www.confidenttries.com Open in urlscan Pro
2606:4700:30::681b:b894 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s.free.fr/7HB3inMd
Effective URL:
https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=...
Submission: On December 01 via api (December 1st 2019, 9:33:17 am UTC) from BE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 5 countries across 9 domains to perform 24 HTTP transactions. The main IP is 2606:4700:30::681b:b894, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.confidenttries.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 9th 2019. Valid for: a year.

This is the only time www.confidenttries.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a01:e0c:1:15... 2a01:e0c:1:1599::29	12322 (PROXAD) (PROXAD)
1 1	115.68.229.135 115.68.229.135	38700 (SMILESERV...) (SMILESERV-AS-KR SMILESERV)
1 1	35.204.164.160 35.204.164.160	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2606:4700:30:... 2606:4700:30::681b:9386	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
14	2606:4700:30:... 2606:4700:30::681b:b894	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	52.219.73.127 52.219.73.127	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
24	5

1 2a01:e0c:1:1599::29 (France) 1 redirects

ASN12322 (PROXAD, FR)

s.free.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 115.68.229.135 (Korea, Republic Of) 1 redirects

ASN38700 (SMILESERV-AS-KR SMILESERV, KR)

hoy.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.164.160 (Ascension Island) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 160.164.204.35.bc.googleusercontent.com

nightreti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:9386 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.straightdevelopment.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:30::681b:b894 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.confidenttries.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.219.73.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3.eu-central-1.amazonaws.com

s3-eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	confidenttries.com www.confidenttries.com	135 KB
4	googleapis.com fonts.googleapis.com	2 KB
3	gstatic.com fonts.gstatic.com	39 KB
2	amazonaws.com s3-eu-central-1.amazonaws.com	118 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	straightdevelopment.net 1 redirects www.straightdevelopment.net	574 B
1	nightreti.com 1 redirects nightreti.com	822 B
1	hoy.kr 1 redirects hoy.kr	650 B
1	free.fr 1 redirects s.free.fr	200 B
24	9

	Domain	Requested by
14	www.confidenttries.com	www.confidenttries.com
4	fonts.googleapis.com	www.confidenttries.com
3	fonts.gstatic.com	www.confidenttries.com
2	s3-eu-central-1.amazonaws.com	www.confidenttries.com
1	cdn.onesignal.com	www.confidenttries.com
1	www.straightdevelopment.net	1 redirects
1	nightreti.com	1 redirects
1	hoy.kr	1 redirects
1	s.free.fr	1 redirects
24	9

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-10-09` - `2020-10-08`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
ssl898578.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-11` - `2020-04-18`	6 months	crt.sh
*.s3.eu-central-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-10`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Frame ID: BB87D3F35ED3AE474AD422FB04E2B7A7
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://s.free.fr/7HB3inMd HTTP 301
https://hoy.kr/lB5mz HTTP 301
https://nightreti.com/?a=1953&oc=9380&c=27346&m=3&s1= HTTP 302
https://www.straightdevelopment.net/tracking/58c29ee4e7f63f4c290e112b?src=5729b5abebf831fa4977efc1&s1=1953&s2=&s... HTTP 302
https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

100 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

5
IPs

5
Countries

297 kB
Transfer

732 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.free.fr/7HB3inMd HTTP 301
https://hoy.kr/lB5mz HTTP 301
https://nightreti.com/?a=1953&oc=9380&c=27346&m=3&s1= HTTP 302
https://www.straightdevelopment.net/tracking/58c29ee4e7f63f4c290e112b?src=5729b5abebf831fa4977efc1&s1=1953&s2=&s3=&s4=&s5=&k=5c5d44b8d8c8532390e6bebe&extuid=133457889 HTTP 302
https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request nrp=5de388c9ca75775fea733420 Show response
www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/
Redirect Chain

https://s.free.fr/7HB3inMd
https://hoy.kr/lB5mz
https://nightreti.com/?a=1953&oc=9380&c=27346&m=3&s1=
https://www.straightdevelopment.net/tracking/58c29ee4e7f63f4c290e112b?src=5729b5abebf831fa4977efc1&s1=1953&s2=&s3=&s4=&s5=&k=5c5d44b8d8c8532390e6bebe&extuid=133457889
https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420

36 KB
9 KB

439ms
347ms

Document
text/html

2606:4700:30::681b:b894
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:b894 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59935467945c373b7e030785316b26b2692c707746e2c92bc3b61e1df419b6b1

Request headers

:method: GET
:authority: www.confidenttries.com
:scheme: https
:path: /survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Sun, 01 Dec 2019 09:32:58 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4d47a6c89b65a083c0dd88433a8a2b241575192777; expires=Tue, 31-Dec-19 09:32:57 GMT; path=/; domain=.confidenttries.com; HttpOnly laravel_session=eyJpdiI6ImxWaTR4RGN0YVd3SEpTV1ZKSE0yQ3c9PSIsInZhbHVlIjoiR0xYazFxajJaVXJkSUVKUEtNRTRoR2lUTmMyMGIyN0I4c1ZRMHlNNzhWTFp6Z1NKenZ2TG1BdWlJbkJSclV0WXRZZTRETGpxQWxudmlXTjFuMUxSUGc9PSIsIm1hYyI6ImEzYzY0ZmY0NGRlY2ZmMzBhZjVjNTUzNmU4YTU1OTIwN2MyYjFlZjA3NzgwYWYwMTZlN2M5ZDhlMzUzZjY3ZmEifQ%3D%3D; expires=Sun, 08-Dec-2019 08:11:58 GMT; Max-Age=599940; path=/; httponly
vary: Accept-Encoding
cache-control: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 53e40e8d9a26cbc0-VIE
content-encoding: br

Redirect headers

status: 302
date: Sun, 01 Dec 2019 09:32:57 GMT
set-cookie: __cfduid=da09a3df2c16bd7b203e827b1897b87071575192777; expires=Tue, 31-Dec-19 09:32:57 GMT; path=/; domain=.straightdevelopment.net; HttpOnly c2lub3M=5de388c9ca75775fea733420; Max-Age=595999; Path=/; Expires=Sun, 08 Dec 2019 07:06:16 GMT connect.sid=s%3A4upp-D7sNvcHtft-pTA5f1NEFRp6gdfT.gD2xXyd0k4RwmXcj4igB6e4wQVOwrULaMJOt7l1wEcg; Path=/; HttpOnly
x-powered-by: Express
access-control-allow-origin: *
location: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 53e40e8c48e5cbc4-VIE

GET
H2 200 backend.css
www.confidenttries.com/css/ 2 KB
711 B 64ms
54ms Stylesheet
text/css 2606:4700:30::681b:b894
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.confidenttries.com/css/backend.css
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:b894 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b24eb9638260837328cb57cc88a42c7472eebcef0d23ad953073901d3bf41c6d

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Dec 2019 09:32:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Jun 2017 10:13:06 GMT
server: cloudflare
etag: W/"59410c32-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 53e40e90296bcbc0-VIE

GET
H2 200 bootstrap.css
www.confidenttries.com/css/ 144 KB
20 KB 91ms
81ms Stylesheet
text/css 2606:4700:30::681b:b894
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.confidenttries.com/css/bootstrap.css
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:b894 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Dec 2019 09:32:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 14 Jun 2017 10:14:22 GMT
server: cloudflare
etag: W/"59410c7e-23fe6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 53e40e903981cbc0-VIE

GET
H2 200 jquery.js Show response
www.confidenttries.com/js/ 278 KB
79 KB 99ms
90ms Script
application/javascript 2606:4700:30::681b:b894
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.confidenttries.com/js/jquery.js
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:b894 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Dec 2019 09:32:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 14 Jun 2017 09:51:56 GMT
server: cloudflare
etag: W/"5941073c-456ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 53e40e903984cbc0-VIE

GET
H2 200 bootstrap.js Show response
www.confidenttries.com/js/ 67 KB
13 KB 95ms
86ms Script
application/javascript 2606:4700:30::681b:b894
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.confidenttries.com/js/bootstrap.js
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:b894 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Dec 2019 09:32:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 14 Jun 2017 09:51:58 GMT
server: cloudflare
etag: W/"5941073e-10d1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 53e40e903987cbc0-VIE

GET
H2 200 jquery.cookie.js Show response
www.confidenttries.com/js/plugins/jqueryCookie/ 3 KB
1 KB 73ms
65ms Script
application/javascript 2606:4700:30::681b:b894
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.confidenttries.com/js/plugins/jqueryCookie/jquery.cookie.js
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:b894 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Dec 2019 09:32:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 14 Jun 2017 09:55:44 GMT
server: cloudflare
etag: W/"59410820-c31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 53e40e903989cbc0-VIE

GET
H2 200 simple_green4.css
www.confidenttries.com/css/tpl_css/ 8 KB
2 KB 69ms
62ms Stylesheet
text/css 2606:4700:30::681b:b894
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.confidenttries.com/css/tpl_css/simple_green4.css
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:b894 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b336ee919770f24464a0092df7f6abc78383d7c7054174713908b4b079cdae2e

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Dec 2019 09:32:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Mar 2018 09:55:48 GMT
server: cloudflare
etag: W/"5aa7a024-1e64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 53e40e903982cbc0-VIE

GET
H2 200 currency_cnd2.js Show response
www.confidenttries.com/custom_js/ 1 KB
508 B 79ms
72ms Script
application/javascript 2606:4700:30::681b:b894
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.confidenttries.com/custom_js/currency_cnd2.js
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:b894 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7793635b3a67ad46bb0f738f17326d1d4de4ef3e9a2a2ee4ac4e318a77dabd0

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Dec 2019 09:32:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 14 Jun 2017 10:12:22 GMT
server: cloudflare
etag: W/"59410c06-5f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 53e40e90398acbc0-VIE

GET
H2 200 css
fonts.googleapis.com/ 3 KB
540 B 21ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Signika+Negative:400,600,700&subset=latin-ext

Requested by

Host: www.confidenttries.com
URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

563abce668065e2855aa63f90e625f1845fc9e0aa8129be7c39afeb39aae2891

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 01 Dec 2019 09:32:58 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 01 Dec 2019 09:32:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 01 Dec 2019 09:32:58 GMT

GET
H2 200 blue_notys3.css
www.confidenttries.com/css/ 9 KB
2 KB 76ms
71ms Stylesheet
text/css 2606:4700:30::681b:b894
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.confidenttries.com/css/blue_notys3.css
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:b894 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae88db06df66fada6bd19661950611c6a69796df07f7a97991ec8db92c124af7

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Dec 2019 09:32:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Nov 2017 11:25:46 GMT
server: cloudflare
etag: W/"5a0c243a-2381"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 53e40e903983cbc0-VIE

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 54ms
16ms Script
application/javascript 2606:4700::6812:e134
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44aae6fbe386483965d5e393b0618b2bf5e27a6910b8f3e9ff3cadd62bacbabd

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Dec 2019 09:32:58 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 1030
etag: W/"967648c5f43f1acc3f64970983a5d03f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 53e40e9069eacbcc-VIE
expires: Sun, 01 Dec 2019 21:32:58 GMT

GET
H2 200 prof_pic.png
www.confidenttries.com/img/ 3 KB
3 KB 71ms
67ms Image
image/png 2606:4700:30::681b:b894
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.confidenttries.com/img/prof_pic.png
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:b894 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: de8025dffc57069d02c00a3640796dec23114f51af54c209b8fee272d8d0ecd6

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Dec 2019 09:32:58 GMT
cf-cache-status: MISS
last-modified: Wed, 14 Jun 2017 09:51:47 GMT
server: cloudflare
etag: "59410733-b0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 53e40e90398bcbc0-VIE
content-length: 2828
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 public.png
www.confidenttries.com/img/ 1 KB
1 KB 70ms
58ms Image
image/png 2606:4700:30::681b:b894
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.confidenttries.com/img/public.png
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:b894 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2897f490eaee6fd3c20a755839a30d051c2b4423a9cbc1af2a6d8a05c15e9154

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Dec 2019 09:32:58 GMT
cf-cache-status: MISS
last-modified: Wed, 14 Jun 2017 09:49:18 GMT
server: cloudflare
etag: "5941069e-517"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 53e40e90caeacbc0-VIE
content-length: 1303
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 403 /
www.confidenttries.com/uploads/products/ 555 B
555 B 61ms
55ms Image
text/html 2606:4700:30::681b:b894
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.confidenttries.com/uploads/products/
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:b894 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dbfab0a5424fb49d6ebfdc763a0b0d6982f51ca23192f0140b900a44baa593b

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Dec 2019 09:32:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 403
cf-ray: 53e40e90caeccbc0-VIE

GET
H2 200 css
fonts.googleapis.com/ 4 KB
580 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:800::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

4c940a58b40018214ca32665ff4cf755522b32a027b309cccb950ccd22e27637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 01 Dec 2019 09:32:58 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 01 Dec 2019 09:32:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 01 Dec 2019 09:32:58 GMT

GET
H2 200 20170517113334_check.png
www.confidenttries.com/uploads/ 1 KB
2 KB 17ms
16ms Image
image/png 2606:4700:30::681b:b894
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.confidenttries.com/uploads/20170517113334_check.png
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:b894 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54685db07aca72f8729aafc7d545ad6cd2804361d9d1960a48c20a5bc02967f9

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 01 Dec 2019 09:32:58 GMT
cf-cache-status: HIT
last-modified: Wed, 17 May 2017 09:33:34 GMT
server: cloudflare
age: 1644392
etag: "591c18ee-5c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 53e40e911ba1cbc0-VIE
content-length: 1477
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 763 B
386 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:800::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

ff4610869c48d9eefb45f127331f4203f8624db93d14cb268c69c38cfc77620e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 01 Dec 2019 09:32:58 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 01 Dec 2019 09:32:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 01 Dec 2019 09:32:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
700 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

0d9b67625f262e1eba2b5294ffbd97db236096233fb4fbb4b5cb01e8defffe1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 01 Dec 2019 09:32:58 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 01 Dec 2019 09:32:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 01 Dec 2019 09:32:58 GMT

GET
H/1.1 200
OK background3_incode_newhbo.jpg
s3-eu-central-1.amazonaws.com/igamingcloudstr/images/ 104 KB
104 KB 69ms
49ms Image
image/jpg 52.219.73.127
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-central-1.amazonaws.com/igamingcloudstr/images/background3_incode_newhbo.jpg
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.73.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: af0b1d3088755d3bfff4c14b6a9d495a1697c24875303f6b2285b931e683bf5f

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 01 Dec 2019 09:32:59 GMT
Last-Modified: Fri, 08 Feb 2019 08:53:07 GMT
Server: AmazonS3
x-amz-request-id: BAE5934B330557DF
ETag: "38e7f0a2d7a5710fc6aab25ef3cc1fd3"
Content-Type: image/jpg
Accept-Ranges: bytes
Content-Length: 106014
x-amz-id-2: mFcTmWiU5gwByhauf8uf22dT2zbL2AFdEFxc9RwOeUJt3i8DxIdSCXhLF3sI3H6PS7pKZwbrHUU=

GET
H2 200 E218_cfngu7HiRpPX3ZpNE4kY5zKYvWhr7vr5zc.woff2
fonts.gstatic.com/s/signikanegative/v10/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/signikanegative/v10/E218_cfngu7HiRpPX3ZpNE4kY5zKYvWhr7vr5zc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

740c2953cfae463962da14bacc385c870c1579c70f5325053822cb916e642503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Signika+Negative:400,600,700&subset=latin-ext
Origin: https://www.confidenttries.com

Response headers

date: Wed, 20 Nov 2019 15:15:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:38:20 GMT
server: sffe
age: 929840
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12060
x-xss-protection: 0
expires: Thu, 19 Nov 2020 15:15:38 GMT

GET
H/1.1 200
OK topmenu_newhbo.jpg
s3-eu-central-1.amazonaws.com/igamingcloudstr/images/ 14 KB
14 KB 60ms
40ms Image
image/jpg 52.219.73.127
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-central-1.amazonaws.com/igamingcloudstr/images/topmenu_newhbo.jpg
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/js/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.73.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bc686bee454b25fceccc2b62076fb139811940ab579c1601cb6d8321b815cbd6

Request headers

Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 01 Dec 2019 09:32:59 GMT
Last-Modified: Fri, 08 Feb 2019 08:38:17 GMT
Server: AmazonS3
x-amz-request-id: FF47DBFE7FF7BBEC
ETag: "b24c9801ec1d75437330495133f6daba"
Content-Type: image/jpg
Accept-Ranges: bytes
Content-Length: 14234
x-amz-id-2: h02HtRP+i18IrAWgsMNfkoUAO6FtrGBfrjhCz51Zh3ud61GEn95nyHpmVm5/fERIeK1sDS6yvbI=

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: www.confidenttries.com
URL: https://www.confidenttries.com/js/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
Origin: https://www.confidenttries.com

Response headers

date: Tue, 19 Nov 2019 01:26:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 1065968
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13612
x-xss-protection: 0
expires: Wed, 18 Nov 2020 01:26:50 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: www.confidenttries.com
URL: https://www.confidenttries.com/js/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
Origin: https://www.confidenttries.com

Response headers

date: Tue, 19 Nov 2019 01:08:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 1067058
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13708
x-xss-protection: 0
expires: Wed, 18 Nov 2020 01:08:40 GMT

POST
H2 200 survey Show response
www.confidenttries.com/survey/ 73 B
493 B 78ms
78ms XHR
text/html 2606:4700:30::681b:b894
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.confidenttries.com/survey/survey
Requested by: Host: www.confidenttries.com
URL: https://www.confidenttries.com/js/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:b894 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad00b579caf455c9dc60bf2cf178a56634ebdd2a2f6ea3a47d28a6bf7b8dd762

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420
Origin: https://www.confidenttries.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 01 Dec 2019 09:32:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.confidenttries.com
cache-control: no-cache
cf-ray: 53e40e915c34cbc0-VIE

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.confidenttries.com/	1970-01-19 05:43:17	Name: b2ZmZXJXYWxs Value: %7B%22campaign%22%3A%2212973%22%2C%22survey%22%3A%2214917%22%2C%22source%22%3A%225729b5abebf831fa4977efc1%22%2C%22subid%22%3A%22subid%3D5729b5abebf831fa4977efc1%26firstname%3D%26lastname%3D%26email%3D%26address%3D%22%2C%22firstSession%22%3A%22ukh5jSVUTMf8S43XVzNV7nyqTEfHCbrdy2DjR092_12973%22%7D
www.confidenttries.com/	1970-01-19 05:43:12	Name: laravel_session Value: eyJpdiI6ImxWaTR4RGN0YVd3SEpTV1ZKSE0yQ3c9PSIsInZhbHVlIjoiR0xYazFxajJaVXJkSUVKUEtNRTRoR2lUTmMyMGIyN0I4c1ZRMHlNNzhWTFp6Z1NKenZ2TG1BdWlJbkJSclV0WXRZZTRETGpxQWxudmlXTjFuMUxSUGc9PSIsIm1hYyI6ImEzYzY0ZmY0NGRlY2ZmMzBhZjVjNTUzNmU4YTU1OTIwN2MyYjFlZjA3NzgwYWYwMTZlN2M5ZDhlMzUzZjY3ZmEifQ%3D%3D
www.confidenttries.com/	1970-01-19 05:43:17	Name: survey_id_14917 Value: true
.confidenttries.com/	1970-01-19 06:16:24	Name: __cfduid Value: d4d47a6c89b65a083c0dd88433a8a2b241575192777

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420(Line 656) Message: processed: firstname- lastname- email- address-
console-api	info	URL: https://www.confidenttries.com/survey/12973/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1&firstname=&lastname=&email=&address=/nrp=5de388c9ca75775fea733420(Line 656) Message: TP init

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
fonts.googleapis.com
fonts.gstatic.com
hoy.kr
nightreti.com
s.free.fr
s3-eu-central-1.amazonaws.com
www.confidenttries.com
www.straightdevelopment.net
115.68.229.135
2606:4700:30::681b:9386
2606:4700:30::681b:b894
2606:4700::6812:e134
2a00:1450:4001:800::200a
2a00:1450:4001:809::2003
2a01:e0c:1:1599::29
35.204.164.160
52.219.73.127
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0d9b67625f262e1eba2b5294ffbd97db236096233fb4fbb4b5cb01e8defffe1b
2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed
2897f490eaee6fd3c20a755839a30d051c2b4423a9cbc1af2a6d8a05c15e9154
44aae6fbe386483965d5e393b0618b2bf5e27a6910b8f3e9ff3cadd62bacbabd
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4c940a58b40018214ca32665ff4cf755522b32a027b309cccb950ccd22e27637
54685db07aca72f8729aafc7d545ad6cd2804361d9d1960a48c20a5bc02967f9
563abce668065e2855aa63f90e625f1845fc9e0aa8129be7c39afeb39aae2891
59935467945c373b7e030785316b26b2692c707746e2c92bc3b61e1df419b6b1
6dbfab0a5424fb49d6ebfdc763a0b0d6982f51ca23192f0140b900a44baa593b
740c2953cfae463962da14bacc385c870c1579c70f5325053822cb916e642503
ad00b579caf455c9dc60bf2cf178a56634ebdd2a2f6ea3a47d28a6bf7b8dd762
ae88db06df66fada6bd19661950611c6a69796df07f7a97991ec8db92c124af7
af0b1d3088755d3bfff4c14b6a9d495a1697c24875303f6b2285b931e683bf5f
b24eb9638260837328cb57cc88a42c7472eebcef0d23ad953073901d3bf41c6d
b336ee919770f24464a0092df7f6abc78383d7c7054174713908b4b079cdae2e
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
bc686bee454b25fceccc2b62076fb139811940ab579c1601cb6d8321b815cbd6
d7793635b3a67ad46bb0f738f17326d1d4de4ef3e9a2a2ee4ac4e318a77dabd0
de8025dffc57069d02c00a3640796dec23114f51af54c209b8fee272d8d0ecd6
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058
ff4610869c48d9eefb45f127331f4203f8624db93d14cb268c69c38cfc77620e

www.confidenttries.com Open in urlscan Pro 2606:4700:30::681b:b894 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

67 %IPv6

9 Domains

9 Subdomains

5 IPs

5 Countries

297 kBTransfer

732 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

22 JavaScript Global Variables

4 Cookies

3 Console Messages

Indicators

www.confidenttries.com Open in urlscan Pro
2606:4700:30::681b:b894 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

5
IPs

5
Countries

297 kB
Transfer

732 kB
Size

4
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!