urlscan.io logo urlscan.io
SecurityTrails logo

www.votreconfirmation-123.com Open in urlscan Pro
2606:4700::6812:6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mu.vihtiae.com/index.php/campaigns/rs769nxm7m8dc/track-url/ro109qsp9v121/700f441d2d1214476842bc127cd04bf549f8290d
Effective URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postbac...
Submission: On June 16 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 6 domains to perform 21 HTTP transactions. The main IP is 2606:4700::6812:6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.votreconfirmation-123.com.
TLS certificate: Issued by R3 on April 13th 2021. Valid for: 3 months.
This is the only time www.votreconfirmation-123.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 93.113.36.194 41011 (CH-NET-AS)
1 1 2a05:d018:483... 16509 (AMAZON-02)
1 1 2a05:d018:483... 16509 (AMAZON-02)
2 2 52.16.200.194 16509 (AMAZON-02)
20 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
21 2
1    93.113.36.194 (Romania)

ASN41011 (CH-NET-AS, RO)
PTR: mx6.usnmail.com
mu.vihtiae.com
1    2a05:d018:483:6110:9d2d:8f6a:69ca:f7c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
gdmtrck.com
1    2a05:d018:483:6130:d5de:5e0c:3558:5f2b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
gfstrck.com
2    52.16.200.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-200-194.eu-west-1.compute.amazonaws.com
mail.hodtd.com
20    2606:4700::6812:6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.votreconfirmation-123.com
1    2606:4700:20::681a:f1f (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
Apex Domain
Subdomains		 Transfer
20 votreconfirmation-123.com
www.votreconfirmation-123.com
197 KB
2 hodtd.com
mail.hodtd.com
2 KB
1 cleverpush.com
static.cleverpush.com
42 KB
1 gfstrck.com
gfstrck.com
3 KB
1 gdmtrck.com
gdmtrck.com
512 B
1 vihtiae.com
mu.vihtiae.com
507 B
21 6
Domain Requested by
20 www.votreconfirmation-123.com www.votreconfirmation-123.com
2 mail.hodtd.com 2 redirects
1 static.cleverpush.com www.votreconfirmation-123.com
1 gfstrck.com 1 redirects
1 gdmtrck.com 1 redirects
1 mu.vihtiae.com 1 redirects
21 6

This site contains links to these domains. Also see Links.

Domain
trk.adstrck123.com
Subject Issuer Validity Valid
www.votreconfirmation-123.com
R3		 2021-04-13 -
2021-07-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-12 -
2021-08-12		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Frame ID: FC71B9F4B705E7F0F32A34CAFB933B23
Requests: 17 HTTP requests in this frame

Frame: https://www.votreconfirmation-123.com/sc/hKWgrGmwooIgsxvKGzGgsMyhioJwuhigmlpRzogoinsLJykosghwxMkJkmQimzmQgkrlskoJlzvgilyIikXrnggiRkgwthiKgmigPqGOhyuqLtjszymiLjgiRKkPimwJOqkHJMiHQhnoxGlGxhgqxigLOIxikimowyLvKquxlKjnzHxPJopqhMhJqRuljuILLumLwKoMrmthlxwgmilwRxJKKjislwImKpysjxmktpHmxyzuLnimxwIuLjhmoMziLpwOsNIsLHjooPiRxpOgsOggq
Frame ID: 803ABCC7361C70132B7C84DABF2FD4BF
Requests: 2 HTTP requests in this frame

Frame: https://www.votreconfirmation-123.com/sc/LoyOhzLMHQNgGkWgHgPgNHvJixJrsOJjsKskpLzqmwxMlRixogKgJLgkjooIghwwOGpuotOksItOgoIqKoxkNOshxmiKrjskLmhKzimGMzoLpJszxjoKrnsxwzktpxsGKumtNmiPhGiilzkrQlgXjiGRLGgkhirGPhGikiwnMyhioJwuhigmuggrmQgkrlskoGoIugqHngszyIroNkOxwIoKgJQhnoxGlRixluQwHvwpMkthtkooiGowOrmthlxwgmikwRwQroxihjkopsyGlngl
Frame ID: 2E675FC3F1763E97AC4E94DCCDC4A00A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mu.vihtiae.com/index.php/campaigns/rs769nxm7m8dc/track-url/ro109qsp9v121/700f441d2d12144768... HTTP 301
    https://gdmtrck.com/?a=69141&c=263155&s2=1750 HTTP 302
    https://gfstrck.com/?a=69141&c=263155&oc=131908&sr=t&s2=1750&vt=1623839029855&h=ed69039cea5b4da9... HTTP 302
    https://mail.hodtd.com/aff_c?offer_id=14513&aff_id=9095&url_id=17710&aff_sub=69141&aff_sub2=41f4a21... HTTP 302
    https://mail.hodtd.com/aff_r?offer_id=14513&aff_id=9095&url=https%3A%2F%2Fwww.votreconfirmation-123... HTTP 302
    https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+foundation[^>"]+css/i
Overall confidence: 100%
Detected patterns
  • script /mootools.*\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

21
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

2
IPs

3
Countries

238 kB
Transfer

537 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mu.vihtiae.com/index.php/campaigns/rs769nxm7m8dc/track-url/ro109qsp9v121/700f441d2d1214476842bc127cd04bf549f8290d HTTP 301
    https://gdmtrck.com/?a=69141&c=263155&s2=1750 HTTP 302
    https://gfstrck.com/?a=69141&c=263155&oc=131908&sr=t&s2=1750&vt=1623839029855&h=ed69039cea5b4da91688773510ff7af74b7a4c06&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D263155%26s2%3D1750&mt=3&sip=2a01:4f8:192:5414::2&sh=57ba1db4dd792288d435f937722e395df79eec0a HTTP 302
    https://mail.hodtd.com/aff_c?offer_id=14513&aff_id=9095&url_id=17710&aff_sub=69141&aff_sub2=41f4a217788048f9a0088aa8ca76f46717347 HTTP 302
    https://mail.hodtd.com/aff_r?offer_id=14513&aff_id=9095&url=https%3A%2F%2Fwww.votreconfirmation-123.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D461%26wingame_pk%3D63%26freetest_pk%3D229%26sub_id%3D9095-69141%26sub_id_postback%3D102446d282bee1e79b1471dbe4e8f7&urlauth=408898189456194467644142022925 HTTP 302
    https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wingame.pl
www.votreconfirmation-123.com/cgi-bin/
Redirect Chain
  • http://mu.vihtiae.com/index.php/campaigns/rs769nxm7m8dc/track-url/ro109qsp9v121/700f441d2d1214476842bc127cd04bf549f8290d
  • https://gdmtrck.com/?a=69141&c=263155&s2=1750
  • https://gfstrck.com/?a=69141&c=263155&oc=131908&sr=t&s2=1750&vt=1623839029855&h=ed69039cea5b4da91688773510ff7af74b7a4c06&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D263155%26s2%3D1750&mt=3&s...
  • https://mail.hodtd.com/aff_c?offer_id=14513&aff_id=9095&url_id=17710&aff_sub=69141&aff_sub2=41f4a217788048f9a0088aa8ca76f46717347
  • https://mail.hodtd.com/aff_r?offer_id=14513&aff_id=9095&url=https%3A%2F%2Fwww.votreconfirmation-123.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D461%26wingame_pk%3D63%26freetest_pk%3D229%26sub_id%3D90...
  • https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
39 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
461d3b8909d8fb97c384d9bda553eed9567be5f7f0953b6c52684f7cd261fa3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.votreconfirmation-123.com
:scheme
https
:path
/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
content-type
text/html;charset=ISO-8859-1
x-firstpage
1
x-page
pregame
x-map-context
fr
x-served-by
c-03
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
0ab5f2549600004e1f5c9f7000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
660353341a734e1f-FRA
content-encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 16 Jun 2021 10:23:50 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
366
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Pragma
no-cache
Access-Control-Allow-Origin
*
X-Request-Id
994da59c29b7652b12b8b01b99bc1835
Access-Control-Allow-Headers
Tune-SDK-Version
default.css
www.votreconfirmation-123.com/_global/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.votreconfirmation-123.com/_global/css/default.css?2021-06-16.1
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d59cb01b6d58a9fced9364ac9df7b0f0c1b43d3a2dd770addbac190af9864c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_global/css/default.css?2021-06-16.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
7484
cf-polished
origSize=4327
cf-bgj
minify
cf-request-id
0ab5f2563c00004e1f0e859000000001
x-served-by
c-02
last-modified
Mon, 18 Feb 2019 07:52:24 GMT
server
cloudflare
x-map-context
fr
etag
W/"5c6a6438-10e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
public, max-age=86400
cf-ray
66035336ca5d4e1f-FRA
expires
Thu, 17 Jun 2021 10:23:50 GMT
font-awesome.min.css
www.votreconfirmation-123.com/_global/fonts/font-awesome-4.6.3/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.votreconfirmation-123.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2021-06-16.1
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2021-06-16.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
7484
cf-request-id
0ab5f2563800004e1f66ab8000000001
x-served-by
c-02
last-modified
Thu, 18 Aug 2016 09:52:51 GMT
server
cloudflare
x-map-context
fr
etag
W/"57b58573-71c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
public, max-age=86400
cf-ray
66035336ca614e1f-FRA
expires
Thu, 17 Jun 2021 10:23:50 GMT
foundation-flex-grid.css
www.votreconfirmation-123.com/_global/wingame/default/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.votreconfirmation-123.com/_global/wingame/default/css/foundation-flex-grid.css?2021-06-16.1
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b229a517a3e9da9e45dd1911e27622ed8078344de5da142382aa2965d3d9304
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_global/wingame/default/css/foundation-flex-grid.css?2021-06-16.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
7484
cf-polished
origSize=20689
cf-bgj
minify
cf-request-id
0ab5f2563a00004e1f73948000000001
x-served-by
c-03
last-modified
Fri, 21 Feb 2020 13:26:38 GMT
server
cloudflare
x-map-context
fr
etag
W/"5e4fda8e-50d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
public, max-age=86400
cf-ray
66035336ca634e1f-FRA
expires
Thu, 17 Jun 2021 10:23:50 GMT
series.css
www.votreconfirmation-123.com/_global/wingame/75/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.votreconfirmation-123.com/_global/wingame/75/css/series.css?2021-06-16.1
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1ba6fb265468a2453e57c51d4e464fb20cd94c3003b96d97ac3e7cce12abe27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_global/wingame/75/css/series.css?2021-06-16.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
7484
cf-polished
origSize=15842
cf-bgj
minify
cf-request-id
0ab5f2563b00004e1f1112c000000001
x-served-by
c-01
last-modified
Tue, 13 Apr 2021 09:40:05 GMT
server
cloudflare
x-map-context
fr
etag
W/"607566f5-3de2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
public, max-age=86400
cf-ray
66035336ca694e1f-FRA
expires
Thu, 17 Jun 2021 10:23:50 GMT
sweepstake.css
www.votreconfirmation-123.com/wingame/63/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.votreconfirmation-123.com/wingame/63/css/sweepstake.css?2021-06-16.1
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8eb8c4b50492f02bdffbed642f9d2c29cf1d1ec1843174161e77e302e38dfdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wingame/63/css/sweepstake.css?2021-06-16.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
7484
cf-polished
origSize=5903
cf-bgj
minify
cf-request-id
0ab5f2563b00004e1f4f0e0000000001
x-served-by
c-02
last-modified
Thu, 22 Apr 2021 06:37:22 GMT
server
cloudflare
x-map-context
fr
etag
W/"608119a2-170f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
public, max-age=86400
cf-ray
66035336ca6a4e1f-FRA
expires
Thu, 17 Jun 2021 10:23:50 GMT
MooTools-Core-1.6.0-compressed.js
www.votreconfirmation-123.com/_global/js/framework/ 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.votreconfirmation-123.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2021-06-16.1
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8f180db5bee6d0f0657465aa933e8e1f3492725403b3058424ab613998500ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2021-06-16.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
7484
cf-polished
origSize=89700
cf-bgj
minify
cf-request-id
0ab5f2563b00004e1f33143000000001
x-served-by
c-01
last-modified
Fri, 10 Nov 2017 11:48:17 GMT
server
cloudflare
x-map-context
fr
etag
W/"5a059201-15e64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
66035336ca6b4e1f-FRA
expires
Thu, 17 Jun 2021 10:23:50 GMT
scripts.js
www.votreconfirmation-123.com/_global/js/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.votreconfirmation-123.com/_global/js/scripts.js?2021-06-16.1
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d087f40ff1faaf11e6acabf0dac337eae122708e660e5ea4cadaf7df225e2e98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_global/js/scripts.js?2021-06-16.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
7484
cf-polished
origSize=56581
cf-bgj
minify
cf-request-id
0ab5f2563b00004e1f29335000000001
x-served-by
c-04
last-modified
Thu, 06 May 2021 08:20:13 GMT
server
cloudflare
x-map-context
fr
etag
W/"6093a6bd-dd05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
66035336ca6d4e1f-FRA
expires
Thu, 17 Jun 2021 10:23:50 GMT
global.js
www.votreconfirmation-123.com/wingame/global/js/ 		2 KB
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.votreconfirmation-123.com/wingame/global/js/global.js?2021-06-16.1
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daa0c2803da4e07d07e6c01c4f77719fdab7ee6561c1e66d5ee349c55a408db2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wingame/global/js/global.js?2021-06-16.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
7484
cf-polished
origSize=3324
cf-bgj
minify
cf-request-id
0ab5f2563b00004e1f7c0e9000000001
x-served-by
c-01
last-modified
Thu, 29 Oct 2020 15:53:22 GMT
server
cloudflare
x-map-context
fr
etag
W/"5f9ae572-cfc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
66035336ca6e4e1f-FRA
expires
Thu, 17 Jun 2021 10:23:50 GMT
series.js
www.votreconfirmation-123.com/_global/wingame/75/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.votreconfirmation-123.com/_global/wingame/75/js/series.js?2021-06-16.1
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b8461cb761b016ab0e2eadccde3b9d4e828ee5ac144024fe13df473d4b24cc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_global/wingame/75/js/series.js?2021-06-16.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
7484
cf-polished
origSize=12312
cf-bgj
minify
cf-request-id
0ab5f2563c00004e1f5707b000000001
x-served-by
c-04
last-modified
Fri, 20 Nov 2020 10:35:38 GMT
server
cloudflare
x-map-context
fr
etag
W/"5fb79bfa-3018"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
66035336ca6f4e1f-FRA
expires
Thu, 17 Jun 2021 10:23:50 GMT
sweepstake.js
www.votreconfirmation-123.com/wingame/63/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.votreconfirmation-123.com/wingame/63/js/sweepstake.js?2021-06-16.1
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e33445590a22392ca432d44ed78fa494b1ad5eada8bc5d7c42ee686ed6ec6408
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wingame/63/js/sweepstake.js?2021-06-16.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
7484
cf-polished
origSize=3376
cf-bgj
minify
cf-request-id
0ab5f2563c00004e1f4089e000000001
x-served-by
c-02
last-modified
Thu, 29 Oct 2020 15:53:22 GMT
server
cloudflare
x-map-context
fr
etag
W/"5f9ae572-d30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
66035336ca704e1f-FRA
expires
Thu, 17 Jun 2021 10:23:50 GMT
close_icon.svg
www.votreconfirmation-123.com/wingame/global/images/ 		841 B
684 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.votreconfirmation-123.com/wingame/global/images/close_icon.svg
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6625aafc5018f0230c6c78dc48379d86ae4ea03dbe7674ace540bf27dd87976

Request headers

:path
/wingame/global/images/close_icon.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
content-encoding
gzip
cf-cache-status
HIT
age
84584
cf-request-id
0ab5f2566200004e1fdc068000000001
x-served-by
c-01
last-modified
Tue, 06 Apr 2021 09:53:12 GMT
server
cloudflare
x-map-context
fr
etag
W/"606c2f88-349"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
660353370afe4e1f-FRA
expires
Thu, 17 Jun 2021 10:23:50 GMT
logo-carrefour2.png
www.votreconfirmation-123.com/_static/_global/_supload/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.votreconfirmation-123.com/_static/_global/_supload/images/logo-carrefour2.png
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2acb11aaa510314dda747b7cae606aed69c58cbec2b2a4e33b33d416eb955dc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/_global/_supload/images/logo-carrefour2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
vary
Accept
cf-cache-status
HIT
age
11976
cf-polished
origFmt=png, origSize=2696
content-disposition
inline; filename="logo-carrefour2.webp"
content-length
2538
cf-request-id
0ab5f2566200004e1f43a84000000001
last-modified
Thu, 07 Mar 2019 14:22:12 GMT
server
cloudflare
etag
"1328170338"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/webp
expires
Thu, 17 Jun 2021 10:23:50 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
660353370b044e1f-FRA
cf-bgj
imgq:100,h2pri
image_229_966_1622793623.webp
www.votreconfirmation-123.com/files/web/freetest/_images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.votreconfirmation-123.com/files/web/freetest/_images/image_229_966_1622793623.webp
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
354a57edb89e4a258ec94b58533278501515c97cb917f40fac2a5c6e217c93ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/files/web/freetest/_images/image_229_966_1622793623.webp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
vary
Accept-Encoding
cf-cache-status
REVALIDATED
content-length
21130
cf-request-id
0ab5f2566200004e1f26179000000001
x-served-by
c-04
last-modified
Fri, 04 Jun 2021 08:00:23 GMT
server
cloudflare
x-map-context
fr
etag
"60b9dd97-528a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
660353370b054e1f-FRA
expires
Wed, 16 Jun 2021 14:23:50 GMT
JzNYHB8hTYGdToADx.js
static.cleverpush.com/channel/loader/ 		175 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/JzNYHB8hTYGdToADx.js
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f21615ee119d5b1e9c9c4424c097e7ab92380cbfce7fc7b1b3fd8d6ffb9558a6

Request headers

Referer
https://www.votreconfirmation-123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10317
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
H0GAWSDMTJSSGXRX
x-amz-id-2
3vELhgUowX9wM9a1VNg+YNO4HDoiQrzAQiikJ68XnIQKhVndlKGIdm/tr36viFeGZc2A4THAQag=
last-modified
Wed, 16 Jun 2021 00:33:11 GMT
server
cloudflare
etag
W/"df62ac334163c5959c872c1c8e4f4ee1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2B2QV9Ud8MNkoVSZePCd6QkqIPD2VlzKEHM3tojRHwgCtJ4gvi7KAYsqX6IYiUbxING806nnTVoAI9z6JeyNx7yJgbCNHdLLp5g5QdZr3ry7l80najO2mTE8Dl9YZ18%2FRGt1zLzx%2Fxydk7bvaOZg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=5356800
cf-request-id
0ab5f2567200003140cab71000000001
cf-ray
660353371b843140-FRA
bg-carrefour-be2.jpg
www.votreconfirmation-123.com/_static/_global/_supload/images/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.votreconfirmation-123.com/_static/_global/_supload/images/bg-carrefour-be2.jpg
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fdc98697ed2259d6738a1608d142ac901e80b3b1ad5a045a719b61d05a27532
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/_global/_supload/images/bg-carrefour-be2.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
14855
cf-polished
origSize=104788, status=webp_bigger
content-length
92429
cf-request-id
0ab5f2566300004e1f23ad9000000001
last-modified
Thu, 07 Mar 2019 14:15:27 GMT
server
cloudflare
etag
"3926275033"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/jpeg
expires
Thu, 17 Jun 2021 10:23:50 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
660353370b0a4e1f-FRA
cf-bgj
imgq:100,h2pri
PatuaOne-Regular.woff2
www.votreconfirmation-123.com/_static/_global/_supload/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.votreconfirmation-123.com/_static/_global/_supload/fonts/PatuaOne-Regular.woff2
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b06b49751830454c06bdcdcdf7516603fa2e21595e8359c0a087d70aecd52a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/_static/_global/_supload/fonts/PatuaOne-Regular.woff2
pragma
no-cache
origin
https://www.votreconfirmation-123.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.votreconfirmation-123.com
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
13506
content-length
14004
cf-request-id
0ab5f2566400004e1ff49b8000000001
last-modified
Thu, 07 Mar 2019 14:30:13 GMT
server
cloudflare
etag
"2617426705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
font/woff2
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
660353370b124e1f-FRA
expires
Thu, 17 Jun 2021 10:23:50 GMT
hKWgrGmwooIgsxvKGzGgsMyhioJwuhigmlpRzogoinsLJykosghwxMkJkmQimzmQgkrlskoJlzvgilyIikXrnggiRkgwthiKgmigPqGOhyuqLtjszymiLjgiRKkPimwJOqkHJMiHQhnoxGlGxhgqxigLOIxikimowyLvKquxlKjnzHxPJopqhMhJqRuljuILLumLw...
www.votreconfirmation-123.com/sc/ Frame 803A 		243 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.votreconfirmation-123.com/sc/hKWgrGmwooIgsxvKGzGgsMyhioJwuhigmlpRzogoinsLJykosghwxMkJkmQimzmQgkrlskoJlzvgilyIikXrnggiRkgwthiKgmigPqGOhyuqLtjszymiLjgiRKkPimwJOqkHJMiHQhnoxGlGxhgqxigLOIxikimowyLvKquxlKjnzHxPJopqhMhJqRuljuILLumLwKoMrmthlxwgmilwRxJKKjislwImKpysjxmktpHmxyzuLnimxwIuLjhmoMziLpwOsNIsLHjooPiRxpOgsOggq
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c718ff8c7f55ff120b80534b6a70b8df9b897dee172385368c0da3ff6f8b79b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.votreconfirmation-123.com
:scheme
https
:path
/sc/hKWgrGmwooIgsxvKGzGgsMyhioJwuhigmlpRzogoinsLJykosghwxMkJkmQimzmQgkrlskoJlzvgilyIikXrnggiRkgwthiKgmigPqGOhyuqLtjszymiLjgiRKkPimwJOqkHJMiHQhnoxGlGxhgqxigLOIxikimowyLvKquxlKjnzHxPJopqhMhJqRuljuILLumLwKoMrmthlxwgmilwRxJKKjislwImKpysjxmktpHmxyzuLnimxwIuLjhmoMziLpwOsNIsLHjooPiRxpOgsOggq
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
content-type
text/html;charset=ISO-8859-1
x-map-context
fr
x-served-by
c-04
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
0ab5f2567f00004e1f699d0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
660353373b784e1f-FRA
content-encoding
gzip
LoyOhzLMHQNgGkWgHgPgNHvJixJrsOJjsKskpLzqmwxMlRixogKgJLgkjooIghwwOGpuotOksItOgoIqKoxkNOshxmiKrjskLmhKzimGMzoLpJszxjoKrnsxwzktpxsGKumtNmiPhGiilzkrQlgXjiGRLGgkhirGPhGikiwnMyhioJwuhigmuggrmQgkrlskoGoIu...
www.votreconfirmation-123.com/sc/ Frame 2E67 		241 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.votreconfirmation-123.com/sc/LoyOhzLMHQNgGkWgHgPgNHvJixJrsOJjsKskpLzqmwxMlRixogKgJLgkjooIghwwOGpuotOksItOgoIqKoxkNOshxmiKrjskLmhKzimGMzoLpJszxjoKrnsxwzktpxsGKumtNmiPhGiilzkrQlgXjiGRLGgkhirGPhGikiwnMyhioJwuhigmuggrmQgkrlskoGoIugqHngszyIroNkOxwIoKgJQhnoxGlRixluQwHvwpMkthtkooiGowOrmthlxwgmikwRwQroxihjkopsyGlngl
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
898dd036ec4ad81a6b6c1b7d79ccbfadfbb0b7ddc6da93b1f38435982e44732a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.votreconfirmation-123.com
:scheme
https
:path
/sc/LoyOhzLMHQNgGkWgHgPgNHvJixJrsOJjsKskpLzqmwxMlRixogKgJLgkjooIghwwOGpuotOksItOgoIqKoxkNOshxmiKrjskLmhKzimGMzoLpJszxjoKrnsxwzktpxsGKumtNmiPhGiilzkrQlgXjiGRLGgkhirGPhGikiwnMyhioJwuhigmuggrmQgkrlskoGoIugqHngszyIroNkOxwIoKgJQhnoxGlRixluQwHvwpMkthtkooiGowOrmthlxwgmikwRwQroxihjkopsyGlngl
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.votreconfirmation-123.com/cgi-bin/wingame.pl?partner_pk=461&wingame_pk=63&freetest_pk=229&sub_id=9095-69141&sub_id_postback=102446d282bee1e79b1471dbe4e8f7

Response headers

date
Wed, 16 Jun 2021 10:23:50 GMT
content-type
text/html;charset=ISO-8859-1
x-map-context
fr
x-served-by
c-03
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
0ab5f2568300004e1f06b09000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
660353373b804e1f-FRA
content-encoding
gzip
rqzRWgmwgwkgkQzGXowqugQroxihjkopsyslnoqoxgkqkkIoIkKvIPhlonomPrPKGtMNnlKNmjhipsLGkImggKoijQiLJwhiLrhilqlzwjGtvOiuxjorKohxLsisykL
www.votreconfirmation-123.com/sc/ Frame 2E67 		79 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.votreconfirmation-123.com/sc/rqzRWgmwgwkgkQzGXowqugQroxihjkopsyslnoqoxgkqkkIoIkKvIPhlonomPrPKGtMNnlKNmjhipsLGkImggKoijQiLJwhiLrhilqlzwjGtvOiuxjorKohxLsisykL
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/sc/LoyOhzLMHQNgGkWgHgPgNHvJixJrsOJjsKskpLzqmwxMlRixogKgJLgkjooIghwwOGpuotOksItOgoIqKoxkNOshxmiKrjskLmhKzimGMzoLpJszxjoKrnsxwzktpxsGKumtNmiPhGiilzkrQlgXjiGRLGgkhirGPhGikiwnMyhioJwuhigmuggrmQgkrlskoGoIugqHngszyIroNkOxwIoKgJQhnoxGlRixluQwHvwpMkthtkooiGowOrmthlxwgmikwRwQroxihjkopsyGlngl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/sc/rqzRWgmwgwkgkQzGXowqugQroxihjkopsyslnoqoxgkqkkIoIkKvIPhlonomPrPKGtMNnlKNmjhipsLGkImggKoijQiLJwhiLrhilqlzwjGtvOiuxjorKohxLsisykL
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/sc/LoyOhzLMHQNgGkWgHgPgNHvJixJrsOJjsKskpLzqmwxMlRixogKgJLgkjooIghwwOGpuotOksItOgoIqKoxkNOshxmiKrjskLmhKzimGMzoLpJszxjoKrnsxwzktpxsGKumtNmiPhGiilzkrQlgXjiGRLGgkhirGPhGikiwnMyhioJwuhigmuggrmQgkrlskoGoIugqHngszyIroNkOxwIoKgJQhnoxGlRixluQwHvwpMkthtkooiGowOrmthlxwgmikwRwQroxihjkopsyGlngl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/sc/LoyOhzLMHQNgGkWgHgPgNHvJixJrsOJjsKskpLzqmwxMlRixogKgJLgkjooIghwwOGpuotOksItOgoIqKoxkNOshxmiKrjskLmhKzimGMzoLpJszxjoKrnsxwzktpxsGKumtNmiPhGiilzkrQlgXjiGRLGgkhirGPhGikiwnMyhioJwuhigmuggrmQgkrlskoGoIugqHngszyIroNkOxwIoKgJQhnoxGlRixluQwHvwpMkthtkooiGowOrmthlxwgmikwRwQroxihjkopsyGlngl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
66035337cd654e1f-FRA
date
Wed, 16 Jun 2021 10:23:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-map-context
fr
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
image/gif
content-length
79
cf-request-id
0ab5f256da00004e1f59921000000001
x-served-by
c-03
vPjrRWggzGogMiQigsurXlqzLtikoksxhlyiwGPqvOMgigwiItOxijggskgwGxigoGopsxspwvtMiqwuwtMJNxoNHIurxIsmikyLzopssghwwOnOlzvgilyIikpkrnggr
www.votreconfirmation-123.com/sc/ Frame 803A 		79 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.votreconfirmation-123.com/sc/vPjrRWggzGogMiQigsurXlqzLtikoksxhlyiwGPqvOMgigwiItOxijggskgwGxigoGopsxspwvtMiqwuwtMJNxoNHIurxIsmikyLzopssghwwOnOlzvgilyIikpkrnggr
Requested by
Host: www.votreconfirmation-123.com
URL: https://www.votreconfirmation-123.com/sc/hKWgrGmwooIgsxvKGzGgsMyhioJwuhigmlpRzogoinsLJykosghwxMkJkmQimzmQgkrlskoJlzvgilyIikXrnggiRkgwthiKgmigPqGOhyuqLtjszymiLjgiRKkPimwJOqkHJMiHQhnoxGlGxhgqxigLOIxikimowyLvKquxlKjnzHxPJopqhMhJqRuljuILLumLwKoMrmthlxwgmilwRxJKKjislwImKpysjxmktpHmxyzuLnimxwIuLjhmoMziLpwOsNIsLHjooPiRxpOgsOggq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/sc/vPjrRWggzGogMiQigsurXlqzLtikoksxhlyiwGPqvOMgigwiItOxijggskgwGxigoGopsxspwvtMiqwuwtMJNxoNHIurxIsmikyLzopssghwwOnOlzvgilyIikpkrnggr
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.votreconfirmation-123.com
referer
https://www.votreconfirmation-123.com/sc/hKWgrGmwooIgsxvKGzGgsMyhioJwuhigmlpRzogoinsLJykosghwxMkJkmQimzmQgkrlskoJlzvgilyIikXrnggiRkgwthiKgmigPqGOhyuqLtjszymiLjgiRKkPimwJOqkHJMiHQhnoxGlGxhgqxigLOIxikimowyLvKquxlKjnzHxPJopqhMhJqRuljuILLumLwKoMrmthlxwgmilwRxJKKjislwImKpysjxmktpHmxyzuLnimxwIuLjhmoMziLpwOsNIsLHjooPiRxpOgsOggq
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.votreconfirmation-123.com/sc/hKWgrGmwooIgsxvKGzGgsMyhioJwuhigmlpRzogoinsLJykosghwxMkJkmQimzmQgkrlskoJlzvgilyIikXrnggiRkgwthiKgmigPqGOhyuqLtjszymiLjgiRKkPimwJOqkHJMiHQhnoxGlGxhgqxigLOIxikimowyLvKquxlKjnzHxPJopqhMhJqRuljuILLumLwKoMrmthlxwgmilwRxJKKjislwImKpysjxmktpHmxyzuLnimxwIuLjhmoMziLpwOsNIsLHjooPiRxpOgsOggq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
66035337cd6a4e1f-FRA
date
Wed, 16 Jun 2021 10:23:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-map-context
fr
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type
image/gif
content-length
79
cf-request-id
0ab5f256da00004e1f7c0fb000000001
x-served-by
c-02

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| rS string| rI string| pI function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type object| Browser function| $constructor function| $family function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| DOMEvent function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx string| user_device_type object| Maxlength_on_number_fields function| get_parameter function| popunder_on_submit boolean| popmaster function| localStorage_is_supported function| openWindow function| enableFields function| log_misc function| get_enc_type function| isIE object| scroll_into_view function| field_jumper function| backwards_button undefined| trackEvent function| goToNextPageByGoButton function| appendScript function| checkPerformanceEntries object| ab object| log function| setDateTime function| set_optout boolean| page_submitted undefined| field_validator string| current_page undefined| mooli undefined| scroll_position_x function| do_countdown function| bigger_checkbox function| iframe_selector function| open_iframe function| open_layer function| clean_links object| virtual_pages function| initialize_quiz function| add_pop_iframe_closer_events function| setFilledClass function| show_next_page function| show_previous_page function| show_page_by_index object| POPUNDER string| sponsor_switch string| sponsor_switch_wingame string| sponsorlimit string| context object| CP undefined| dccBts object| CleverPush function| cleverPushInitCallback object| webpackChunk_cleverpush_cleverpush_js_sdk number| __cleverPushSdkLoadCount number| c2 number| c1

0 Cookies

1 Console Messages

Source Level URL
Text
console-api error URL: https://static.cleverpush.com/channel/loader/JzNYHB8hTYGdToADx.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gdmtrck.com
gfstrck.com
mail.hodtd.com
mu.vihtiae.com
static.cleverpush.com
www.votreconfirmation-123.com
2606:4700:20::681a:f1f
2606:4700::6812:6
2a05:d018:483:6110:9d2d:8f6a:69ca:f7c
2a05:d018:483:6130:d5de:5e0c:3558:5f2b
52.16.200.194
93.113.36.194
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
2acb11aaa510314dda747b7cae606aed69c58cbec2b2a4e33b33d416eb955dc2
354a57edb89e4a258ec94b58533278501515c97cb917f40fac2a5c6e217c93ea
461d3b8909d8fb97c384d9bda553eed9567be5f7f0953b6c52684f7cd261fa3a
6b8461cb761b016ab0e2eadccde3b9d4e828ee5ac144024fe13df473d4b24cc3
6d59cb01b6d58a9fced9364ac9df7b0f0c1b43d3a2dd770addbac190af9864c2
898dd036ec4ad81a6b6c1b7d79ccbfadfbb0b7ddc6da93b1f38435982e44732a
8b229a517a3e9da9e45dd1911e27622ed8078344de5da142382aa2965d3d9304
8fdc98697ed2259d6738a1608d142ac901e80b3b1ad5a045a719b61d05a27532
a1ba6fb265468a2453e57c51d4e464fb20cd94c3003b96d97ac3e7cce12abe27
a8eb8c4b50492f02bdffbed642f9d2c29cf1d1ec1843174161e77e302e38dfdb
c718ff8c7f55ff120b80534b6a70b8df9b897dee172385368c0da3ff6f8b79b3
d087f40ff1faaf11e6acabf0dac337eae122708e660e5ea4cadaf7df225e2e98
d2b06b49751830454c06bdcdcdf7516603fa2e21595e8359c0a087d70aecd52a
d6625aafc5018f0230c6c78dc48379d86ae4ea03dbe7674ace540bf27dd87976
daa0c2803da4e07d07e6c01c4f77719fdab7ee6561c1e66d5ee349c55a408db2
e33445590a22392ca432d44ed78fa494b1ad5eada8bc5d7c42ee686ed6ec6408
e8f180db5bee6d0f0657465aa933e8e1f3492725403b3058424ab613998500ab
f21615ee119d5b1e9c9c4424c097e7ab92380cbfce7fc7b1b3fd8d6ffb9558a6
f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab