urlscan.io logo urlscan.io
SecurityTrails logo

www.my-confirmation.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.my-confirmation.com/
Effective URL: https://www.my-confirmation.com/cgi-bin/wingame.pl
Submission: On December 02 via manual from MY — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 70 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.my-confirmation.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 30th 2022. Valid for: a year.
This is the only time www.my-confirmation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.my-confirmation.com
22    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.my-confirmation.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    2606:4700:20::681a:f1f (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.nl
1    116.203.25.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.25.203.116.clients.your-server.de
myapac.mycleverpush.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2606:4700:20::681a:e1f (United States)

ASN13335 (CLOUDFLARENET, US)
api.cleverpush.com
8    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
23 my-confirmation.com
www.my-confirmation.com
525 KB
17 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
305 KB
14 cleverpush.com
static.cleverpush.com — Cisco Umbrella Rank: 16187
api.cleverpush.com — Cisco Umbrella Rank: 16182
124 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
43 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 google.nl
adservice.google.nl — Cisco Umbrella Rank: 13585
914 B
2 gstatic.com
fonts.gstatic.com
32 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 182
48 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 859
705 B
1 mycleverpush.com
myapac.mycleverpush.com
26 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
70 11
Domain Requested by
23 www.my-confirmation.com 1 redirects www.my-confirmation.com
10 static.cleverpush.com www.my-confirmation.com
static.cleverpush.com
myapac.mycleverpush.com
9 pagead2.googlesyndication.com www.my-confirmation.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.my-confirmation.com
googleads.g.doubleclick.net
4 api.cleverpush.com static.cleverpush.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.nl pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 myapac.mycleverpush.com static.cleverpush.com
1 fonts.googleapis.com www.my-confirmation.com
70 14

This site contains links to these domains. Also see Links.

Domain
trk.adstrck123.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-30 -
2023-05-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.mycleverpush.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-06 -
2023-06-06		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.my-confirmation.com/cgi-bin/wingame.pl
Frame ID: 098CB922E8CB38B52D43EB760A169D8F
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: EC5AC50862B1B40CD7B8232B32B13845
Requests: 1 HTTP requests in this frame

Frame: https://myapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.my-confirmation.com
Frame ID: F9383617601BB40B752D1C01FA9AFEF2
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2025979610086129&output=html&adk=2548858943&adf=2513742895&lmt=1669946587&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.my-confirmation.com%2Fcgi-bin%2Fwingame.pl%3F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669946587641&bpp=5&bdt=345&idt=304&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6775756807467&frm=20&pv=2&ga_vid=731640374.1669946588&ga_sid=1669946588&ga_hid=1438559777&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880&oid=2&pvsid=2973261066920851&tmod=1684023261&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=325
Frame ID: 9BC5CAF26F1A75A17D0DF5BB69B47D53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: F45E9A536E830323DF9A582385257111
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E2EBE1ED948770600D360C706EBB304F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: 60C0D3D199538BDD5DADAA20EF4CA3F6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DBD70AC7F988B3A52C512F873BF8936B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7EA138C192B1935BD2A1E191A6E1E170
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Samsung S21 Giveaway

Page URL History Show full URLs

  1. http://www.my-confirmation.com/ HTTP 302
    https://www.my-confirmation.com/cgi-bin/wingame.pl Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mootools.*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

70
Requests

100 %
HTTPS

80 %
IPv6

11
Domains

14
Subdomains

15
IPs

3
Countries

1106 kB
Transfer

2392 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.my-confirmation.com/ HTTP 302
    https://www.my-confirmation.com/cgi-bin/wingame.pl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wingame.pl
www.my-confirmation.com/cgi-bin/
Redirect Chain
  • http://www.my-confirmation.com/
  • https://www.my-confirmation.com/cgi-bin/wingame.pl?
32 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c51b1731634f8c25134b3ea0442f4ed08db82e039f96d95c3b99786031b20c16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77307bf8ae9590ee-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Fri, 02 Dec 2022 02:03:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6WLu2dUDZRHJnfjZ4AcmYiBsSiT0X4DypupInMqfVsA8VMJEs6VRZAb08vHm1Gsb7KGntptutSM%2Fy54KKF65mSb0o72ahlIRTT9ggxGCIRyQVWcqkGfCJRty1AnpSHSdutfnS2mUQPcxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
x-firstpage
1
x-map-context
my
x-page
pregame
x-served-by
c-01

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
77307bf7ce4e9a3b-FRA
Connection
keep-alive
Content-Type
text/html
Date
Fri, 02 Dec 2022 02:03:06 GMT
Location
https://www.my-confirmation.com/cgi-bin/wingame.pl?
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkUIienqfbmE99Ge59WjjxwTp1N0P4cNH4xXlY3p7Zp60bmrMtMSkEvzHuqdbKKCdVLaNxS0jT1y%2BBAgJ59d0MBBK8AdU7XER2uFwhy4moN7QlpnoX11zZsR2SsJ0ZVY8qG5gPz0GO0Jyg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
URI
<https://www.my-confirmation.com/cgi-bin/wingame.pl?>
X-Map-Context
my
X-Served-By
c-02
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
default.css
www.my-confirmation.com/_global/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.my-confirmation.com/_global/css/default.css?2022-12-01.5
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a211fa8cfb82dcb3b146a1b52b658cb54aab0e8643753a2ee4e91bbab7cea84d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-02
last-modified
Mon, 18 Feb 2019 07:52:24 GMT
server
cloudflare
x-map-context
my
etag
W/"5c6a6438-10e7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLrfDyzeaL8CkjnYEfAlwMcm71rOvdE01oDKn1fhmA7PnlO0bQ0dV0qPklJIaloNtfWvkGAzS0mCssecUBrXcoSo%2BqSKS4lcX3K1brzLfWpU55XyOti3v2RhKLa1eqWp7txI7MqD%2Bl0z9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
77307bfab8e790ee-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
font-awesome.min.css
www.my-confirmation.com/_global/fonts/font-awesome-4.6.3/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.my-confirmation.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-12-01.5
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-02
last-modified
Thu, 18 Aug 2016 09:52:51 GMT
server
cloudflare
x-map-context
my
etag
W/"57b58573-71c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbg1QAC0HY5YQyoUkfeGLfp0OrTKSrAEu6eKfde7TsYWIzq1fNDa8YnH4gFr9K%2BRj%2BFzoYnrlSW0R%2FGfpD3NVoYu9P77rorSTYiE%2Bf7puymanzZKNc3%2B9iSJa9FLG1az0Lx0i6NzTzpxHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
77307bfab8eb90ee-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
series.css
www.my-confirmation.com/_global/wingame/74/css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.my-confirmation.com/_global/wingame/74/css/series.css?2022-12-01.5
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6fdf7a06a8a4a5bc6c9c0a36b594ab0b2631e520b5f4d00e68fcaaa433f7d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-03
last-modified
Tue, 19 Apr 2022 09:50:17 GMT
server
cloudflare
x-map-context
my
etag
W/"625e85d9-616e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7MEfC7N%2FVs9yJl%2FQf4oxIdsHsI0JUfCSzZdCzeTn6EyIiOUk1U6KWpzLTjkVV%2BL305R%2F4DRLic5Zh%2BXHOAeCKJklZKpWFyKJM6u0FQIa56H%2Fye32SgV6quyzAc2ZGjP2o%2FW7pyVtgfqxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
77307bfab8ee90ee-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
sweepstake.css
www.my-confirmation.com/wingame/49/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.my-confirmation.com/wingame/49/css/sweepstake.css?2022-12-01.5
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4076636b9ae5e61ad5243e615fc69f4f76e5d515651d5435a1a719937380fff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-04
last-modified
Mon, 07 Nov 2022 12:15:20 GMT
server
cloudflare
x-map-context
my
etag
W/"6368f6d8-2048"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbqqEM4AfxNuwkiBfDhxrqmGnGNk%2B%2Fz%2Fq2%2BD5JyLGuXgt3g4N4m8Z2MWhgrfoHokl%2BoiuGUvFcLxjIHX0tvBLYjxclgbYHfeuq3iAckTTS4R3Y1gMT17A2tOifDDoSRCsBeltgNOmJgHJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
77307bfab8f090ee-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
theme.css
www.my-confirmation.com/_global/wingame/74/themes/default/css/ 		48 B
391 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.my-confirmation.com/_global/wingame/74/themes/default/css/theme.css?2022-12-01.5
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49078dfae4344b16683714bb7e05f4424baf40e6a6151c0867eb85b94b77deb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-01
last-modified
Tue, 05 Dec 2017 08:06:31 GMT
server
cloudflare
x-map-context
my
etag
W/"5a265387-30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tq2dSA5pGwyFeIB%2BkHg7kwa8hv7NdXkaK854%2BeApay7zPjnLxXrdkh4pDQtUyKdV108NNQL1py5BhsUVZ03wCWYE0oA4AIfBHME4Zzx6Vr6KxDqyLGNaFZWipR6svsWDtqToYSefIBA8ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
77307bfab8f290ee-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
MooTools-Core-1.6.0-compressed.js
www.my-confirmation.com/_global/js/framework/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.my-confirmation.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-12-01.5
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-03
last-modified
Fri, 10 Nov 2017 11:48:17 GMT
server
cloudflare
x-map-context
my
etag
W/"5a059201-15e64"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyqOUdn%2Fb1LAcr4kIpyVyWMw6apX3%2B%2BHqmlm6mPdgEw2MBAuJh4Hsn%2FeCoRmP%2BFwqba%2BBx1Ns2JZWnjgyS7QRTaOTJiwSmvuzbiGGmXwtzXvGqi00DUZf7FvCmzfFegw7FOk3MtoJCuQgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
77307bfab8f390ee-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
scripts.js
www.my-confirmation.com/_global/js/ 		55 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.my-confirmation.com/_global/js/scripts.js?2022-12-01.5
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0277c1245f8103772c6a4a0a401df99e3bf8de48b79d3fc7689106759b80070a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-04
last-modified
Thu, 21 Jul 2022 07:31:48 GMT
server
cloudflare
x-map-context
my
etag
W/"62d900e4-dd9a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKuB9FDGqyr2m8j3K%2FOAvuFxTj2ZabZgyWiy3eY17FSxyVihMbtfyrQ65ZHPD2Zn2efmVB6pSoQ9dhDfn36esLzbnB48fXTFN6lLEvrImdg0V5BQ51d7L%2FXZVzuzvMAY%2F%2FPyx161hFkYgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
77307bfab8f490ee-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
global.js
www.my-confirmation.com/wingame/global/js/ 		530 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.my-confirmation.com/wingame/global/js/global.js?2022-12-01.5
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e36616c10fcddc4d0e321d1d711e95d353d1df079d1712e6fa65301be1808eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-03
last-modified
Fri, 01 May 2020 13:12:08 GMT
server
cloudflare
x-map-context
my
etag
W/"5eac2028-212"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLTto7qnDwnOqxKFRH9vmmYdTULLK2dWPCGC2v18uBQeToNincqptt3xkb4355WlDWpmgud0M5H57hJ1WoimA%2BJjsbbTQnJyk2SDkXcUdB%2Fj4W10EjNbDZbB7gnQIQ58MB0FWzFxYGPMZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
77307bfab8f590ee-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
series.js
www.my-confirmation.com/_global/wingame/74/js/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.my-confirmation.com/_global/wingame/74/js/series.js?2022-12-01.5
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
398c728c2c48a8bacca49d082597c6de06028aa7adb9032c7c5cff08cc17ebaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-03
last-modified
Wed, 25 Nov 2020 12:42:01 GMT
server
cloudflare
x-map-context
my
etag
W/"5fbe5119-3e54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2uP5FSELyzOu9ytc8DdduFyZ6sRFmtDX%2BKgtZ6xf4NXWAmvFoJL7psSlFLe3KMkk5S66ZLruyjt%2FIvzLNa%2FHXomIocNmMA0mz4AHXpTU1vEmoLSFDNkQt27SwmqYAd0pQIJGD%2FOnX0tmoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
77307bfab8f790ee-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
sweepstake.js
www.my-confirmation.com/wingame/49/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.my-confirmation.com/wingame/49/js/sweepstake.js?2022-12-01.5
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9faacdbdab3e8d9530ca07c3a8be0de5f31aa1be47ada1db67129adcbb3eb19a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-03
last-modified
Mon, 10 May 2021 10:07:09 GMT
server
cloudflare
x-map-context
my
etag
W/"609905cd-13dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1p7%2BMOz9EyHP1sByUtp2vYD0exEVg8h2Y4k85f2y0QwkqEDzSUUshBEf5iRApIEwiRpX64sZ4ouMF34w6G286ybKwaxn2Sobvym%2By56pnlCaFG2M4tTMeZT5GmmBcCHMcbU5fOK3e5o6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
77307bfab8f890ee-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Dec 2022 02:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 00:13:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Dec 2022 02:03:07 GMT
script_49.js
www.my-confirmation.com/files/web/sponsor/_sponsoren/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.my-confirmation.com/files/web/sponsor/_sponsoren/script_49.js
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22f33d2bfab399ac4be0ed592894cd803fef3bd7a1f65256adaf4a556622d00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-02
last-modified
Thu, 01 Dec 2022 09:35:33 GMT
server
cloudflare
x-map-context
my
etag
W/"63887565-f82"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RjhhNBvABYmksZpcBazHJZ1r9%2FOMkmNMQYU60eSUFbdW2q3xqk8Gb8n9Yx8k7bnIpXL%2B2%2Bts16isfHfy9CrtNiL5fxWaTcC3TtwL6JvieccR4%2BS3%2F4eC8p%2FEl2h9JXqPE%2Bqb47wZ9r5LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
77307bfae92990ee-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		142 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83d4ea99921a8384679afeb7a0dfeb81ab59af9bd9e557be02cedf5e17381187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49069
x-xss-protection
0
server
cafe
etag
17259771753911567408
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 02:03:07 GMT
image_203_925_1611129967_cp_image_1097_925_1611113074_cp_image_494_925_1611110305.png
www.my-confirmation.com/files/web/freetest/_images/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.my-confirmation.com/files/web/freetest/_images/image_203_925_1611129967_cp_image_1097_925_1611113074_cp_image_494_925_1611110305.png
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a5e55a3dc6f590f8e308caf844a2ce4f9103f618b2ee75fceb94f3556fb26e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
114902
x-served-by
c-04
last-modified
Wed, 20 Jan 2021 08:06:07 GMT
server
cloudflare
x-map-context
my
etag
"6007e46f-1c0d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OT88xH8FMO9ae9oDU7oasFC1db5cdb7vYZErDQLXDwG6UGo5m6AGwAy2XPXw40zTKOdcqdadlCN5ibbtPk4rINfoqmDadPy9rrfkT7EbrS7mxU%2BhAqyZNFM7Xu1G7GewRVuEHKk1uQh%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
77307bfb7ffa90fe-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
image_203_927_1611129967_cp_image_1097_927_1611113074_cp_image_494_927_1611108904.png
www.my-confirmation.com/files/web/freetest/_images/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.my-confirmation.com/files/web/freetest/_images/image_203_927_1611129967_cp_image_1097_927_1611113074_cp_image_494_927_1611108904.png
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaf43365d1b6bc6c34d5a18df10d0f8f83b310eb29b3b353576339fc500ecb23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
101125
x-served-by
c-01
last-modified
Wed, 20 Jan 2021 08:06:07 GMT
server
cloudflare
x-map-context
my
etag
"6007e46f-18b05"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clNdFs%2FvODlWmfAxK%2FGtA2awfCrfAwBXWi5m2ROA0fMt55iftchYx9KofA%2FdT4zwf5b4tSfJmem39ur7Ij0vZbjRQx9OFoYNgmPEeys0Fdyt%2FMcaBzrJBDhJugPS8nvjPdTS7rlT9xTX%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
77307bfb7ffc90fe-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
image_203_929_1611129968_cp_image_1097_929_1611113075_cp_image_494_929_1611108905.png
www.my-confirmation.com/files/web/freetest/_images/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.my-confirmation.com/files/web/freetest/_images/image_203_929_1611129968_cp_image_1097_929_1611113075_cp_image_494_929_1611108905.png
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a58b82b21f022e7c46c2991de1b482b3d2c4557befdfff20554e55696ec00d1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
119680
x-served-by
c-04
last-modified
Wed, 20 Jan 2021 08:06:08 GMT
server
cloudflare
x-map-context
my
etag
"6007e470-1d380"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7p5cbW5Cg59BEwEG7VvTnKug9PQuNkfgzrKkF06dSoFKa3vU0CLJR0y3sMM6kLUXmIo7q6t3OTnRchCpF2TBEMtrneZbbTVikZGNwyo%2FbHpTV6SnhQ2yIEOxkPgjRwW8RctVGqK29mutA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
77307bfb7ffe90fe-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
sweepstake.bundle.js
www.my-confirmation.com/dist/49/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.my-confirmation.com/dist/49/sweepstake.bundle.js?2022-12-01.5
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bc68841436e60e608013597911280d956e02f9e579da608a2f2b806de74094e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-03
last-modified
Mon, 12 Sep 2022 13:34:45 GMT
server
cloudflare
x-map-context
my
etag
W/"631f3575-4815"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8xq3uxxyMGmypn9LHP%2FlVJhhR48abDrmx9bwrd%2BYjCzCseuO9BfnXZyLeQ7mXkhqaauT9y8CoEa%2Bqx8ahFm0OX%2F9%2By19UqgFVTNo6ct3JjjvK0wnPY5p%2BzVDaZH1WDXddSnFJU%2BhzIlNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
77307bfb4fe390fe-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
LMkzAySeZzpZwtCZ6.js
static.cleverpush.com/channel/loader/ 		206 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/LMkzAySeZzpZwtCZ6.js
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf81c0e68c7edb0825cf03143de593cedeecfca53775d22c8b27b5ce7de8050

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 02 Dec 2022 00:19:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
4206YFMA5Y61Q6GQ
etag
W/"9cd6123fc18b0c8e246901c6fd1cda7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2p%2BdYqbrJMy%2B%2B%2B9%2B8V5qnNnljHXY7eEf8VwD0Lm1%2BASElBKB1i%2F6P8WrZ5C82eGlfeHCmBPzfu9k8WUylpvCNhmh5pDKR6NYmB%2B90Y0knsnwbtA6WcfrO6r7AMkmuzYXhCeuO0d7dsAPiJWqTwGu%2Fiy7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
77307bfbfe2e918f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
U3Csva5kVNZG6ps3kPMhspaD1BN/QrOTNz+5lYLVpzNw2UxlHPeBDxwuWgORDCUYL2VhDKGxYWM=
logo1_105_1466992724.jpg
www.my-confirmation.com/files/web/sponsor/_logos/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.my-confirmation.com/files/web/sponsor/_logos/logo1_105_1466992724.jpg
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b605ed8d3a6d70f9e54734e62a2a29807d0dfffb1339590e3bb145a36da7e67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7771
x-served-by
c-03
last-modified
Mon, 27 Jun 2016 01:58:44 GMT
server
cloudflare
x-map-context
my
etag
"57708854-1e5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUuF85N46W9tods0m2WoXXJBjlqvz5Ptcco2IhxvmnILVBRIl66F3ANq6Tf%2FIwoPV%2B8PptLTxZdrY83K8vE%2FKK%2FM%2BY8ltGYQlhNjG%2Bldz4ER5xiISLsH%2Fdn3l3M8XgTwuJtJWm6Z1mzp3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
77307bfb7fff90fe-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
logo1_SL_432_1587362295.jpg
www.my-confirmation.com/files/web/sponsor/_logos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.my-confirmation.com/files/web/sponsor/_logos/logo1_SL_432_1587362295.jpg
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9fb1cb6bc64f856fed396ab410f575d9a4c127e81e414053203f6a49fe260e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2255
x-served-by
c-03
last-modified
Mon, 20 Apr 2020 05:58:15 GMT
server
cloudflare
x-map-context
my
etag
"5e9d39f7-8cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tF6SrR3Egd6y%2BU0bzHl7S%2BRqmmtoKU6G84xVCFbryigHRSwO%2F7UetKYNPZ%2Fj4f1gZy73TcY2tvLBDVzgToxrFMWmzP5Bjxuu%2B3mRYKEpQMBAkS0OLzSHFFfVwMfeF8V%2Bj8Idw5VQ4JgOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
77307bfb780090fe-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
logo1_644_1550822179.png
www.my-confirmation.com/files/web/sponsor/_logos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.my-confirmation.com/files/web/sponsor/_logos/logo1_644_1550822179.png
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95c87667fae190da3a2e3b9fe4a3808b8d672885cfa1b0b5d56c2d6f938e7cd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1205
x-served-by
c-01
last-modified
Fri, 22 Feb 2019 07:56:20 GMT
server
cloudflare
x-map-context
my
etag
"5c6fab24-4b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpISbeepZFFFXVNwWg5BjBwAwHQJfiCHonE6V89jlV%2Fp3HNsKzsr7aMCjLcSijtnr4%2Fb2JkQDZ7tm%2BDaGEstJIcOEULXShlUt0iluXi8DR%2BwZsdgN%2FbX0VBR9mGmmd22Hu5SFbfduuPECQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
77307bfb780190fe-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
logo1_145_1356053739.png
www.my-confirmation.com/files/web/sponsor/_logos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.my-confirmation.com/files/web/sponsor/_logos/logo1_145_1356053739.png
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300f6a8ecce9e4cf6470c121a24321e91c10fada12cfbe90950342ef1682d4d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1304
x-served-by
c-01
last-modified
Fri, 21 Dec 2012 01:35:39 GMT
server
cloudflare
x-map-context
my
etag
"50d3bceb-518"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSqZQCROkmcx45vFAOLVxr%2FPXuGe9MRkHXLs2Rqb47VdZcQd1bcoCgfBlZBIk2qusO19pmJw0ROti0%2BYy2wqIjxfcOZgW7MzPh%2FRn%2FI3R1xHvrl1LrrVSp1ZXL8l4c5A6r9Hy4%2BxH%2FvLiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
77307bfb780390fe-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
bg_samsungs21_nz-pr03.jpg
www.my-confirmation.com/_static/_global/_supload/images/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.my-confirmation.com/_static/_global/_supload/images/bg_samsungs21_nz-pr03.jpg
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
173864b64601917cb4afb5ee822906019fdad8c4161d3a31e9a563dcb7c06069
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
100073
last-modified
Wed, 20 Jan 2021 01:51:51 GMT
server
cloudflare
etag
"3532993339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nITrpLajIfPAGAuAudeOz7%2B2HQFIkIjp2JXcWNMOF85cA%2B48NFbfleyn45jqAOABsx%2Bm%2F6eFTHZkNC8HpMbeKJtoqlYFXOlOYREylPyBdaBsS9C8PFA1wTIDJB0htW1f6USmMFMZiJscFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
77307bfb780490fe-FRA
expires
Sat, 03 Dec 2022 02:03:07 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.my-confirmation.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 16:44:52 GMT
x-content-type-options
nosniff
age
292695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 16:44:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.my-confirmation.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
22852
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 19:42:15 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.my-confirmation.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc9c4f33357e122d929514fdfd32fc6d874f8577240fd158de9b48204eb79066
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119174
x-xss-protection
0
server
cafe
etag
5611531512808220751
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 02:03:07 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame EC5A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.my-confirmation.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
32706
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Dec 2022 16:58:01 GMT
etag
10353107486223812946
expires
Thu, 15 Dec 2022 16:58:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
5.114db37e0f7e023a27ac.js
static.cleverpush.com/sdk/chunk/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/5.114db37e0f7e023a27ac.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/LMkzAySeZzpZwtCZ6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5fe9fd0aa472fd0ce47490757341a45ac208820e1cabae999b9f948b6e0cdad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZZKN36FDK775B1AE
age
22628
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ReKltfMx9hdfl0rQg4lLztULPPLwnUZmhu2Kb7WhwNsU99Gd5/BvStQmt4PXSj5xMZ+s0oqBe9I=
last-modified
Thu, 01 Dec 2022 19:45:49 GMT
server
cloudflare
etag
W/"4e709fa3adcaf7e57f8afce46ca2963a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9yCMASwhjkrEJTnynyAqt4lq76bJtfLvkM9YvgdW5%2B%2FbFDsULwA35g3OgGDqPtPMBKA8SSXxngXDpnxK2IvBj%2BM2O9vpLy0Nbv6t4gnYUx7AruQXm8j4bIuS6MwiLi%2FKkkdmyTa9wK6n3S7rRbkRQMD5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
77307bfd6f039b3a-FRA
251.ff5b3c0c290e9961835b.js
static.cleverpush.com/sdk/chunk/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/LMkzAySeZzpZwtCZ6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SEGC2SKJTP4VHW7A
age
22628
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
US5NrU0//Hsvi9pdr/FJmRrqqfcGECGHKRsVOJ4c5iw30o9GaaJMVp76T/ENzsax4oyQmwB0z5k=
last-modified
Thu, 01 Dec 2022 19:45:48 GMT
server
cloudflare
etag
W/"e89cddaa8c63cff3a495570a91d5e690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOSg49dowPGGP1DAtxESg5bmJbZaSErImHdapMcHOXu%2B8uG8oUtnlpEYhh6GLQzosLcWfowT3EWJolAghqhOjQL6pRQ7DT83No9O5go%2B%2FTUhsd99gKCyJUmctpl8xpwSlo44jh%2BoUNYCSK7pak4f9i7Qmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
77307bfd6f069b3a-FRA
115.ba0d7343026308ac5af6.js
static.cleverpush.com/sdk/chunk/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/115.ba0d7343026308ac5af6.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/LMkzAySeZzpZwtCZ6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bd25db9e9cd5fcc44afc53fe9f72a60487085491595001a2841bde54d5abf9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SEG2VJB6GGYEP1FG
age
22629
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Kerp028svmuK4grB2F/mAjF4BnwNv+cc8b2aJQUM7f/hh/18u+nWAsoQRgeQQ9VizGaErCo/DEY=
last-modified
Thu, 01 Dec 2022 19:45:48 GMT
server
cloudflare
etag
W/"bdf3b760e2b81b6f97aa3f8f66d110e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQyD%2FY5zFuaezVVjRF1xydTMkqth%2FZePv6fLOk%2BHQs4YJho3lpsYWs61AUEHZ1of%2BI3s6pgGdYowwIolLdhqlOcRmyi3rH2bAXPp5h8VfW11WvI8F6WH09GcKuFoRIvKD9jAecIPJa8OTA%2FzxXQrHzQZ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
77307bfd6efe9b3a-FRA
iframe
myapac.mycleverpush.com/ Frame F938 		69 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.my-confirmation.com
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.25.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.25.203.116.clients.your-server.de
Software
/
Resource Hash
812c78a465b00a4dae107cc8d0dfb2878b784d5df4f96d08a39803dec892bee2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.my-confirmation.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept
cache-control
public, max-age=1800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 02 Dec 2022 02:03:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-backend-server
cleverpush-worker-2
x-cache-status
HIT
x-robots-tag
noindex
cookie.js
partner.googleadservices.com/gampad/ 		405 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.my-confirmation.com&callback=_gfp_s_&client=ca-pub-2025979610086129&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.my-confirmation.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041de692ecffbed2279d56a1c9a7d90fe91a735c90ef6d49064d1c6676b5c212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
261
x-xss-protection
0
integrator.js
adservice.google.nl/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.my-confirmation.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.my-confirmation.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.my-confirmation.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.my-confirmation.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9BC5 		97 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2025979610086129&output=html&adk=2548858943&adf=2513742895&lmt=1669946587&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.my-confirmation.com%2Fcgi-bin%2Fwingame.pl%3F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669946587641&bpp=5&bdt=345&idt=304&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6775756807467&frm=20&pv=2&ga_vid=731640374.1669946588&ga_sid=1669946588&ga_hid=1438559777&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880&oid=2&pvsid=2973261066920851&tmod=1684023261&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=325
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.my-confirmation.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7e6913a4db1acf7aa74f242d5e0e6fee8f62e3002aad55712e8350eeec6498b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.my-confirmation.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
34842
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Dec 2022 02:03:08 GMT
expires
Fri, 02 Dec 2022 02:03:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
5.114db37e0f7e023a27ac.js
static.cleverpush.com/sdk/chunk/ Frame F938 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/5.114db37e0f7e023a27ac.js
Requested by
Host: myapac.mycleverpush.com
URL: https://myapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.my-confirmation.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5fe9fd0aa472fd0ce47490757341a45ac208820e1cabae999b9f948b6e0cdad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://myapac.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZZKN36FDK775B1AE
age
22629
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ReKltfMx9hdfl0rQg4lLztULPPLwnUZmhu2Kb7WhwNsU99Gd5/BvStQmt4PXSj5xMZ+s0oqBe9I=
last-modified
Thu, 01 Dec 2022 19:45:49 GMT
server
cloudflare
etag
W/"4e709fa3adcaf7e57f8afce46ca2963a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ikIRZUl6dv%2BZQXU%2B9EKTdDD%2BSNgfsvKw%2FukAcCfLE6dMEIhbI4cta7fHeoprmkWLpSC7ljjltkPlj6IAmyWROlH%2FK5ezDsfOzglJ0LLsO3QkpYS%2Bii6%2BjqNuj3DClFofqQi5xi9735EvJX06duB%2FWrrOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
77307bff59aa9b3a-FRA
251.ff5b3c0c290e9961835b.js
static.cleverpush.com/sdk/chunk/ Frame F938 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by
Host: myapac.mycleverpush.com
URL: https://myapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.my-confirmation.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://myapac.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SEGC2SKJTP4VHW7A
age
22629
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
US5NrU0//Hsvi9pdr/FJmRrqqfcGECGHKRsVOJ4c5iw30o9GaaJMVp76T/ENzsax4oyQmwB0z5k=
last-modified
Thu, 01 Dec 2022 19:45:48 GMT
server
cloudflare
etag
W/"e89cddaa8c63cff3a495570a91d5e690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpvuA0crNEo2LRCNNJNQHEtEHHImUXQDolHuZ5Yoz6m1zrl44XUOxoIbMCo7MN3wuoAtsCRginKphvEwIZYBsGQ5RTPANpsX9xtM%2BmYdtkm%2FIt5dZw7SsjuFeGGjY9Y201IEw2TGVdrADTli3pW4vEe1aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
77307bff69ad9b3a-FRA
818.2053369c6ba49d7081f4.js
static.cleverpush.com/sdk/chunk/ Frame F938 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/818.2053369c6ba49d7081f4.js
Requested by
Host: myapac.mycleverpush.com
URL: https://myapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.my-confirmation.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbf8b26356a91137293331c7299846d0e3b394732a158b0c28a5e09333279647

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://myapac.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZZKYS82KWF8K88ZY
age
22629
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
PsuRdYTA39hIzkKZUirhDbLkkC2zy04lttS0ylygpiK4kxXSIXOedZbpJPaJdekrLGz9KmFqhqs=
last-modified
Thu, 01 Dec 2022 19:45:50 GMT
server
cloudflare
etag
W/"9c2d7319802a49372e38ced07eee7c81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikXW4FlgI0N6HULSBsFdxexFABaEozPE0nrwMQyQsrRh%2FpttMk5WioZHGuYWFyVSWTfh4GSbKUVsGt9uRcNAk5JKG0XhpNJ4H5I5GeKWYvWpgREGB3c7f%2BtojFExnh47AI1kFNsyLzKA52pv%2BLS2uofy7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
77307bff69ae9b3a-FRA
103.b06b9a0145dcabe481ae.js
static.cleverpush.com/sdk/chunk/ 		95 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/103.b06b9a0145dcabe481ae.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/LMkzAySeZzpZwtCZ6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec8dc19ecab9f739cfd58f49179a4b96e94c86139132d732e12bfcccb939348

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SEGC1S3ASQX8851Y
age
22630
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
NHmzS+t01eOEWkcMD7y6IJBSO7AFaonGL4GQvCLTrm/hCvCv8sqxn0C8Mz7u7dq70TmwHh/9HiI=
last-modified
Thu, 01 Dec 2022 19:45:48 GMT
server
cloudflare
etag
W/"c86abffed45846c44a1f82cb01c240b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FZXP8mwYt9sXNokZVmAjlauR8ZyhrU2LWXDtg5wLLXhcNRgRGF3dvSC7YqrlncYfdku80vIFUHKfWYhJCy8UFc6NWqyLFV4azSK%2BcyfwSvzj%2Fa89JRD7bCl%2F%2BKB7Zl46Tp7ZbKvWGlCTAsNNGnC3RDQrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
77307bffba309b3a-FRA
720.88a3607d4c17ce2453f0.js
static.cleverpush.com/sdk/chunk/ 		47 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/720.88a3607d4c17ce2453f0.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/LMkzAySeZzpZwtCZ6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dfc52adc4b2e77ac5881bf9ecfd0250aaba890abc09b3ad674cc62e455c0be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TQEYJT79HFD3W0BK
age
22538
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ID9uC1lf+SRjO/xTXjwUmPE+D/3td8SAApJ3pHPszK9pw4zXwtLtGRgYR73lq+MupIhhft7SvNc=
last-modified
Thu, 01 Dec 2022 19:45:49 GMT
server
cloudflare
etag
W/"068eefa4304043bf1bb6ddedb6bea8e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HN%2BWvNRpyKJc1sLeWiM6oY2r1%2FqbrbGs5eHFx%2BWcxr0wFEprA40hjHADkXFFnSE8Z8BmlIPt8TwodygoLSwcuzWE6S5NCBSP%2BVAzpmxg93YTxHtYyxaTUjEBQ4mFOjq%2Bs4L2DJHOTEJ9gbpx%2BmbtFBDtrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
77307bffba319b3a-FRA
optin-visitor
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.my-confirmation.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77307c00ed4b9177-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Fri, 02 Dec 2022 02:03:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9IcCBTVwEbnT%2Fys%2F3SCK%2BRJCOW15pFV46slD8Dvb2dkIC2dyoJuBg547n4y%2FGnmwsLyuacKHtb0lSwHvWF5Dj3%2BNxtF5sxkfhva13Dsw8epG5u7JkkH96T1zpvpkY23I4ke3T8jtvQiM%2BsjLqUQPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
confirm-alert
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.my-confirmation.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77307c00ed4d9177-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Fri, 02 Dec 2022 02:03:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SfzITcBrLLW%2BkC29flaVuAlgZW7KN6bU9DZoguat6ItR5%2B1UP%2BNq1dTfu%2F1%2FVmdV%2FbeHRflemH43VicuwgY43jhbhCfOvE%2F4h9gE0HjAYcZdTtPcu51AmsjSVLEumoByC%2F%2FiwtmgiTRtAMhTaCFtg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
optin-visitor
api.cleverpush.com/channel/ 		16 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/LMkzAySeZzpZwtCZ6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.my-confirmation.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcPHuQE1GRZvKU5VCboyCDw1PFN7ijrDt%2BfHF%2BJ9SA8Jege4Jn6QDGa%2FvvHgphDv8PuymuRBuBFA2QEd%2BAFORJwsfH2Pn2QpUfLt%2BvPhN6mN8dXZMJLsVh7gkrirpQVks%2FIiSAHlweveL2MxbbQ4Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
77307c016e1f163f-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
confirm-alert
api.cleverpush.com/channel/ 		16 B
614 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/LMkzAySeZzpZwtCZ6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.my-confirmation.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gsmtjyw7L%2BBjO8%2Feo6knMbdA6po3EntQhXG5wikXDccQfDgBGkoxHeenzeHaf0MLWrJoKDDJOZCW5h%2F2G0Y0ZGsPMdd2ZFxpTL0CRVvVDhyqnHSAoR87q55klBouilzVVoXqI96MSye%2Fplw5KTUdwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
77307c016e21163f-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
global.pl
www.my-confirmation.com/cgi-bin/ 		1 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.my-confirmation.com/cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-map-context
my
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jr25tgTaFSkB3XEchDfob38AVSTDQf9vVwqhW6kyRdVaYGCYSqJtkb%2FfbWoNDVT7KooO2k%2BF%2B8K5edMT261T3PvFDKdlrPNrSqVvKGiv5ZzmQbW5RbxaBUj4duMvw32vLvSi2mVzLySnww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
77307c006b3290fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-03
jvJnMHFp77BgNGWPK.png
static.cleverpush.com/notification/icon/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cleverpush.com/notification/icon/jvJnMHFp77BgNGWPK.png
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9dd2b94a3ff115cb7475222f18127dbf181da22ca662f7721b69a231d60c3da

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BG3KCHM4AJH785CP
age
4192
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5014
x-amz-id-2
5JVMKa8dmIj89eOplSDLtTYLafRToIoUa6V3RqZvxEnw88eO7zLrlgj9lztCyEXEnnhQBb42F/w=
last-modified
Mon, 19 Oct 2020 14:23:36 GMT
server
cloudflare
etag
"971cc209e2a268d6a0c46f9159caff90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U40ILXNIvGGUQeQ2ipps%2BneBI25fmQeyN7XrrgdhfJrubhOzktKqVLD9PZ9Fqge2%2FeGyyLal7e%2Fk6LXzefh%2BKjSQVYiqbzb1R1KLnaQrjeW8O2bp%2FlBMC%2BPqrH71yi%2FOtP8FJsIDrE3SyTm8166Z2TGjQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
77307c006b3b9b3a-FRA
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.my-confirmation.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f07173f556fd121ae07ae8336970e75aa063c08577d6c6c30c40b4e6d042da1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52280
x-xss-protection
0
server
cafe
etag
15115091755786014197
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 02:03:08 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.my-confirmation.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.my-confirmation.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.my-confirmation.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.my-confirmation.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame F45E 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.my-confirmation.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.my-confirmation.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
55151
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Dec 2022 10:43:57 GMT
etag
10353107486223812946
expires
Thu, 15 Dec 2022 10:43:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame F45E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CtfR73FyJY52xBIy-9u8P_6SY2AiKppzhbNmVtcP-DZv08NzTLxABINDErWdgkYSghYwYoAGk3ZqLA8gBAqgDAcgDyQSqBO4BT9DzH8XbDV2ATtmDjUZJt2aBYIWjuZY0lIICXucs273226uEc43Isfbb3eSyJiFg35SlgTAFV5UmdPXWwCg3iGGZJhtEjuB_0pqrdU8ceXK6DlVNQRC6THixafLova9QCbrLsqIrdn3RgFLWx-knuYI5pYINabIqqVrcpQMrghiq0xj73Q0w7CfSt0U2GrczOGvsz_ZnNPUM6cvBCHo0CgmNbpaCVS0PFyAXEYgzRisKHvV5tjmenNUd-1tWbP2FcNCQ6DiQ2VvgGqA0HkX1on7GM0gkbj46K1gQ9bOweTl8Ilr0v5Fy6wqvoi0ID8AEzoW1z8EDkgUECAQYAZIFBAgFGASgBgKAB8Si5XSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD2613SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0yMDI1OTc5NjEwMDg2MTI5GAA&sigh=HUCAIoIgncY&uach_m=[UACH]&cid=CAQSGwDq26N99od1vUR3ruwA6FtvQAeWxX1XDE71MBgBIBM
Requested by
Host: www.my-confirmation.com
URL: https://www.my-confirmation.com/cgi-bin/wingame.pl?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 02 Dec 2022 02:03:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 02 Dec 2022 02:03:08 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame F45E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 14:38:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
41064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Dec 2022 14:38:44 GMT
2384088834180617703
tpc.googlesyndication.com/simgad/ Frame F45E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2384088834180617703?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qklUJ8wGLDDvr60gVnEQwn4y1E9ng
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e370fecce4e39a2960185acf1482babf68aface4bcb853ffcc2317908250cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 09:39:49 GMT
x-content-type-options
nosniff
age
490999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4062
x-xss-protection
0
last-modified
Wed, 20 Jan 2021 02:11:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 26 Nov 2023 09:39:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F45E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 14:38:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
41064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Dec 2022 14:38:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F45E 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 10:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
57139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Dec 2022 10:10:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F45E 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 02 Dec 2022 02:03:08 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F45E 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 04:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
78172
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
cafe
etag
7011066814545187240
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Dec 2022 04:20:16 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame E2EB 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
2064
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Dec 2022 01:28:44 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F45E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0df6163ee3e0bc89e13186e0150bc45b8e1d94eef74328354d171ee931ff6882

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.my-confirmation.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e43fb740129ddbdecd7b141e3263507c688b957a9bde3b6aaf70be27fbea300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11224
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame E2EB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Dec 2022 02:03:09 GMT
expires
Fri, 02 Dec 2022 02:03:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Dec 2022 02:03:08 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
pagead2.googlesyndication.com/bg/ Frame 60C0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 10:40:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 10:40:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.my-confirmation.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 02 Dec 2022 02:03:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DBD7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.my-confirmation.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
13529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Dec 2022 22:17:40 GMT
expires
Fri, 01 Dec 2023 22:17:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7EA1 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a43ff5a32afe27ef24c6617e9ce05a646bd38d2c738840a141829a5334ac6b99
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-l5pVR3yCa5kxOtKcKASHew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.my-confirmation.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-l5pVR3yCa5kxOtKcKASHew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 02 Dec 2022 02:03:09 GMT
expires
Fri, 02 Dec 2022 02:03:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
pagead2.googlesyndication.com/bg/ Frame DBD7 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 10:40:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 10:40:51 GMT
generate_204
tpc.googlesyndication.com/ Frame DBD7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?R2EiXQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:03:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 7EA1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2973261066920851&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2973261066920851&bg=!enmleT3NAAbvMpMzzzI7ACkAdvg8WsCd7nA6O2K6LB-KHauPDfD6iT5k3rR8FLdJrW2o-2KzlUcrqgIAAABXUgAAAAJoAQeZArkZy2II1sQyBxnoBIKMGB2Zk6epVdIWmZLfbda7Rv304HWJ0z2STAUEFqp46BjoDcdlRLLoyav2GhAJftxYnBJxS-Gptnj-vsAnSckkPb-uZkbr0aYwQrqiqkESR_EKz3oUIPciZ4XFe9ocZ5RCEzmBvP_QWAfR1hs-8POuMatmqadWJoNBNmC9xITEzGSq3YZ7WATeDLwaOcBZhey4rajkfV7H90ZWt8sQyFDWdiqXZPNFHI8CmWnjMaFH1UV0jfcCKj1Geu5b7TJaAV6fJLwYTbNwnL4kJs4LWm4CfE3pFD2NO9Mmj1LCAgl6BEB5k_hkK-DKG-0g0YBeQOoSE38RHQiwZTdStG-2beLxrHLKtpp248JnKa5uns1P__z4tMZQU_xXr32LqvXRjtidjVhg3XGlm2cQdNnrIH8eWKaAvFAv_1GY6TuupyPkxSKuFgZhKU0aRnXn5OAHOrlDJQ4flIRFNRnFRWy4AYvRwagXtvrzoql9G4Q4oUWFdvEjpMPt2tfERojtGUxlJLZPLRIr0M1nMHcy4rT41tLjKymNOF1ZbqkFLHQqR1chsTn4GDtE_AyS3Op_puio4mJxZoxN8nGkkkdiD8tNBa2KB2KEaSv3_7gfSfFvq4FRm8XS3IgZZMqINKQpks1DnYYnqMFn0ssPoiTZjGN65cp0lz144rPIQBVAtXo1so0b_tMA7w_6sZc5hUCxjC6TPaxSeIiQQVHu6Gr4Pau1Mc-tfOPV9lZGSijneSC2ceqbjVLGdKoHKLXPAfGnA-Wd-8IZswyKZKdPuCS-SjbUnfNdes1zdIMfd2gphXNzye_S0S5G6rx2fP9BfhUe6w8qzN-HicXPBYZaXwUG9BydYljzQ4nfKqlDkTjdFY4hNb5PehXo4qXkKLPbuZWT8gyKnP_elnZ4ckVvIoNiVT0A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.my-confirmation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame F45E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3WKyvWylnL1sYzH9mCxUSyKIubJCgp16-kGCkQat4Sdj8sO88VXvDcX2Ak1mEItL3PUKG9CWrKX1fSBdzDraXF-r0fTeuUOYJaE2EgMzG7YspjHsyeSGGFSmDkEWLeKNcAshGFg&sai=AMfl-YS9OHGA_K6etw9dDXEduVglyxmEFBeaAf_2Ioyxz4_uf1BRVtJZtFcLo11Pr-kQzrquakwMv66sKYsrrOw&sig=Cg0ArKJSzMzuwmXyfIC9EAE&cid=CAQSGwDq26N99od1vUR3ruwA6FtvQAeWxX1XDE71MBgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=109,792,1000,1126,1133&tos=109,683,208,126,7&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2548858941&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669946588534&rpt=280&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 02:03:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange string| rS string| rI string| pI function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type object| Browser function| $constructor function| $family function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| DOMEvent function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx string| user_device_type object| Maxlength_on_number_fields function| get_parameter function| popunder_on_submit boolean| popmaster function| localStorage_is_supported function| openWindow function| enableFields function| log_misc function| get_enc_type function| isIE object| scroll_into_view function| field_jumper function| backwards_button undefined| trackEvent function| goToNextPageByGoButton function| appendScript function| checkPerformanceEntries object| ab object| log function| check_tel_number string| page_id boolean| page_submitted boolean| voucher_selected undefined| copy undefined| client_pk undefined| email undefined| wingame_pk function| do_countdown function| bigger_checkbox function| iframe_selector function| personalized_button_sizer function| open_iframe function| save_voucher function| pregame_intro function| set_voucher_img string| fb_button_width string| pop_iframe_close_button function| handle_prefill function| pop_iframe_links object| POPUNDER string| sponsor_switch string| sponsorlimit string| sponsor_switch_wingame string| device string| context object| voucher_list object| sponsorArray number| no_sponsor_list_link number| ST_speed number| zeiger number| label string| labeltext boolean| do_preload number| first_pointer function| testLogo function| preload_some_images function| sponsorenSlide object| preload_some boolean| cleverpushId object| CP object| CleverPush function| cleverPushInitCallback undefined| dccBts object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| webpackChunk_cleverpush_cleverpush_js_sdk object| regeneratorRuntime number| __cleverPushSdkLoadCount function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp number| google_lpabyc object| googletag number| c2 number| c1 object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
.my-confirmation.com/ Name: __gads
Value: ID=518cbc7f9405aec9-22ed419257b400f7:T=1669946588:RT=1669946588:S=ALNI_MajuvfTzoGD1UoHsMeJKjRPYBPlHA
.my-confirmation.com/ Name: __gpi
Value: UID=00000b8b5a587d19:T=1669946588:RT=1669946588:S=ALNI_MZGzuhtgDb6b42n8k6fNSz3zwPZeg
.doubleclick.net/ Name: IDE
Value: AHWqTUkOBLeQfe6LmceHKw_TwHytSm7LvygVeSN-PF699rpCYabzVQ7hQ79DhgS9J7g
.doubleclick.net/ Name: DSID
Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
api.cleverpush.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
myapac.mycleverpush.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.cleverpush.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.my-confirmation.com
116.203.25.165
188.114.96.3
188.114.97.3
2606:4700:20::681a:e1f
2606:4700:20::681a:f1f
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:809::2002
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
0277c1245f8103772c6a4a0a401df99e3bf8de48b79d3fc7689106759b80070a
041de692ecffbed2279d56a1c9a7d90fe91a735c90ef6d49064d1c6676b5c212
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0bc68841436e60e608013597911280d956e02f9e579da608a2f2b806de74094e
0cf81c0e68c7edb0825cf03143de593cedeecfca53775d22c8b27b5ce7de8050
0df6163ee3e0bc89e13186e0150bc45b8e1d94eef74328354d171ee931ff6882
16dfc52adc4b2e77ac5881bf9ecfd0250aaba890abc09b3ad674cc62e455c0be
173864b64601917cb4afb5ee822906019fdad8c4161d3a31e9a563dcb7c06069
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ec8dc19ecab9f739cfd58f49179a4b96e94c86139132d732e12bfcccb939348
1f6fdf7a06a8a4a5bc6c9c0a36b594ab0b2631e520b5f4d00e68fcaaa433f7d9
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
300f6a8ecce9e4cf6470c121a24321e91c10fada12cfbe90950342ef1682d4d9
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
398c728c2c48a8bacca49d082597c6de06028aa7adb9032c7c5cff08cc17ebaf
4076636b9ae5e61ad5243e615fc69f4f76e5d515651d5435a1a719937380fff1
49078dfae4344b16683714bb7e05f4424baf40e6a6151c0867eb85b94b77deb2
4f07173f556fd121ae07ae8336970e75aa063c08577d6c6c30c40b4e6d042da1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61bd25db9e9cd5fcc44afc53fe9f72a60487085491595001a2841bde54d5abf9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b605ed8d3a6d70f9e54734e62a2a29807d0dfffb1339590e3bb145a36da7e67
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e36616c10fcddc4d0e321d1d711e95d353d1df079d1712e6fa65301be1808eb
6e370fecce4e39a2960185acf1482babf68aface4bcb853ffcc2317908250cba
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7e43fb740129ddbdecd7b141e3263507c688b957a9bde3b6aaf70be27fbea300
812c78a465b00a4dae107cc8d0dfb2878b784d5df4f96d08a39803dec892bee2
83d4ea99921a8384679afeb7a0dfeb81ab59af9bd9e557be02cedf5e17381187
95c87667fae190da3a2e3b9fe4a3808b8d672885cfa1b0b5d56c2d6f938e7cd9
9a5e55a3dc6f590f8e308caf844a2ce4f9103f618b2ee75fceb94f3556fb26e7
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9faacdbdab3e8d9530ca07c3a8be0de5f31aa1be47ada1db67129adcbb3eb19a
a211fa8cfb82dcb3b146a1b52b658cb54aab0e8643753a2ee4e91bbab7cea84d
a43ff5a32afe27ef24c6617e9ce05a646bd38d2c738840a141829a5334ac6b99
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58b82b21f022e7c46c2991de1b482b3d2c4557befdfff20554e55696ec00d1b
a9dd2b94a3ff115cb7475222f18127dbf181da22ca662f7721b69a231d60c3da
aaf43365d1b6bc6c34d5a18df10d0f8f83b310eb29b3b353576339fc500ecb23
ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23
bbf8b26356a91137293331c7299846d0e3b394732a158b0c28a5e09333279647
bc9c4f33357e122d929514fdfd32fc6d874f8577240fd158de9b48204eb79066
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
c22f33d2bfab399ac4be0ed592894cd803fef3bd7a1f65256adaf4a556622d00
c51b1731634f8c25134b3ea0442f4ed08db82e039f96d95c3b99786031b20c16
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9fb1cb6bc64f856fed396ab410f575d9a4c127e81e414053203f6a49fe260e0
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fe9fd0aa472fd0ce47490757341a45ac208820e1cabae999b9f948b6e0cdad
e7e6913a4db1acf7aa74f242d5e0e6fee8f62e3002aad55712e8350eeec6498b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615