3CCiq-byGunGKjsdnfoUd1xNKuj2ttIzEFLLfBcdmx1w-3QLu9TtwgRhB543XG972w4pvcte4npiMzjU4es_AFIRWk3JYdKegA57ePHZf12LqLP7GTXDnja0f9QI2IIYiBrYhnAw26HFgCnSPS0eN2ZYsy7GAPug5IXh_VI9Zq4C1eSRPPw5_jJatknPgs1HxQnT1_IlfNA6wPeIZBUjNo1BtFQcYYl6kekp4Z5yNrq34kRmXK-j3o61oKv14Sh6yiootmFvtLUq0gR6PkgIyBZykav9CtEqr7_aPvEbUBSukN_34uF7gQz6X4iCbtVyv9RCE3lwTmEgpmhjzKI-wkn4ZzlCh6cJysYq59KSb_vsxsvOk4EiSthCZ3VBd-mdoK8igf2HqkhKEiqXPdUGALCv7y6g6kkAAG757N8GpbkdadTIKEShg0l46uhJyJ3K1NBTr3CAlKyVJyZL5Y4cQsUbA3ZaUcJenHa5I9HCan4y74gCwNKwdAvMeqpfGjosiFXrmwCRiJZWnNhtL7_1BVQN8xNNy7DK7nVnDIXwLfC2IohKnkWFHJ0QYQS5-LHoAUOg_Oeco9BPK7m7DVk6_DZXFA4vpcyN5NSMJ-8R2ei1RdQcMbrxCKUClhjCR0zqZO_A4gHPUFzYi-R4wXBjoC638U70d5G0QDazlE2ZuES64ZegYCyVQB1JLwRvIpRG3NB2EfN1xrhwMOLvHBJ4i2TGvhPCLB8izmypfL03mE9g4bDSeyTsUHqIQ2LUKugblnTypR5p_IejLqVGLNyrayRDCh8qTXEXGke0y_QXPtDaKIltlm4JXkAgJ5RhI6k2IZQfd_LPdd0wryx5qA13XyXJhkADD9aGIIbcxGMAHatJDH8OJ5dcJRV6GkgOp5Ssk7XuIGi8OPLMpfYLg9gwm5JGvBQ9q1xOhs-pjze1LVtX&tc=1 HTTP 302
https://authentication.confused.com/signin-oidc?ReturnUrl=https://authentication.confused.com/signin-oidc?nt=1&state=CfDJ8GIf9NH3wT5NkkfyHmV1YfurHeBPaTlWDlS3orhMYEh0lWXTR54tAifNngWvFIBZS2OzS9f1tbYTzzFFyXnHmWffii3ugzgYTCJLd15RoKH2LteYzed0b4Cnc_z8DviMAj8BsnJsKIA7Of9IDl9TnPHN0AtRzQjc2S-KxG8yF73McRpXtd0HL4hmaSIRML3TT6qM8ojs8oNxiHVJTk8n6_kKQk6NfJbmi4X2tMtbAlgUcHxC1JJqTtfeKxJfOqfoRtUIcYwmZP692vsFRAWUek55Y66poDZggolI81eDVcCE98RIJRrdsWiH2DKAgTlmrJg8dopsUBIpW8YN97Fz8j20v3gE5ojQw69HRkpAdBE1pIG5DDPgzs2_2byjPHhMIDsvqpozUFOYF94QrTyEbH1jMIkVQ8AHhPniO3yuPjFiiAu3Eusws5e-YR8gqXf9JjCsIPyTiQLPYL7iYMDDmRr8VjqVhPTHEOJ7GD3qpo25Q40sRLk8cyCBlMdxe3dTCxR7rFE_gWqjUwg2CsiveClzhBZB9X68Thp8kIAlkCIl7DOPUFOUKJS94RNC-waaC73ZxpR2t1K3FrLpj4y0eAngvxL9fBSrAqCPh2AAiMlm_NTtBQT7YijBOe4lu3ehbDmnJC083NKcSXOLkiyss0cNStewz28URgo5PbQ9EFp9j5FwrXqOfAMbgEpzwmoZ039qbIp57h5p267YUJoUjBlK_5ln4n_MmWfSAR2mK5j4XScYMOVrqWjLt1Ilk33qqmyxA0K-Yzg6mXUmzdyuLdq4Xq9Zj17T-jeazh9MkI6gNRgxReNUq8fX30zCVn6R3CCiq-byGunGKjsdnfoUd1xNKuj2ttIzEFLLfBcdmx1w-3QLu9TtwgRhB543XG972w4pvcte4npiMzjU4es_AFIRWk3JYdKegA57ePHZf12LqLP7GTXDnja0f9QI2IIYiBrYhnAw26HFgCnSPS0eN2ZYsy7GAPug5IXh_VI9Zq4C1eSRPPw5_jJatknPgs1HxQnT1_IlfNA6wPeIZBUjNo1BtFQcYYl6kekp4Z5yNrq34kRmXK-j3o61oKv14Sh6yiootmFvtLUq0gR6PkgIyBZykav9CtEqr7_aPvEbUBSukN_34uF7gQz6X4iCbtVyv9RCE3lwTmEgpmhjzKI-wkn4ZzlCh6cJysYq59KSb_vsxsvOk4EiSthCZ3VBd-mdoK8igf2HqkhKEiqXPdUGALCv7y6g6kkAAG757N8GpbkdadTIKEShg0l46uhJyJ3K1NBTr3CAlKyVJyZL5Y4cQsUbA3ZaUcJenHa5I9HCan4y74gCwNKwdAvMeqpfGjosiFXrmwCRiJZWnNhtL7_1BVQN8xNNy7DK7nVnDIXwLfC2IohKnkWFHJ0QYQS5-LHoAUOg_Oeco9BPK7m7DVk6_DZXFA4vpcyN5NSMJ-8R2ei1RdQcMbrxCKUClhjCR0zqZO_A4gHPUFzYi-R4wXBjoC638U70d5G0QDazlE2ZuES64ZegYCyVQB1JLwRvIpRG3NB2EfN1xrhwMOLvHBJ4i2TGvhPCLB8izmypfL03mE9g4bDSeyTsUHqIQ2LUKugblnTypR5p_IejLqVGLNyrayRDCh8qTXEXGke0y_QXPtDaKIltlm4JXkAgJ5RhI6k2IZQfd_LPdd0wryx5qA13XyXJhkADD9aGIIbcxGMAHatJDH8OJ5dcJRV6GkgOp5Ssk7XuIGi8OPLMpfYLg9gwm5JGvBQ9q1xOhs-pjze1LVtX HTTP 302
https://authentication.confused.com/Account/Login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirect_uri%3Dhttps%253A%252F%252Fmy.confused.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520external%2520externalemail%26code_challenge%3DUgl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl%26acr_values%3D%2520queryString%253A%253Futm_medium%253Demail%2526utm_source%253Dtravel%25252Bpq%2526utm_campaign%253Didol%25252Bpost%25252Bquote%2526utm_content%253Dtravel%26trafficType%3D42%26state%3DCfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6%26x-client-SKU%3DID_NET6_0%26x-client-ver%3D6.35.0.0&accountRedirectBypass=false&externalCheck=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request Login Show response
authentication.confused.com/Account/
Redirect Chain

https://my.confused.com/?utm_medium=email&utm_source=travel%2Bpq&utm_campaign=idol%2Bpost%2Bquote&utm_content=travel
https://authentication.confused.com/connect/authorize?client_id=customerportal&redirect_uri=https%3A%2F%2Fmy.confused.com%2Fsignin-oidc&response_type=code&scope=openid%20profile%20external%20extern...
https://authentication.confused.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirect_uri%3Dhttps%253A%252F%252Fmy.confused.com%252Fsignin-oidc%26res...
https://authentication.confused.com/External/Challenge?scheme=ConfusedOAuth&returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirect_uri%3Dhttps%253A%252F%252Fmy.confused...
https://secure.confused.com/OAuth/Authenticate?realm=https://authentication.confused.com/&returnurl=https://authentication.confused.com/signin-oidc&state=CfDJ8GIf9NH3wT5NkkfyHmV1YfurHeBPaTlWDlS3orh...
https://authentication.confused.com/signin-oidc?ReturnUrl=https://authentication.confused.com/signin-oidc?nt=1&state=CfDJ8GIf9NH3wT5NkkfyHmV1YfurHeBPaTlWDlS3orhMYEh0lWXTR54tAifNngWvFIBZS2OzS9f1tbYT...
https://authentication.confused.com/Account/Login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirect_uri%3Dhttps%253A%252F%252Fmy.confused.com%252Fsignin-oidc%26res...

16 KB
9 KB

109ms
108ms

Document
text/html

104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.confused.com/Account/Login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirect_uri%3Dhttps%253A%252F%252Fmy.confused.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520external%2520externalemail%26code_challenge%3DUgl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl%26acr_values%3D%2520queryString%253A%253Futm_medium%253Demail%2526utm_source%253Dtravel%25252Bpq%2526utm_campaign%253Didol%25252Bpost%25252Bquote%2526utm_content%253Dtravel%26trafficType%3D42%26state%3DCfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6%26x-client-SKU%3DID_NET6_0%26x-client-ver%3D6.35.0.0&accountRedirectBypass=false&externalCheck=false

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be304bdd3746f6e82a7a100c11e33b702cd7833335ec71fa983476c22b7dc8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts allow-popups; base-uri 'self'; script-src 'self' https://sst.confused.com https://js.monitor.azure.com https://mpsnare.iesnare.com https://static.cloudflareinsights.com https://www.googletagmanager.com https://www.google-analytics.com https://confused.my.salesforce.com https://static.lightning.force.com https://webchat.secure.force.com/liveAgentSetupFlow/ https://googleads.g.doubleclick.net https://bat.bing.com https://*.fls.doubleclick.net https://cdn.quantummetric.com https://cdn.optimizely.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://service.force.com/embeddedservice/ https://webchat.secure.force.com 'unsafe-inline'; font-src 'self' https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/ data:; frame-src 'self' https://service.force.com/embeddedservice/; connect-src https: wss:; media-src https: data:; img-src https: data:; worker-src 'self' blob:; report-uri https://reporturi.confused.com/cspupgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts allow-popups; base-uri 'self'; script-src 'self' https://sst.confused.com https://js.monitor.azure.com https://mpsnare.iesnare.com https://static.cloudflareinsights.com https://www.googletagmanager.com https://www.google-analytics.com https://confused.my.salesforce.com https://static.lightning.force.com https://webchat.secure.force.com/liveAgentSetupFlow/ https://googleads.g.doubleclick.net https://bat.bing.com https://*.fls.doubleclick.net https://cdn.quantummetric.com https://cdn.optimizely.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://service.force.com/embeddedservice/ https://webchat.secure.force.com 'unsafe-inline'; font-src 'self' https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/ data:; frame-src 'self' https://service.force.com/embeddedservice/; connect-src https: wss:; media-src https: data:; img-src https: data:; worker-src 'self' blob:; report-uri https://reporturi.confused.com/cspupgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 86eccd7e2bf06a77-TXL
content-encoding: br
content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts allow-popups; base-uri 'self'; script-src 'self' https://sst.confused.com https://js.monitor.azure.com https://mpsnare.iesnare.com https://static.cloudflareinsights.com https://www.googletagmanager.com https://www.google-analytics.com https://confused.my.salesforce.com https://static.lightning.force.com https://webchat.secure.force.com/liveAgentSetupFlow/ https://googleads.g.doubleclick.net https://bat.bing.com https://*.fls.doubleclick.net https://cdn.quantummetric.com https://cdn.optimizely.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://service.force.com/embeddedservice/ https://webchat.secure.force.com 'unsafe-inline'; font-src 'self' https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/ data:; frame-src 'self' https://service.force.com/embeddedservice/; connect-src https: wss:; media-src https: data:; img-src https: data:; worker-src 'self' blob:; report-uri https://reporturi.confused.com/cspupgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Wed, 03 Apr 2024 23:22:47 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gAYw3C5KDpNIDMDE0Ks52xgXQ1lT2sH8N8qQ%2F%2FRY3ER%2BEvIhy1VBdaw5OrN7%2Bk9fIo4UqHm5UBQ8NUzrTE4n73NAY4g8nQ5G7ppZ9KeoaBKGg0x%2FJn36NF8BRQvxBXK6qgZMjl7wIwWL%2BWjD1w%3D%3D"}],"group":"cf-nel","max_age":604800}
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-app-environment: pr-eun
x-appversion: Identity.AuthServer.APP.master-2024.37
x-content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts allow-popups; base-uri 'self'; script-src 'self' https://sst.confused.com https://js.monitor.azure.com https://mpsnare.iesnare.com https://static.cloudflareinsights.com https://www.googletagmanager.com https://www.google-analytics.com https://confused.my.salesforce.com https://static.lightning.force.com https://webchat.secure.force.com/liveAgentSetupFlow/ https://googleads.g.doubleclick.net https://bat.bing.com https://*.fls.doubleclick.net https://cdn.quantummetric.com https://cdn.optimizely.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://service.force.com/embeddedservice/ https://webchat.secure.force.com 'unsafe-inline'; font-src 'self' https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/ data:; frame-src 'self' https://service.force.com/embeddedservice/; connect-src https: wss:; media-src https: data:; img-src https: data:; worker-src 'self' blob:; report-uri https://reporturi.confused.com/cspupgrade-insecure-requests;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86eccd7d4a896a77-TXL
content-length: 0
date: Wed, 03 Apr 2024 23:22:47 GMT
location: https://authentication.confused.com/Account/Login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirect_uri%3Dhttps%253A%252F%252Fmy.confused.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520external%2520externalemail%26code_challenge%3DUgl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl%26acr_values%3D%2520queryString%253A%253Futm_medium%253Demail%2526utm_source%253Dtravel%25252Bpq%2526utm_campaign%253Didol%25252Bpost%25252Bquote%2526utm_content%253Dtravel%26trafficType%3D42%26state%3DCfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6%26x-client-SKU%3DID_NET6_0%26x-client-ver%3D6.35.0.0&accountRedirectBypass=false&externalCheck=false
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6uM7yKJIo%2FEvVyNE5fh%2Bvm2eCQiLoCTpDRajBxUBE9Fxk3UwDRJLlFavvJkCsaDowTPKUFiJyedeR6ewzcRDs2OaxgmjnUuhu8feVn%2BqObmS2Tqr5L8Vx7JYtAmYXeQv6PAYYb%2BTNF%2BI3KXkTw%3D%3D"}],"group":"cf-nel","max_age":604800}
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-appversion: Identity.AuthServer.APP.master-2024.37
x-robots-tag: noindex, nofollow

GET
H3 200 style.css
authentication.confused.com/dist/ 127 KB
20 KB 108ms
108ms Stylesheet
text/css 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA

Requested by

Host: authentication.confused.com
URL: https://authentication.confused.com/Account/Login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirect_uri%3Dhttps%253A%252F%252Fmy.confused.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520external%2520externalemail%26code_challenge%3DUgl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl%26acr_values%3D%2520queryString%253A%253Futm_medium%253Demail%2526utm_source%253Dtravel%25252Bpq%2526utm_campaign%253Didol%25252Bpost%25252Bquote%2526utm_content%253Dtravel%26trafficType%3D42%26state%3DCfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6%26x-client-SKU%3DID_NET6_0%26x-client-ver%3D6.35.0.0&accountRedirectBypass=false&externalCheck=false

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

428bfa0ec85201f237da98adb92c664a07aa1e840cf27d923bf8c58bba2dcaaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=130968
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
cf-bgj: minify
last-modified: Tue, 02 Apr 2024 07:27:12 GMT
server: cloudflare
etag: W/"1da84cf2da8f798"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kV3v0gXjG%2BHEOrYSUJ6jTpWpHuB9iAVIIXK%2Fy9BFoS9SSjwXXNqpHZM5m5J39cYLSHeIGtH3ljVi%2FCBmU%2BNp6Etz8xmokxOGqwIK3%2FeDCSZ2ai1JmoxoBWsvnZs4CItlUYcCLI4ZzP0ibc2swA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-robots-tag: noindex, nofollow
cf-ray: 86eccd7edd4a6a77-TXL
x-appversion: Identity.AuthServer.APP.master-2024.37

GET
H3 200 brand-logo.svg
authentication.confused.com/images/theme/ 5 KB
3 KB 102ms
101ms Image
image/svg+xml 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://authentication.confused.com/images/theme/brand-logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ed2f39518943a2ba692b7b18ae5d378cd8928647e7066bc011a5edd63c5b1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
last-modified: Tue, 02 Apr 2024 07:27:12 GMT
server: cloudflare
etag: W/"1da84cf2da91a1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1tvOlgf2mvdGRJSCMuocKSGSiZ6rRJQeE4TQmYv%2BGz6eog4SiyscDuQyNr18tF2Sg8XbftaTLUuUTem%2B%2BHByK6lGF6VjtSQ8NmEqvH6mu5Zh8OwMYPlzy0nXF%2FBQkGBN6XzwJ4xVx23gOoqGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-robots-tag: noindex, nofollow
cf-ray: 86eccd7edd4c6a77-TXL
x-appversion: Identity.AuthServer.APP.master-2024.37

GET
H3 200 rvu-logo.svg
authentication.confused.com/images/rvu/ 3 KB
2 KB 136ms
136ms Image
image/svg+xml 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://authentication.confused.com/images/rvu/rvu-logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b7289390fd8cc9d340ba97349159ab926f48dac96f2e2058080ea6c0d71875d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
last-modified: Tue, 02 Apr 2024 07:27:12 GMT
server: cloudflare
etag: W/"1da84cf2da902fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v7yBICSLUaxximekuEVsxP2SoFKlVp5r0nC01BvUujmwg8cP5c51uNgZ7I91AXgI0eIeUZLnYXwOs8gOiZ%2BLZBALbi%2FHDvZZ2mJepjD5AeYkGqypFKvqpxJIU12f61OJJ3QhWtIdCI4vnw2%2B7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-robots-tag: noindex, nofollow
cf-ray: 86eccd7edd4e6a77-TXL
x-appversion: Identity.AuthServer.APP.master-2024.37

GET
H3 200 runtime.js Show response
authentication.confused.com/dist/ 1 KB
1 KB 73ms
73ms Script
text/javascript 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.confused.com/dist/runtime.js?v=QMobXIcT4666Wg7guC7nA7NVXwwOhn-EgruaT_Kvu_E

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb53c3331f76fdad7f8e00e3d4b53600231991cec40a59636d436f8040e77802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1485
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
cf-bgj: minify
last-modified: Tue, 02 Apr 2024 07:27:12 GMT
server: cloudflare
etag: W/"1da84cf2da90dcd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D8g6uVMCEZLKBaFM3QmfFzjOVnFxkjVSfXwMqD99UmknWzQNcdm2f4C%2BLequd6ioJLcSfU5V2RNK0SEULuo%2BUTrzPsNIFwJOa1m5Icz5bOgpvjPh3j4H87%2BaFuEzi9dAeJGTYAfS5MFrjTcHgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
x-robots-tag: noindex, nofollow
cf-ray: 86eccd7f7e6c6a77-TXL
x-appversion: Identity.AuthServer.APP.master-2024.37

GET
H3 200 jqueryBundle.js Show response
authentication.confused.com/dist/ 115 KB
40 KB 131ms
131ms Script
text/javascript 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.confused.com/dist/jqueryBundle.js?v=usGcIAAky23srqoVNKnyICmHS3T3OuyNMVxne6Qsy3g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ded05e87233cee59f1e12782977db925f05d720067f120627c8452f6a66153f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=117443
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
cf-bgj: minify
last-modified: Tue, 02 Apr 2024 07:15:46 GMT
server: cloudflare
etag: W/"1da84cd94c477c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zTlchT6tOmDG%2F%2F0Bf4k%2FSusSd2tRBA3innASvjusBIjjfwh%2Ffm1GqAyy6%2BJzkzXxDzXp7OVLqfy6%2BbwvcLat7s4Wqsdsjd80z4zY14msY1rqkII65k%2B8xvm9ekrIPajVXozIcZb6c3k%2BpRCqpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
x-robots-tag: noindex, nofollow
cf-ray: 86eccd7fbecf6a77-TXL
x-appversion: Identity.AuthServer.APP.master-2024.37

GET
H3 200 login.js Show response
authentication.confused.com/dist/ 31 KB
11 KB 127ms
126ms Script
text/javascript 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.confused.com/dist/login.js?v=ZQSfNKzWjA-oAVGAYNPjhOgHp3vXYxYEK45g7gJ1zRs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b8c634494a87d36870e5f32e2fb37ad95f7ac4694f1146d6c5e51ed0c491af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=32128
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
cf-bgj: minify
last-modified: Tue, 02 Apr 2024 07:15:47 GMT
server: cloudflare
etag: W/"1da84cd955e2e00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jxLexHA6iq8PKdC%2FpDAzqleEx8fiNqczMfIepuA7g6uyp0bMUjizTB4C8NadhEfLld5HPr0ZYFSkHLYkafQeF%2Fwo13R4z19%2Foj16Hb0GzluigDi7kn37TQtX9uXxUVjKQbm8tnsFdT89hRrqFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
x-robots-tag: noindex, nofollow
cf-ray: 86eccd7fcee86a77-TXL
x-appversion: Identity.AuthServer.APP.master-2024.37

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 160ms
77ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: authentication.confused.com
URL: https://authentication.confused.com/Account/Login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirect_uri%3Dhttps%253A%252F%252Fmy.confused.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520external%2520externalemail%26code_challenge%3DUgl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl%26acr_values%3D%2520queryString%253A%253Futm_medium%253Demail%2526utm_source%253Dtravel%25252Bpq%2526utm_campaign%253Didol%25252Bpost%25252Bquote%2526utm_content%253Dtravel%26trafficType%3D42%26state%3DCfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6%26x-client-SKU%3DID_NET6_0%26x-client-ver%3D6.35.0.0&accountRedirectBypass=false&externalCheck=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://authentication.confused.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 86eccd805f1fbbaf-FRA

GET
H3 200 push Show response
sst.confused.com/ 278 KB
96 KB 183ms
169ms Script
application/javascript 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sst.confused.com/push?node=KK96H5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9da26e6969d24810d7ce6937ed19b0325e153614989d00785d38e52ef32a2f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=285867
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 03 Apr 2024 21:37:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iW0BIlDvfjB0XdMKGh73wuETFibFQCtClgCeYIO8lObRHeYTdOM9mGfGUM2MVSN4%2FVsPtY1KvTo0JR5cq00Orr6lkDfuKt2XS4YT%2B6VTzb13264yAGPoSYcKIqmFpvh8WYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, private
x-robots-tag: noindex, nofollow
cf-ray: 86eccd7fdf1f6a77-TXL
expires: Wed, 03 Apr 2024 23:01:00 GMT

GET
H3 200 icon-eye-show.svg
authentication.confused.com//images/icon-eye/ 704 B
921 B 154ms
153ms Image
image/svg+xml 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://authentication.confused.com//images/icon-eye/icon-eye-show.svg

Requested by

Host: authentication.confused.com
URL: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d89a2c4d25f9189dfacf5209d1f0a5229c9a08279e529d6cf25e9671765cfab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
last-modified: Tue, 02 Apr 2024 07:15:46 GMT
server: cloudflare
etag: W/"1da84cd94c5bfc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMIttGnzS3CnU2FJZExY71YZ9ZV0fuQQQxu8QZ%2BNZTk1ugidGMugbLDqgR%2BZ0%2BwovjsRmjU9PNaQsK73eUxQp3XP4jPKJLLDhoEyzcoGtDS9IBxmecRHEtDfpKRrGjOmAL5wYTso5sKuzhR88g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-robots-tag: noindex, nofollow
cf-ray: 86eccd7fcef76a77-TXL
x-appversion: Identity.AuthServer.APP.master-2024.37

GET
H3 200 arrow.svg
authentication.confused.com//images/arrow/ 344 B
853 B 156ms
155ms Image
image/svg+xml 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://authentication.confused.com//images/arrow/arrow.svg

Requested by

Host: authentication.confused.com
URL: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad650d0037f43e20563ce16ca2a3b2758af61fd3c343b408c1b0b7f37599dc82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
last-modified: Tue, 02 Apr 2024 07:15:46 GMT
server: cloudflare
etag: W/"1da84cd94c5bc58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xxgNoycl8vUM4HwH%2FXOHpB86oa%2Fz9pTitQAt8i%2Fef51nstBKeZ9bApSyBRUpW0V4IR1bsO9Amf67Cyr88kkwKMBA0ttbBm78qPvv5u%2FstSJT0p4rgF8lo9jV%2Ftjk5O5ympbmAwBFNzQM8mSPKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-robots-tag: noindex, nofollow
cf-ray: 86eccd7fcef96a77-TXL
x-appversion: Identity.AuthServer.APP.master-2024.37

GET
H3 200 checkbox-tick.svg
authentication.confused.com//images/checkbox-tick/ 677 B
1016 B 160ms
159ms Image
image/svg+xml 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://authentication.confused.com//images/checkbox-tick/checkbox-tick.svg

Requested by

Host: authentication.confused.com
URL: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4046df51dcbb909f24833cbcf488dc20cd81f5776d6bbd558903ecda5ba574a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
last-modified: Tue, 02 Apr 2024 07:15:46 GMT
server: cloudflare
etag: W/"1da84cd94c5bfa5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1hKjLhQ9tP6gJGOeKSdt9S2h6dD1nBUmvDb6nomjeM1odeLr%2FLNJkxGaE7pWulkd4PeXaTHD8301uTnGRmlhsHOHTC8iHH0VR4Tg2t%2BD09KSGFztV8c95gvxMrgGT%2BObXFZe3L8MzKWX2O83gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-robots-tag: noindex, nofollow
cf-ray: 86eccd7fcefb6a77-TXL
x-appversion: Identity.AuthServer.APP.master-2024.37

GET
H3 200 chevron-white.svg
authentication.confused.com//images/chevron/ 308 B
810 B 162ms
161ms Image
image/svg+xml 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://authentication.confused.com//images/chevron/chevron-white.svg

Requested by

Host: authentication.confused.com
URL: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4984f99d55e695cd304fef0898442b7af1cc367ed63afe8c820f356a638224c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
last-modified: Tue, 02 Apr 2024 07:15:46 GMT
server: cloudflare
etag: W/"1da84cd94c5bc34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nX6uaGHklVc%2Fo4hiuXRVdT%2BbjXelSjaowRfO11qSJDKtz6th1CAN1l%2Bw%2BHtRu%2FP93RDu0DMoZmd7Yn6QNxn4ul8zp1Lulf6LrjJrKl0AlBpUZoIRMssGfPYbJ5IP079FummgPqXzPOolc5hSPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-robots-tag: noindex, nofollow
cf-ray: 86eccd7fcefc6a77-TXL
x-appversion: Identity.AuthServer.APP.master-2024.37

GET
H3 200 semi-bold.woff2
authentication.confused.com//fonts/semi-bold/ 47 KB
47 KB 93ms
92ms Font
font/woff2 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.confused.com//fonts/semi-bold/semi-bold.woff2

Requested by

Host: authentication.confused.com
URL: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3272cebf50e9cea017ebbb8711ab2cf476c1ac397367b2b0f7840e638eb14123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA
Origin: https://authentication.confused.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 47768
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
last-modified: Tue, 02 Apr 2024 07:15:46 GMT
server: cloudflare
etag: "1da84cd94c50798"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cuaG2YYfWlmJXcZOMd4fh%2BAcepCakhsg8zHxQAOWivcGOKWJ4I13r2LTLAllCXTfkGmINkpxd7sVCzo7vGfc2ppRUZfCNBT9snuzZhpT4d5HbzdJuvLuRAq4RAc%2BwrUqbVZ5esEgBowyiLbmpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
cf-ray: 86eccd7fcf006a77-TXL
x-appversion: Identity.AuthServer.APP.master-2024.37

GET
H3 200 regular.woff2
authentication.confused.com//fonts/regular/ 47 KB
48 KB 163ms
162ms Font
font/woff2 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.confused.com//fonts/regular/regular.woff2

Requested by

Host: authentication.confused.com
URL: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78fd59443c5459d53d6d75afc549f0de9cf23407edab4908d7fa549fba3ae5eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA
Origin: https://authentication.confused.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=UimNMmpJjEJKcnVjjpXdoBXgn_JAlIrQYLYyVywCRBk-1712186567-1.0.1.1-cew4Iq0TTi769VlzJBuXepXTWRfozVlvLaAoD3S1g2RyE9LxU8Pm6PExdLpeYaEoMN70KeV3L73bvyOK54qJ7hKagG.eEX62bRBdm9s22qPu.g23Mt4cCFNd2uuvhX37w5LICVM1pZYXGMFs45PSWxJpnrh8QgKc_9RkLPLBEcc; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400
content-length: 48152
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
last-modified: Tue, 02 Apr 2024 07:15:46 GMT
server: cloudflare
etag: "1da84cd94c50118"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XWhcR3BKtn6DPPazmz%2FmFnXqwzGP247Gxq2VPwmP%2B4HDyMHyyCE34rOUdqTzymzGU7U8EFR0DPEXA26usJvaNjoe6z%2BQVdOowChS6NFP3qdV%2B2C0juM8gptvoqV2LVItttKA4eBauYeG6dZIwA%3D%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=UimNMmpJjEJKcnVjjpXdoBXgn_JAlIrQYLYyVywCRBk-1712186567-1.0.1.1-cew4Iq0TTi769VlzJBuXepXTWRfozVlvLaAoD3S1g2RyE9LxU8Pm6PExdLpeYaEoMN70KeV3L73bvyOK54qJ7hKagG.eEX62bRBdm9s22qPu.g23Mt4cCFNd2uuvhX37w5LICVM1pZYXGMFs45PSWxJpnrh8QgKc_9RkLPLBEcc"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: font/woff2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
cf-ray: 86eccd7fcf026a77-TXL
x-appversion: Identity.AuthServer.APP.master-2024.37

GET
H3 200 light.woff2
authentication.confused.com//fonts/light/ 8 KB
8 KB 169ms
169ms Font
font/woff2 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.confused.com//fonts/light/light.woff2

Requested by

Host: authentication.confused.com
URL: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA
Origin: https://authentication.confused.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7988
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
last-modified: Tue, 02 Apr 2024 07:15:46 GMT
server: cloudflare
etag: "1da84cd94c5a234"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FHGrfbPCg3sUQ2NStWT%2B2TicBcZfH9K5jq8xU576ybBiiZy%2FlG4ta0mMKFVYnoziauUkwsiL4TSpxKVKsA9K%2FteYrP%2FeMYx7h3YHHEhFufchhWQOkU5JSpCiQY1SukfLkuq5oovZVDYv1fbVKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
cf-ray: 86eccd7fcf046a77-TXL
x-appversion: Identity.AuthServer.APP.master-2024.37

GET
H3 200 medium.woff2
authentication.confused.com//fonts/medium/ 8 KB
8 KB 165ms
164ms Font
font/woff2 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.confused.com//fonts/medium/medium.woff2

Requested by

Host: authentication.confused.com
URL: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://authentication.confused.com/dist/style.css?v=TUQdpFsu6VE5-UCKq-Wdm1Pt_cApGiXgSJuUO4N-EYA
Origin: https://authentication.confused.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7960
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
last-modified: Tue, 02 Apr 2024 07:27:11 GMT
server: cloudflare
etag: "1da84cf2d106e98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1UEOzq1bMRR%2Bzg%2F8AX5I%2FDmI5qV3uq4lmfOcRcnxtKe3eIwc41xj6MjJ7Xtoe%2BZ3wF%2FdhVSfdkLAc89GwrDSPDhMY5Jj2H3ME5YfTBwZLw2aWmffngsmFWOz7MMkt0ewIgU7TAv9aMvvOvrUZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
cf-ray: 86eccd7fdf156a77-TXL
x-appversion: Identity.AuthServer.APP.master-2024.37

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ 120 KB
57 KB 234ms
73ms Script
text/javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: authentication.confused.com
URL: https://authentication.confused.com/Account/Login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirect_uri%3Dhttps%253A%252F%252Fmy.confused.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520external%2520externalemail%26code_challenge%3DUgl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl%26acr_values%3D%2520queryString%253A%253Futm_medium%253Demail%2526utm_source%253Dtravel%25252Bpq%2526utm_campaign%253Didol%25252Bpost%25252Bquote%2526utm_content%253Dtravel%26trafficType%3D42%26state%3DCfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6%26x-client-SKU%3DID_NET6_0%26x-client-ver%3D6.35.0.0&accountRedirectBypass=false&externalCheck=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://authentication.confused.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:31:27 GMT
x-ms-meta-aijssdkver: 2.8.18
vary: Accept-Encoding
x-azure-ref: 20240403T232247Z-r07b1hg60t2e37rxee7eppht100000000pfg00000000nkqv
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f1b0101b-001e-0032-44ec-7aef9e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.18.min.js
x-fd-int-roxy-purgeid: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
94 KB 199ms
113ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RTPL2GQWBY&l=dataLayer&cx=c&sign=66d6929e048bf91a8704cbd82052504d48e77df6e24628f0ac8899b0a552dcff_20240403

Requested by

Host: sst.confused.com
URL: https://sst.confused.com/push?node=KK96H5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f1102efe278e0dd01e64c3630eb86efda8b05ddbd322ce4b7ec9d78750d4de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96319
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Apr 2024 23:22:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
39ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sst.confused.com
URL: https://sst.confused.com/push?node=KK96H5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Apr 2024 21:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6245
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 03 Apr 2024 23:38:42 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 215 KB
78 KB 141ms
58ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-973742090&l=dataLayer&cx=c&sign=66d6929e048bf91a8704cbd82052504d48e77df6e24628f0ac8899b0a552dcff_20240403

Requested by

Host: sst.confused.com
URL: https://sst.confused.com/push?node=KK96H5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a355093765b32babb6ad11a46d1afcb29d9d296add14089b8ff42cbe959969dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79144
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 21:37:37 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Apr 2024 23:22:47 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 166ms
64ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 03 Apr 2024 23:22:47 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A4750C3C27E64E66867FBD3F0E5C829D Ref B: FRA31EDGE0608 Ref C: 2024-04-03T23:22:47Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 204 4061423.js Show response
bat.bing.com/p/action/ 0
118 B 64ms
64ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4061423.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 03 Apr 2024 23:22:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 48ECD17F7CCE4927A7A1D99FDD22856D Ref B: FRA31EDGE0608 Ref C: 2024-04-03T23:22:48Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
288 B 140ms
140ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4061423&Ver=2&mid=3e88fe8e-6bb8-4a9d-9016-c3cb08be3c03&sid=15488c40f21111eeb2e8e1c8558229ae&vid=1548a940f21111eea425b77b7fe58303&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=Confused.com%20authentication&p=https%3A%2F%2Fauthentication.confused.com%2FAccount%2FLogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253Dcustomerportal%2526redirect_uri%253Dhttps%25253A%25252F%25252Fmy.confused.com%25252Fsignin-oidc%2526response_type%253Dcode%2526scope%253Dopenid%252520profile%252520external%252520externalemail%2526code_challenge%253DUgl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0%2526code_challenge_method%253DS256%2526response_mode%253Dform_post%2526nonce%253D638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl%2526acr_values%253D%252520queryString%25253A%25253Futm_medium%25253Demail%252526utm_source%25253Dtravel%2525252Bpq%252526utm_campaign%25253Didol%2525252Bpost%2525252Bquote%252526utm_content%25253Dtravel%2526trafficType%253D42%2526state%253DCfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6%2526x-client-SKU%253DID_NET6_0%2526x-client-ver%253D6.35.0.0%26accountRedirectBypass%3Dfalse%26externalCheck%3Dfalse&r=&lt=1823&evt=pageLoad&sv=1&rn=152825

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 Apr 2024 23:22:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1C797AEDC2D84F959E736EE7065F4E4A Ref B: FRA31EDGE0608 Ref C: 2024-04-03T23:22:48Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rum Show response
authentication.confused.com/cdn-cgi/ 0
148 B 32ms
31ms XHR
text/plain 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.confused.com/cdn-cgi/rum?

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
traceparent: 00-4f0637a0aa5f4ac7be7c99426f4f8267-cf75f2369e564539-01
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
Referer
Request-Id: |4f0637a0aa5f4ac7be7c99426f4f8267.cf75f2369e564539
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:48 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://authentication.confused.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 86eccd835dc86a77-TXL

GET
H3 200 favicon.ico
authentication.confused.com/ 1 KB
2 KB 98ms
98ms Other
image/x-icon 104.16.52.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.confused.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.52.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc10493337c52bcfb2d043c59d94c0e9c49c2dd832deaddacdc10ef7a19865c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 23:22:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:9ceaad93-13dd-45d1-ac9f-a8141439f3f6
last-modified: Tue, 02 Apr 2024 07:15:46 GMT
server: cloudflare
etag: W/"1da84cd94c5b87e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YzLPSS8D5JBbUjzspFqyikMnhHXYWCLwYi2YeubwYzIY7uV7nCEkH7p7zXcpEOb8nTU7gQfX%2BHz5g96hgpT3SWgaDb5Tg4e6p15xfjrEN%2FXgHMXpPK1GJn6fMD93vr4TA6OzZgqwZUNy53GH3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
x-robots-tag: noindex, nofollow
cf-ray: 86eccd835dcc6a77-TXL
x-appversion: Identity.AuthServer.APP.master-2024.37

OPTIONS
H2 204 track
northeurope-2.in.applicationinsights.azure.com//v2/ 0
0 355ms
115ms Preflight 20.166.40.65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://northeurope-2.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.166.40.65 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://authentication.confused.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Wed, 03 Apr 2024 23:22:47 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
northeurope-2.in.applicationinsights.azure.com//v2/ 62 B
166 B 60ms
58ms XHR
application/json 20.166.40.65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://northeurope-2.in.applicationinsights.azure.com//v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.166.40.65 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

5e5fbeccb2c4426dbdd4d70dac039d69223ab935c9a43226b24b3ca75a32b637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Wed, 03 Apr 2024 23:22:47 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=utf-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
215 B 50ms
47ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1952757156&t=pageview&_s=1&dl=https%3A%2F%2Fauthentication.confused.com%2FAccount%2FLogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253Dcustomerportal%2526redirect_uri%253Dhttps%25253A%25252F%25252Fmy.confused.com%25252Fsignin-oidc%2526response_type%253Dcode%2526scope%253Dopenid%252520profile%252520external%252520externalemail%2526code_challenge%253DUgl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0%2526code_challenge_method%253DS256%2526response_mode%253Dform_post%2526nonce%253D638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl%2526acr_values%253D%252520queryString%25253A%25253Futm_medium%25253Demail%252526utm_source%25253Dtravel%2525252Bpq%252526utm_campaign%25253Didol%2525252Bpost%2525252Bquote%252526utm_content%25253Dtravel%2526trafficType%253D42%2526state%253DCfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6%2526x-client-SKU%253DID_NET6_0%2526x-client-ver%253D6.35.0.0%26accountRedirectBypass%3Dfalse%26externalCheck%3Dfalse&ul=en-us&de=UTF-8&dt=Confused.com%20authentication&sd=24-bit&sr=800x600&vp=1600x1113&je=0&cn=idol%2Bpost%2Bquote&cs=travel%2Bpq&cm=email&cc=travel&_u=aGBAgEABEAAAICAEKg~&cid=1241302133.1712186569&tid=UA-8007601-1&_gid=1873719720.1712186569&_slc=1&gtm=45Fe4410n71KK96H5v6463050za200&cd74=none&cd115=GTM-KK96H5&gcs=G101&gcd=13p3t3p2p5&dma_cps=-&dma=1&cd113=1241302133.1712186569&npa=1&z=1379318284

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Apr 2024 23:22:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://authentication.confused.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 277ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RTPL2GQWBY&gtm=45je4410v869794058z86463050za200&_p=1712186567627&gcs=G101&gcd=13p3tPp2p5&npa=1&dma_cps=-&dma=1&cid=1241302133.1712186569&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_s=1&cm=email&cs=travel%2Bpq&cn=idol%2Bpost%2Bquote&cc=travel&sid=1712186568&sct=1&seg=0&dl=https%3A%2F%2Fauthentication.confused.com%2FAccount%2FLogin%3FreturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fclient_id%253Dcustomerportal%2526redirect_uri%253Dhttps%25253A%25252F%25252Fmy.confused.com%25252Fsignin-oidc%2526response_type%253Dcode%2526scope%253Dopenid%252520profile%252520external%252520externalemail%2526code_challenge%253DUgl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0%2526code_challenge_method%253DS256%2526response_mode%253Dform_post%2526nonce%253D638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl%2526acr_values%253D%252520queryString%25253A%25253Futm_medium%25253Demail%252526utm_source%25253Dtravel%2525252Bpq%252526utm_campaign%25253Didol%2525252Bpost%2525252Bquote%252526utm_content%25253Dtravel%2526trafficType%253D42%2526state%253DCfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6%2526x-client-SKU%253DID_NET6_0%2526x-client-ver%253D6.35.0.0%26accountRedirectBypass%3Dfalse%26externalCheck%3Dfalse&dt=Confused.com%20authentication&en=page_view&_fv=1&_ss=1&ep.cookie_consent=none&tfd=2727
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RTPL2GQWBY&l=dataLayer&cx=c&sign=66d6929e048bf91a8704cbd82052504d48e77df6e24628f0ac8899b0a552dcff_20240403
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Apr 2024 23:22:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://authentication.confused.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 271ms
49ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G101&gcd=13p3t3p2p5&rnd=1263819363.1712186569&url=https%3A%2F%2Fauthentication.confused.com%2FAccount%2FLogin&dma_cps=-&dma=1&npa=1&gtm=45Fe4410n71KK96H5v6463050za200

Requested by

Host: sst.confused.com
URL: https://sst.confused.com/push?node=KK96H5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Apr 2024 23:22:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.confused.com/signin-oidc	1970-01-20 19:36:27	Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8E6cVD-jsSBMjVM-RlIWFQYTOVykc77yjHhLGW1m7l8CmJHk0Um8tlb1LzXLQyhN3HwIf4aKOTyz5ZqpdnaBfeRSgN0FiSkHXla19Id-FEjLTni3T9qVc5luq_QWvnutWbGOAA5dNgD876GbrQmsja9UNm8JEPWCuVyVPeLiieL06v2TkXn5jR8hNQL8qXq1e0AAKeUkSWhTfWOzC_uHGVMPY0-lH6IQqqqaGj65GZvsaCvt7LAK5kLZd3t0mml-aP_WfeN_8tfODFPC1bakpSA Value: N
my.confused.com/signin-oidc	1970-01-20 19:36:28	Name: .AspNetCore.Correlation.B4GRpknFEe0mJ2dTiHTUljSU_lKteJDwFmltzBPK08A Value: N
.confused.com/	1970-01-21 05:12:26	Name: X-UniqueCustomerCookieID Value: f98ed3b6-2304-43ec-b34a-8c5924b85883
.confused.com/	1969-12-31 23:59:59	Name: X-UniqueCustomerSessionID Value: dfd966de-964c-4819-85cb-84e24611f26e
.confused.com/	1969-12-31 23:59:59	Name: X-AdvertId Value: 1066
my.confused.com/	1969-12-31 23:59:59	Name: con-portal Value: CfDJ8E6cVD%2BjsSBMjVM%2BRlIWFQaeTF35C1QkMRHxstmPCa5Z1453f3O8QWf%2Bh1%2BFGKm3zIxgtUVChFy9N3Di%2FPsaTy9M3FKoIjP4BLu07sskSuNP%2Fow7LhyVf9uQ31rfkJA5ZnQbUlNhB8%2BZgSdWUukbSGWedYXWs8lX70nJStahzGLL
.my.confused.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 7f7a2c949391b430b714bd213b908d154eb5e77fe866288c8cd0358fcba9f8cd
.my.confused.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 7f7a2c949391b430b714bd213b908d154eb5e77fe866288c8cd0358fcba9f8cd
.confused.com/	1970-01-20 19:36:28	Name: __cf_bm Value: 48shaz6fLfOYD43CKA.pYw.HNB0M4SUboQ4_bwfLM5g-1712186566-1.0.1.1-H0R6Pl0exVDmGlXDgXUWYyB_d8kNQ.Iz5NKh6S3dW8zFQMuvsVNOHdEE6AcQEQow.jyF196keQdM00aNpahprPF1jukCXpsj1HhZy9IlVmQ
my.confused.com/	1970-01-20 19:37:49	Name: __cflb Value: 02DiuDDMKJcohguJ9nbV9bVewY89MVTxktoBkkjrpmbSc
authentication.confused.com/	1970-01-20 19:37:49	Name: __cflb Value: 02DiuHUSqQsgCRBbA3hb2D2Ls8B6wARbfXuc6ypAd63s2
authentication.confused.com/	1969-12-31 23:59:59	Name: .AuthenticationConfused.Session Value: CfDJ8GIf9NH3wT5NkkfyHmV1YfvJkfNuz91j3s%2FyHBn8ZfXFDX%2F115y2h4KNpMNlaYyEz4a0txXp2tye7eyPjNAW6EcS9eNhhZoML00%2Fet3hN1f%2FLtn2XOp2B9ShLw4%2FW1pUhDW1jHcar8DIAthHApZ%2FkH3o0yJU2sTZX1EEXEr5bR9A
.confused.com/	1969-12-31 23:59:59	Name: __cfruid Value: e6c8f4854e708c680778ed9eca7852cae3b9fff8-1712186566
.secure.confused.com/	1970-01-20 19:36:30	Name: TiPMix Value: 44.7219736616695
.secure.confused.com/	1970-01-20 19:36:30	Name: x-ms-routing-name Value: self
secure.confused.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: v0zxxszzcpeourgvjanwlzin
.secure.confused.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 33f8325697137838228e6d08634cdfc3df8d05e31710e7e2d325bf342f5b0a64
.secure.confused.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 33f8325697137838228e6d08634cdfc3df8d05e31710e7e2d325bf342f5b0a64
secure.confused.com/	1970-01-20 19:37:49	Name: __cflb Value: 02DiuJ4kJ94suzCvUaScL4aviyZs67rxKQe6nqJyymEep
authentication.confused.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.TgNquwaYxbM Value: CfDJ8GIf9NH3wT5NkkfyHmV1YfvpA0UKe7jU0IiicLkQtsdXJLhJyxVpFAXbj7e1KSHXCIiBfr3aCTUmYfdRGQfhil6wmeV1fp7Ouv_8wWWTImiOCGMPW5mD5DBn4S9A3saLHJ1V2q06CN3VzCb4d7gg0d4
authentication.confused.com/	1970-01-21 04:22:02	Name: ai_user Value: 2EKdZ+tEFKILxyyNr5ltDO\|2024-04-03T23:22:47.928Z
.confused.com/	1970-01-20 19:37:52	Name: _uetsid Value: 15488c40f21111eeb2e8e1c8558229ae
.confused.com/	1970-01-21 04:58:02	Name: _uetvid Value: 1548a940f21111eea425b77b7fe58303
.bing.com/	1970-01-21 04:58:02	Name: MUID Value: 1FC65E709A6769DE0F914A269BEC6887
authentication.confused.com/	1970-01-20 19:36:28	Name: ai_session Value: bGhb3vaE4eUgFUrrCYalxq\|1712186568232\|1712186568232
.confused.com/	1970-01-20 19:37:52	Name: _gid Value: GA1.2.1873719720.1712186569
.confused.com/	1970-01-21 05:12:26	Name: _ga_RTPL2GQWBY Value: GS1.1.1712186568.1.0.1712186568.0.0.0
.confused.com/	1970-01-21 05:12:26	Name: _ga Value: GA1.1.1241302133.1712186569

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://authentication.confused.com/Account/Login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirect_uri%3Dhttps%253A%252F%252Fmy.confused.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520external%2520externalemail%26code_challenge%3DUgl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl%26acr_values%3D%2520queryString%253A%253Futm_medium%253Demail%2526utm_source%253Dtravel%25252Bpq%2526utm_campaign%253Didol%25252Bpost%25252Bquote%2526utm_content%253Dtravel%26trafficType%3D42%26state%3DCfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6%26x-client-SKU%3DID_NET6_0%26x-client-ver%3D6.35.0.0&accountRedirectBypass=false&externalCheck=false Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
recommendation	verbose	URL: https://authentication.confused.com/Account/Login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirect_uri%3Dhttps%253A%252F%252Fmy.confused.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520external%2520externalemail%26code_challenge%3DUgl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl%26acr_values%3D%2520queryString%253A%253Futm_medium%253Demail%2526utm_source%253Dtravel%25252Bpq%2526utm_campaign%253Didol%25252Bpost%25252Bquote%2526utm_content%253Dtravel%26trafficType%3D42%26state%3DCfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6%26x-client-SKU%3DID_NET6_0%26x-client-ver%3D6.35.0.0&accountRedirectBypass=false&externalCheck=false Message: [DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://authentication.confused.com/Account/Login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dcustomerportal%26redirect_uri%3Dhttps%253A%252F%252Fmy.confused.com%252Fsignin-oidc%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520external%2520externalemail%26code_challenge%3DUgl0SsZLQehTde1ffAKIbvwHl-1rFJa39jiXDdvMep0%26code_challenge_method%3DS256%26response_mode%3Dform_post%26nonce%3D638477833663627836.ZDdkZmQ0YmItNjYzZC00OGYyLWIwYzUtYmVlODI3NWVlMjY3NTlkZjEwMGYtMzI0Mi00YjMxLTg3MjQtYjFmMTBjM2MwNzZl%26acr_values%3D%2520queryString%253A%253Futm_medium%253Demail%2526utm_source%253Dtravel%25252Bpq%2526utm_campaign%253Didol%25252Bpost%25252Bquote%2526utm_content%253Dtravel%26trafficType%3D42%26state%3DCfDJ8E6cVD-jsSBMjVM-RlIWFQZPZ_9wuVV2e9qvQECW3Io8G7xQgEQS4w3XODc3f_vqh6qSy4wJ3McbUQdIYXaF7c36z4npW4dcq5abSR2k6sw1UE7ZrOMI8u5HmvTOWepBsaUQ3Qn7MenIslkfMlFqZeo-ucDDMIDFGeKXYRTK_Z2pwsS4wuy-8AI79nv5RtXYrilAMN8LDGxNXEvbUqaKoLZliaD5ip3PL8EF4qR8hEi8c-V_1SAQhO6jfEm3bu3ThVITBp4lKqWzJ005DhQ-Ddm5gsscJkyW8-Kan9YM8nJtJsS9ZqtMG6S1kS4HfUQjGQq8EgNL4J8Z4w_laKf_yTL6Mw4bOMqMqkpiB5nJLJ_XbbowoixaopZMW7DeIeWm8fYHUJra3hjfCPtc8JrtqkuMEVET_S3S9tQXuUMmrLEsnoQ7NPyGQ6z8davzkv4TmJMN_ud7hlJ1gsO6ncynwLD_T4IWJDdHqFnXOv7biA-6%26x-client-SKU%3DID_NET6_0%26x-client-ver%3D6.35.0.0&accountRedirectBypass=false&externalCheck=false Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts allow-popups; base-uri 'self'; script-src 'self' https://sst.confused.com https://js.monitor.azure.com https://mpsnare.iesnare.com https://static.cloudflareinsights.com https://www.googletagmanager.com https://www.google-analytics.com https://confused.my.salesforce.com https://static.lightning.force.com https://webchat.secure.force.com/liveAgentSetupFlow/ https://googleads.g.doubleclick.net https://bat.bing.com https://*.fls.doubleclick.net https://cdn.quantummetric.com https://cdn.optimizely.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://service.force.com/embeddedservice/ https://webchat.secure.force.com 'unsafe-inline'; font-src 'self' https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/ data:; frame-src 'self' https://service.force.com/embeddedservice/; connect-src https: wss:; media-src https: data:; img-src https: data:; worker-src 'self' blob:; report-uri https://reporturi.confused.com/cspupgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts allow-popups; base-uri 'self'; script-src 'self' https://sst.confused.com https://js.monitor.azure.com https://mpsnare.iesnare.com https://static.cloudflareinsights.com https://www.googletagmanager.com https://www.google-analytics.com https://confused.my.salesforce.com https://static.lightning.force.com https://webchat.secure.force.com/liveAgentSetupFlow/ https://googleads.g.doubleclick.net https://bat.bing.com https://*.fls.doubleclick.net https://cdn.quantummetric.com https://cdn.optimizely.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://service.force.com/embeddedservice/ https://webchat.secure.force.com 'unsafe-inline'; font-src 'self' https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/ data:; frame-src 'self' https://service.force.com/embeddedservice/; connect-src https: wss:; media-src https: data:; img-src https: data:; worker-src 'self' blob:; report-uri https://reporturi.confused.com/cspupgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

authentication.confused.com
bat.bing.com
js.monitor.azure.com
my.confused.com
northeurope-2.in.applicationinsights.azure.com
pagead2.googlesyndication.com
region1.google-analytics.com
secure.confused.com
sst.confused.com
static.cloudflareinsights.com
www.google-analytics.com
www.googletagmanager.com
104.16.52.69
142.250.185.226
20.166.40.65
2001:4860:4802:32::36
2001:4860:4802:34::178
2606:4700::6810:4f49
2620:1ec:46::67
2620:1ec:c11::237
2a00:1450:4001:806::2008
0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b
1b7289390fd8cc9d340ba97349159ab926f48dac96f2e2058080ea6c0d71875d
1b8c634494a87d36870e5f32e2fb37ad95f7ac4694f1146d6c5e51ed0c491af6
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
3272cebf50e9cea017ebbb8711ab2cf476c1ac397367b2b0f7840e638eb14123
428bfa0ec85201f237da98adb92c664a07aa1e840cf27d923bf8c58bba2dcaaf
4984f99d55e695cd304fef0898442b7af1cc367ed63afe8c820f356a638224c8
4f1102efe278e0dd01e64c3630eb86efda8b05ddbd322ce4b7ec9d78750d4de6
5be304bdd3746f6e82a7a100c11e33b702cd7833335ec71fa983476c22b7dc8e
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
5e5fbeccb2c4426dbdd4d70dac039d69223ab935c9a43226b24b3ca75a32b637
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
78fd59443c5459d53d6d75afc549f0de9cf23407edab4908d7fa549fba3ae5eb
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8ed2f39518943a2ba692b7b18ae5d378cd8928647e7066bc011a5edd63c5b1e6
9da26e6969d24810d7ce6937ed19b0325e153614989d00785d38e52ef32a2f43
9ded05e87233cee59f1e12782977db925f05d720067f120627c8452f6a66153f
a355093765b32babb6ad11a46d1afcb29d9d296add14089b8ff42cbe959969dc
ad650d0037f43e20563ce16ca2a3b2758af61fd3c343b408c1b0b7f37599dc82
b4046df51dcbb909f24833cbcf488dc20cd81f5776d6bbd558903ecda5ba574a
bb53c3331f76fdad7f8e00e3d4b53600231991cec40a59636d436f8040e77802
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136
d89a2c4d25f9189dfacf5209d1f0a5229c9a08279e529d6cf25e9671765cfab8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc10493337c52bcfb2d043c59d94c0e9c49c2dd832deaddacdc10ef7a19865c3

authentication.confused.com Open in urlscan Pro 104.16.52.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

67 %IPv6

7 Domains

12 Subdomains

9 IPs

4 Countries

571 kBTransfer

1415 kBSize

28 Cookies

2 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

authentication.confused.com Open in urlscan Pro
104.16.52.69 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

12
Subdomains

9
IPs

4
Countries

571 kB
Transfer

1415 kB
Size

28
Cookies

31 HTTP transactions
0 data transactions