login.dealcomfirmation.top Open in urlscan Pro
2606:4700:3037::ac43:d573  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://qretweq.com/425447ac Page URL
2. https://login.dealcomfirmation.top/184585608?_from_mail=gosy Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	425447ac Show response qretweq.com/	97 B 531 B	1388ms 1233ms	Document text/html	2606:4700:3035::ac43:d840 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qretweq.com/425447ac Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:d840 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2dcc491d9156f95e2a3ad47d02ca3fe9c5752944f7e2c4111276da1e15b37a4e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 851ef6e11e1f1c4e-AKL content-encoding br content-type text/html; charset=utf-8 date Wed, 07 Feb 2024 22:10:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gp0Srl82lIFZD8qE5JENW3j2CeO1teY6Oi0JwyHa9apiLw61t2s8yiVXw7jwah%2BvWLDwXbFA2vZjr4aC9AWXszzh8s2g5oCxDx%2BEivmtNxo3jXgEKbj7W%2B%2BKGoTIqO0rQdE59VaCuqbOSQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	Primary Request 184585608 Show response login.dealcomfirmation.top/	80 KB 20 KB	345ms 151ms	Document text/html	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/184585608?_from_mail=gosy Requested by Host: qretweq.com URL: https://qretweq.com/425447ac Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 2dbf3baee62d2597369b4675b5e470b4ef09579e05f50d5997e1b02f350c095c Request headers Referer https://qretweq.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 851ef6ea3c4e6a45-SYD content-encoding br content-type text/html; charset=utf-8 date Wed, 07 Feb 2024 22:10:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFVx%2F3ezEzetUqNniQUglqIAOvaryCZnYHoTF9kZjjFyPbD7YDj2%2F1ihICS9IYAjQkv38HzwtBvF7WuBeUym6FFhV5WjC8h7Y3p%2BVKWelgRJdJ26CDqee2G3vxx8hGCEUleTOUNAwMOiS3Kd0eh7vQDnwUXmvQbxNQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by Express
GET H2	404	jquery.min.js.%D0%B7%D0%B0%D0%B2%D0%B0%D0%BD%D1%82%D0%B0%D0%B6%D0%B5%D0%BD%D0%BD%D1%8F login.dealcomfirmation.top/js/	0 0	73ms 72ms	Script text/html	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/js/jquery.min.js.%D0%B7%D0%B0%D0%B2%D0%B0%D0%BD%D1%82%D0%B0%D0%B6%D0%B5%D0%BD%D0%BD%D1%8F Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/184585608?_from_mail=gosy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers accept-language en-NZ,en;q=0.9 Referer https://login.dealcomfirmation.top/184585608?_from_mail=gosy User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:43 GMT content-security-policy default-src 'none' x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWMsA84xjL1ngkVEDpOJG7wLfrljSYxtkT%2FikXFI8Q7rwjVZ6%2B0jpIRGK%2F14ug1mJtDjfAQVV%2FkMvI1f6FV4DWnUrNu8SHE%2BoYHFTwvZB9%2BXjh4Js9ocuDaj4sedOS%2BdNP%2F0gY5jqSORTvDGavFbTzlQSs%2BoAYkepw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cf-ray 851ef6eb3cd36a45-SYD alt-svc h3=":443"; ma=86400
GET H2	404	jquery.maskedinput.js.%D0%B7%D0%B0%D0%B2%D0%B0%D0%BD%D1%82%D0%B0%D0%B6%D0%B5%D0%BD%D0%BD%D1%8F login.dealcomfirmation.top/js/	0 0	77ms 76ms	Script text/html	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/js/jquery.maskedinput.js.%D0%B7%D0%B0%D0%B2%D0%B0%D0%BD%D1%82%D0%B0%D0%B6%D0%B5%D0%BD%D0%BD%D1%8F Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/184585608?_from_mail=gosy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers accept-language en-NZ,en;q=0.9 Referer https://login.dealcomfirmation.top/184585608?_from_mail=gosy User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:43 GMT content-security-policy default-src 'none' x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIYxCsMciOKuX3Kf8XPuT1UwXxGtdH9oTjh5Pe13cotJQI0oABIQuC5lHMotaVrDqKHc55j9pkMY7fAmvrwnbSUBXMihZl2rQ5mMmG%2F7LAe2JqDCVR3YPdC2fJaX3xOQ3Yf%2FFOg%2BmEJMZYKZ1HADHm273G9kjFd6Lg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cf-ray 851ef6eb3cd66a45-SYD alt-svc h3=":443"; ma=86400
GET H2	200	css2 fonts.googleapis.com/	13 KB 1 KB	652ms 252ms	Stylesheet text/css	2404:6800:4006:804::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/184585608?_from_mail=gosy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:804::200a Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b92f631c8cf38be6724c9b0ef9dcc762b7314ee2197ced3608efb40e02618fac Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://login.dealcomfirmation.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 07 Feb 2024 22:10:43 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 07 Feb 2024 20:44:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 07 Feb 2024 22:10:43 GMT
GET H2	200	nzpost.png login.dealcomfirmation.top/img/	14 KB 15 KB	78ms 78ms	Image image/png	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://login.dealcomfirmation.top/img/nzpost.png Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/184585608?_from_mail=gosy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 0fe89e9910f07160c15f479bfd415feaefa0f75669c8891dbb407879b9d9dd4a Request headers accept-language en-NZ,en;q=0.9 Referer https://login.dealcomfirmation.top/184585608?_from_mail=gosy User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:43 GMT cf-cache-status MISS last-modified Tue, 06 Feb 2024 23:30:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"3960-18d80c23620" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDzWON8NObqleaKEa1uUNSg9Z6s%2BscDnxlo6xaHjL%2BgZDE7SymzwKXftw7Pqq5WesbQcjbwZCYptXsI%2BbmFRR%2BfsFsGyoor9mb1x70kS1BCYHYGXh7EZPsfUsHxJ4Iao8Asexd1KpWI9pxJYgrCO38cPFnHJ3r5eMg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 851ef6eb3cd86a45-SYD alt-svc h3=":443"; ma=86400 content-length 14688
GET H2	200	eqo9ipa4bgv8b4krdykj.jpg res.cloudinary.com/dwjgdyuwz/image/upload/v1707341213/	90 KB 90 KB	1801ms 1218ms	Image image/jpeg	2600:1415:10:98c::523 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://res.cloudinary.com/dwjgdyuwz/image/upload/v1707341213/eqo9ipa4bgv8b4krdykj.jpg Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/184585608?_from_mail=gosy Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2600:1415:10:98c::523 Melbourne, Australia, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Cloudinary / Resource Hash dd8ef38fb3182598b40a52f107b3d9e86ec608807daa9e93b422e54dc2b1ed28 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language en-NZ,en;q=0.9 Referer https://login.dealcomfirmation.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:44 GMT strict-transport-security max-age=604800 x-content-type-options nosniff last-modified Wed, 07 Feb 2024 21:26:54 GMT server Cloudinary etag "8ce4e393ee14f11bedc40ef6c8231864" content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=2592000 server-timing cld-akam;dur=1144;cpu=872;start=2024-02-07T22:10:43.662Z;desc=miss,rtt;dur=72,content-info;desc="width=720,height=960,bytes=91819,o=1,ef=(17)",cloudinary;dur=70;start=2024-02-07T22:10:44.630Z accept-ranges bytes timing-allow-origin * content-length 91819
GET H2	200	shield.png login.dealcomfirmation.top/img/	24 KB 24 KB	78ms 77ms	Image image/png	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://login.dealcomfirmation.top/img/shield.png Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/184585608?_from_mail=gosy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash b3c6798679126f665a57f0dffb2bc2dc0dae6e9e810dc82999246ef82c695bb9 Request headers accept-language en-NZ,en;q=0.9 Referer https://login.dealcomfirmation.top/184585608?_from_mail=gosy User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:43 GMT cf-cache-status MISS last-modified Tue, 17 Oct 2023 01:22:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"5e23-18b3b3a3b90" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDoR3N1m1A8YPapNHxYj5SWorjbpwspyHVGDP6kZl6PYxpSXhQh%2FsowWM2DENdVCnA6rbEso2yOCT7bQueYG6FDOyuau0jWFnCXOWbzw%2FM%2FrnB5e9sPwrATFRyOva2gKo1Q%2Bq17Kng%2FJafmhtT3VCHakbQtSseEEUw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 851ef6ebbd2e6a45-SYD alt-svc h3=":443"; ma=86400 content-length 24099
GET H2	200	gal.png login.dealcomfirmation.top/img/	253 B 576 B	81ms 80ms	Image image/png	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://login.dealcomfirmation.top/img/gal.png Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/184585608?_from_mail=gosy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash ecfc3a7f9660da22ffe637791973508cc1cf68b0f1dea13bc67e3ff0955cdb53 Request headers accept-language en-NZ,en;q=0.9 Referer https://login.dealcomfirmation.top/184585608?_from_mail=gosy User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:43 GMT cf-cache-status MISS last-modified Tue, 06 Feb 2024 23:30:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"fd-18d80c23620" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDa7s1SgNIeaFZiBjjhB%2FWNh0S%2By3OOfpiL0l%2B4SEM%2FxMW%2Fwerx3PArzdxWKPmWeV7tsZaPcfKai8aeruG4wnUZsWR%2BYs80RbGItgsB1L8lOLa8lW2swEaFCU34J1wCG5M%2F4oHXieBqA5fHtU%2B9Ug1c%2BCZmv1AsHdw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 851ef6ebbd2f6a45-SYD alt-svc h3=":443"; ma=86400 content-length 253
GET H2	200	socket.io.js Show response cdnjs.cloudflare.com/ajax/libs/socket.io/4.4.1/	105 KB 21 KB	136ms 48ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.4.1/socket.io.js Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/184585608?_from_mail=gosy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78f843d3abb760189d189f74b3f80bb0ca13e40ede8caad1c05c321ffeb78cf4 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-NZ,en;q=0.9 Referer https://login.dealcomfirmation.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 6665288 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 20987 last-modified Thu, 06 Jan 2022 11:01:53 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "61d6cc21-51fb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9g0lTi%2FPayiJEu%2FvfqQD%2Fbt5iB2ABobvrpDU%2BE7vTCWrdgluUU3Ukp9QMIEj8JQW08lNDdGu2YeuCYPTQ%2FpwYfShJFLp%2B8PlBPH6JMwtjTV2SveH6KN1HMBLAaw%2F1HqtszLkglx9Gv3tuUZyXfz7N12"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 851ef6ec2f59725d-AKL expires Mon, 27 Jan 2025 22:10:43 GMT
GET H2	200	support_parent.css login.dealcomfirmation.top/css/	4 KB 1 KB	80ms 79ms	Stylesheet text/css	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/css/support_parent.css Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/184585608?_from_mail=gosy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 9afd537e6723bb869397626212305906f739306bc96bfff09e9e6f45c206f715 Request headers accept-language en-NZ,en;q=0.9 Referer https://login.dealcomfirmation.top/184585608?_from_mail=gosy User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:43 GMT content-encoding br cf-cache-status MISS last-modified Fri, 06 May 2022 07:27:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"e06-180984469b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqydEkU3ktAnriWYcD%2BNEkzOGIgFwYGj4nbarCysz7lqys4F5AiEBqpVMa1Sj%2FCwzi%2Bi4N2cscnNJWDTOHmhpqT6hOqB128yCspicW78h0kA7a92DuDgl6j1MTs5PGvcXGgKnzjxh5iES3jteZvITMb1yQ%2BLN8sCeA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 851ef6ebbd306a45-SYD alt-svc h3=":443"; ma=86400
GET		geomanist fonts.cdnfonts.com/css/	0 0
GET		eqo9ipa4bgv8b4krdykj.jpg res.cloudinary.com/dwjgdyuwz/image/upload/v1707341213/	0 0
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	732ms 330ms	Font font/woff2	2404:6800:4006:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://login.dealcomfirmation.top accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 13:30:25 GMT x-content-type-options nosniff age 31219 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Feb 2025 13:30:25 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	593ms 191ms	Font font/woff2	2404:6800:4006:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://login.dealcomfirmation.top accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 01:59:43 GMT x-content-type-options nosniff age 418261 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 02 Feb 2025 01:59:43 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	553ms 152ms	Font font/woff2	2404:6800:4006:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://login.dealcomfirmation.top accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sat, 03 Feb 2024 02:14:17 GMT x-content-type-options nosniff age 417387 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 02 Feb 2025 02:14:17 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	788ms 387ms	Font font/woff2	2404:6800:4006:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://login.dealcomfirmation.top accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 12:22:27 GMT x-content-type-options nosniff age 467297 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 01 Feb 2025 12:22:27 GMT
GET H3	200	/ Show response login.dealcomfirmation.top/socket.io/	118 B 582 B	75ms 74ms	XHR text/plain	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/socket.io/?EIO=4&transport=polling&t=Os5dv63 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.4.1/socket.io.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0655584cee184baa78a6cb5c26d304c5ab792089b97a3069456b659c83ec5ec Request headers Accept */* Referer https://login.dealcomfirmation.top/184585608?_from_mail=gosy accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:43 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BkeKPFcshM%2B9h6AWdj0QCpAw3%2B3QD5mdXr4H7eQ%2FjE%2FFSvGXKAxyEygeW1i8OMpJ%2FRqCklV6B1EbzKOpQQZoSxunrUgpG%2BXdFpWgqiZSilhZtIpBE3T70yklhwugKA%2Fb%2BLT2AZ0ZLwA6yeRjjYkhVUYLy8%2BDXkVJg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 851ef6ef6b7fa82f-SYD alt-svc h3=":443"; ma=86400
GET H3	200	184585608 Show response login.dealcomfirmation.top/supportChatFrame/ Frame 0CC2	23 KB 7 KB	162ms 161ms	Document text/html	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/supportChatFrame/184585608 Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/184585608?_from_mail=gosy Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash ed698bfe3afd147fad7353c9cb89194bb24766b44ccf4cc62b3d4bb6852227ab Request headers Referer https://login.dealcomfirmation.top/184585608?_from_mail=gosy Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 851ef6ef7b86a82f-SYD content-encoding br content-type text/html; charset=utf-8 date Wed, 07 Feb 2024 22:10:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFevFWBfZccjdZoAYOe0fWS3uyVsPR0%2FYdzMWMPeP2YuZty2T867o6unYAymAprYSepalgIOd0ZukRaCNk0Jxuj0K8jsnYJV4x7e4A3blgJNP7Jbo%2FfK2gyH%2BZT1QcPZ%2BSMTro59XnLkFXUffdKcUOMzJCeOWan%2BNQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by Express
GET H3	200	supportIcon.svg login.dealcomfirmation.top/img/	1 KB 1 KB	80ms 80ms	Image image/svg+xml	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://login.dealcomfirmation.top/img/supportIcon.svg Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/css/support_parent.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d35e73edc030e667b728e2e626c782ec2b4d3b0a3044730c02b9a25dbf46be59 Request headers accept-language en-NZ,en;q=0.9 Referer https://login.dealcomfirmation.top/css/support_parent.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:43 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 06 May 2022 07:27:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"4d3-18098443300" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyKdwk%2BSEF0bOE7lKpVQRtUFkRW6kcL2vKZi%2FJpRILdUQTUeMDkUruAVJq7%2Fu2oi9K1bx9mLVlTsiPF9Ntw%2B94FWNvINvlMJj8LbFh3yBrrnRAETltBczZAfeoMJk5ouq8ai%2BZsAgZX8qfqyclRms1EDtNUyKTeaIg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=14400 cf-ray 851ef6ef7b87a82f-SYD alt-svc h3=":443"; ma=86400
POST H3	200	/ Show response login.dealcomfirmation.top/socket.io/	2 B 422 B	75ms 75ms	XHR text/html	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/socket.io/?EIO=4&transport=polling&t=Os5dv7T&sid=vxcPrM6YL7-Yh3aGAABB Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.4.1/socket.io.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Accept */* Referer https://login.dealcomfirmation.top/184585608?_from_mail=gosy accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Wed, 07 Feb 2024 22:10:43 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rk9dXaX1Pq3ZoA6b61TFvGgQJKWgQDU40Y4nhFPZ4dQZe292BTLfCUTYt74hc%2B5mScH7caaoeMX9GYBgR7d4zoYTXoX3osS6QIzmtnJreCqHlTekfQr1Y9X%2BzMpIoHhjoJIKwKA9GxaKL%2FehQNn0dqPY9f2EbU3Aqg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 851ef6effc0aa82f-SYD alt-svc h3=":443"; ma=86400
GET H3	200	/ Show response login.dealcomfirmation.top/socket.io/	32 B 471 B	75ms 75ms	XHR text/plain	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/socket.io/?EIO=4&transport=polling&t=Os5dv7V&sid=vxcPrM6YL7-Yh3aGAABB Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.4.1/socket.io.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd8cb9eaafb040bd4702417195f2fb110018f70f4ceb18d56ca4488d60d5c446 Request headers Accept */* Referer https://login.dealcomfirmation.top/184585608?_from_mail=gosy accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:43 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1jQe7%2Bpa47ehrtAEk4ohd0%2BO6%2F87wjMmEhhWWM3RdlQm%2BrMr0jKdQB7GUFqicKFD2OhrArnl4Sh8aa5FXV6p%2BqZSbagYBApPR%2BQaudCzL0NyrUXf%2FAzrGGcR2H6n1XyvwOyoXCwRoDCPJY%2FPclkJEHdJ1A%2FgrvBQg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 851ef6effc0da82f-SYD alt-svc h3=":443"; ma=86400 content-length 32
GET H3	200	support_chat.css login.dealcomfirmation.top/css/ Frame 0CC2	101 KB 17 KB	131ms 131ms	Stylesheet text/css	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/css/support_chat.css Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/supportChatFrame/184585608 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d40c636c6f5df8e97ce5d56c336a9c1379bfa2b963053386d670b6865be2913f Request headers accept-language en-NZ,en;q=0.9 Referer https://login.dealcomfirmation.top/supportChatFrame/184585608 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:43 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 06 May 2022 07:27:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"195ce-180984469b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UNlXrhxP1EP7aleuGwBsCZvDaCjmsWAAeaJPUxhbkISCyaAN%2BOTWAjWlWU7sCGiBqX%2BFbzPUvYtxYDz0BLc0l1C3Bropeqm19rHKi1e6j1VqB75BGcPkt4ZM5vuFGEtvxoSxpO6rgIWtj6pCVeyRYGUWaCkgjfzaQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 851ef6f07c98a82f-SYD alt-svc h3=":443"; ma=86400
GET H3	200	axios.min.js Show response login.dealcomfirmation.top/js/ Frame 0CC2	29 KB 12 KB	85ms 85ms	Script application/javascript	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/js/axios.min.js Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/supportChatFrame/184585608 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d5fba18e5f50a6f74db552765e4e256d2f4a6e9b46c2234b5e07f3c63fdcec28 Request headers accept-language en-NZ,en;q=0.9 Referer https://login.dealcomfirmation.top/supportChatFrame/184585608 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:43 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 10 Mar 2023 01:16:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"7467-186c916cc80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CN6OAATz%2BLzMQ9jCOuJXqK4MA49n%2FCsTWwPYPXprnMPrVsdIWJ0aIpYozPKoOcXnI0Nu5qsjZA0sLiN9Z8%2FbUK52ArPonDb93V9zKmB3o1vNRD7%2FX7mlhWTwLNMKyqcuF0unLd4fRMEv4sQKgvbw8OVlYhzzhWnPRw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 cf-ray 851ef6f07c99a82f-SYD alt-svc h3=":443"; ma=86400
GET H3	200	support.js Show response login.dealcomfirmation.top/js/ Frame 0CC2	6 KB 2 KB	80ms 80ms	Script application/javascript	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/js/support.js Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/supportChatFrame/184585608 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 525dfe15d7b865d55feee2557b7d665e34a9b1573996ffb491052b38052b4b79 Request headers accept-language en-NZ,en;q=0.9 Referer https://login.dealcomfirmation.top/supportChatFrame/184585608 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:43 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 06 Jun 2023 00:24:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"179b-1888e176570" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhXZW0mXeCJZx3h209nZX4BYV6aNlcRhSGZCiSjnrzHp1fDmjfnssNo9mipRqoA8ns5Bk%2FIXZGVwE%2BXeTZQ4PI1xxidSzdiAhW0GSMxZ0Q9gXjYwdydVXSYMroyIaWq4HB2vlYs7aKz6t%2BELaCu9SCOfCocy1efAVg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 cf-ray 851ef6f07c9ea82f-SYD alt-svc h3=":443"; ma=86400
POST H3	200	/ Show response login.dealcomfirmation.top/socket.io/	2 B 424 B	70ms 70ms	XHR text/html	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/socket.io/?EIO=4&transport=polling&t=Os5dv8j&sid=vxcPrM6YL7-Yh3aGAABB Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.4.1/socket.io.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Accept */* Referer https://login.dealcomfirmation.top/184585608?_from_mail=gosy accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Wed, 07 Feb 2024 22:10:43 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1JK0zBYxr6UHVTf5Hkpj2%2BKrlfWfyNAXkD8F5FJj6HZ%2FtZeubEo2TdiBKpIH9qIrUWJByntMiyQyPY8aa80oCwHrq2S4XG2B0b5QjicrhN7QCgomFzp%2FPaDPTCuxc3GX36yHNMSl8X1IIrDg95wzvxfn5fjXNW7jw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 851ef6f07c9ba82f-SYD alt-svc h3=":443"; ma=86400
GET H3	200	/ Show response login.dealcomfirmation.top/socket.io/	51 B 483 B	70ms 70ms	XHR text/plain	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/socket.io/?EIO=4&transport=polling&t=Os5dv8j.0&sid=vxcPrM6YL7-Yh3aGAABB Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.4.1/socket.io.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a797a37abf8e0dd5b459c331b1dd86322673a834106ba6270364f25fdf092772 Request headers Accept */* Referer https://login.dealcomfirmation.top/184585608?_from_mail=gosy accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:43 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEQtDCcwTApDZj3KFeKmBHpoBsdUvC2WBSb253Wj2rMbj0xZ6sNRQwdA51BQlt7FwS5x37yvu7tsVHEQcPRr1SEyD%2F2zc8TrKhlU6awA3LD7Y33HX0yc8gyawcCxLTRJsgWJ91XcV3y5Vnn0whlq1qTntj9eWN1Obg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 851ef6f07c9da82f-SYD alt-svc h3=":443"; ma=86400
GET H3	200	/ Show response login.dealcomfirmation.top/socket.io/	1 B 433 B	208ms 207ms	XHR text/plain	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/socket.io/?EIO=4&transport=polling&t=Os5dv9r&sid=vxcPrM6YL7-Yh3aGAABB Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.4.1/socket.io.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683 Request headers Accept */* Referer https://login.dealcomfirmation.top/184585608?_from_mail=gosy accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 22:10:44 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVwuxr5idxQ7ym67rN3Pm9xBFJwPtRn%2FmqVnaR4ZsbBA5ZKobpFIm%2BfO2cJJd%2FJrx3vPNJN6AhjVgHXg0E7o%2BzkvJ7zTUXgZ25nZkRqoYarKrYJkyit1SFIqLB2isPVrsX5P2AApP9QODRAHJ0e8i6l%2BLFndfnxEjw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 851ef6f0ecfda82f-SYD alt-svc h3=":443"; ma=86400 content-length 1
POST H3	200	getMessages Show response login.dealcomfirmation.top/api/support/ Frame 0CC2	15 B 501 B	146ms 146ms	XHR application/json	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/api/support/getMessages Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/js/axios.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a Request headers Accept application/json, text/plain, */* Referer https://login.dealcomfirmation.top/supportChatFrame/184585608 accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/json Response headers date Wed, 07 Feb 2024 22:10:44 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHILakQYmQqrnMTnrRzPhODEgStJ9RKsru9RfelAUxsC3kBQpbdlmqqJ0ayq9jwXkap6oEUAtOSZa2Et4WhIiQQl1YS7lsJjCc860I1MGLEz9%2Bp%2BZ%2Bt%2FAgexj1%2BrUvI9i9%2FmS7vtoEriyPvG7%2BklWusGxG57I%2BCvNg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 cf-ray 851ef6f16d75a82f-SYD alt-svc h3=":443"; ma=86400 content-length 15
POST H3	200	getMessages Show response login.dealcomfirmation.top/api/support/ Frame 0CC2	15 B 503 B	153ms 153ms	XHR application/json	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/api/support/getMessages Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/js/axios.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a Request headers Accept application/json, text/plain, */* Referer https://login.dealcomfirmation.top/supportChatFrame/184585608 accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/json Response headers date Wed, 07 Feb 2024 22:10:45 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdzHBbQSNGwXZd6m%2BQ%2Bt2sX81Z9LlT45hU%2Bk9PZ0xCPke0ziofZ8IEi62Ld8Bful%2BtjUx3IllmkEwPPr3nkm6OUIzonvaRYL%2Fbkf%2BVcZQaLZ8vGGYEDh6paAQMeOcUlES%2Blzt1BYChO%2BjAm1dNIGnopCxBpruwPuFg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 cf-ray 851ef6fbbd1ca82f-SYD alt-svc h3=":443"; ma=86400 content-length 15
POST H3	200	getMessages Show response login.dealcomfirmation.top/api/support/ Frame 0CC2	15 B 496 B	177ms 177ms	XHR application/json	2606:4700:3037::ac43:d573 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.dealcomfirmation.top/api/support/getMessages Requested by Host: login.dealcomfirmation.top URL: https://login.dealcomfirmation.top/js/axios.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d573 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a Request headers Accept application/json, text/plain, */* Referer https://login.dealcomfirmation.top/supportChatFrame/184585608 accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/json Response headers date Wed, 07 Feb 2024 22:10:47 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxrHZ7Rux0%2FAWWlNmUoIOFn9UtEv1rOPCz9faCEFee%2Fyo8qexLaY04Mywikit8quAo4h8yGpTFRJMinqhg%2F%2Ffm%2FEsoZUXXNDY8NOnma6eakVYineV0QCgrfM1Bh9hbrYFgsRP6C2py3gGSMNq0sd4iCWJd5S4ctv6g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 cf-ray 851ef7062da2a82f-SYD alt-svc h3=":443"; ma=86400 content-length 15

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

fonts.cdnfonts.com

URL

http://fonts.cdnfonts.com/css/geomanist

Domain

res.cloudinary.com

URL

http://res.cloudinary.com/dwjgdyuwz/image/upload/v1707341213/eqo9ipa4bgv8b4krdykj.jpg

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| io

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			login.dealcomfirmation.top/	1969-12-31 23:59:59	Name: connect.sid Value: s%3AYgFzlNQLoQZImX2krm9itzhj1BCxrP4o.uQJDkC3Cyb6cB75AgSVMJIUvv1Hqp5ecjbReMqEq6qM

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://login.dealcomfirmation.top/184585608?_from_mail=gosy Message: Mixed Content: The page at 'https://login.dealcomfirmation.top/184585608?_from_mail=gosy' was loaded over HTTPS, but requested an insecure element 'http://res.cloudinary.com/dwjgdyuwz/image/upload/v1707341213/eqo9ipa4bgv8b4krdykj.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://login.dealcomfirmation.top/js/jquery.min.js.%D0%B7%D0%B0%D0%B2%D0%B0%D0%BD%D1%82%D0%B0%D0%B6%D0%B5%D0%BD%D0%BD%D1%8F Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://login.dealcomfirmation.top/184585608?_from_mail=gosy Message: Refused to execute script from 'https://login.dealcomfirmation.top/js/jquery.min.js.%D0%B7%D0%B0%D0%B2%D0%B0%D0%BD%D1%82%D0%B0%D0%B6%D0%B5%D0%BD%D0%BD%D1%8F' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://login.dealcomfirmation.top/js/jquery.maskedinput.js.%D0%B7%D0%B0%D0%B2%D0%B0%D0%BD%D1%82%D0%B0%D0%B6%D0%B5%D0%BD%D0%BD%D1%8F Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://login.dealcomfirmation.top/184585608?_from_mail=gosy Message: Refused to execute script from 'https://login.dealcomfirmation.top/js/jquery.maskedinput.js.%D0%B7%D0%B0%D0%B2%D0%B0%D0%BD%D1%82%D0%B0%D0%B6%D0%B5%D0%BD%D0%BD%D1%8F' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://login.dealcomfirmation.top/184585608?_from_mail=gosy(Line 285) Message: Mixed Content: The page at 'https://login.dealcomfirmation.top/184585608?_from_mail=gosy' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.cdnfonts.com/css/geomanist'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://login.dealcomfirmation.top/184585608?_from_mail=gosy(Line 1783) Message: Mixed Content: The page at 'https://login.dealcomfirmation.top/184585608?_from_mail=gosy' was loaded over HTTPS, but requested an insecure image 'http://res.cloudinary.com/dwjgdyuwz/image/upload/v1707341213/eqo9ipa4bgv8b4krdykj.jpg'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.cdnfonts.com
fonts.googleapis.com
fonts.gstatic.com
login.dealcomfirmation.top
qretweq.com
res.cloudinary.com
fonts.cdnfonts.com
res.cloudinary.com
2404:6800:4006:804::2003
2404:6800:4006:804::200a
2600:1415:10:98c::523
2606:4700:3035::ac43:d840
2606:4700:3037::ac43:d573
2606:4700::6811:180e
0fe89e9910f07160c15f479bfd415feaefa0f75669c8891dbb407879b9d9dd4a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2dbf3baee62d2597369b4675b5e470b4ef09579e05f50d5997e1b02f350c095c
2dcc491d9156f95e2a3ad47d02ca3fe9c5752944f7e2c4111276da1e15b37a4e
525dfe15d7b865d55feee2557b7d665e34a9b1573996ffb491052b38052b4b79
5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a
78f843d3abb760189d189f74b3f80bb0ca13e40ede8caad1c05c321ffeb78cf4
9afd537e6723bb869397626212305906f739306bc96bfff09e9e6f45c206f715
a797a37abf8e0dd5b459c331b1dd86322673a834106ba6270364f25fdf092772
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0655584cee184baa78a6cb5c26d304c5ab792089b97a3069456b659c83ec5ec
b3c6798679126f665a57f0dffb2bc2dc0dae6e9e810dc82999246ef82c695bb9
b92f631c8cf38be6724c9b0ef9dcc762b7314ee2197ced3608efb40e02618fac
cd8cb9eaafb040bd4702417195f2fb110018f70f4ceb18d56ca4488d60d5c446
d35e73edc030e667b728e2e626c782ec2b4d3b0a3044730c02b9a25dbf46be59
d40c636c6f5df8e97ce5d56c336a9c1379bfa2b963053386d670b6865be2913f
d5fba18e5f50a6f74db552765e4e256d2f4a6e9b46c2234b5e07f3c63fdcec28
dd8ef38fb3182598b40a52f107b3d9e86ec608807daa9e93b422e54dc2b1ed28
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
ecfc3a7f9660da22ffe637791973508cc1cf68b0f1dea13bc67e3ff0955cdb53
ed698bfe3afd147fad7353c9cb89194bb24766b44ccf4cc62b3d4bb6852227ab
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef