Report - www.saveday-inc.net/optin1638821352637

Report Overview

Submitted URL
www.saveday-inc.net/optin1638821352637
IP
104.16.13.194
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-01 11:16:13
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	622 B	499 B	31.13.72.36
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-07T05:09:07Z	1.3 kB	3.5 kB	23.36.76.226
www.google.com	7	2015-05-10T13:11:19Z	2023-03-07T06:15:59Z	368 B	16 kB	142.250.74.164
use.fontawesome.com	942	2017-01-30T05:43:25Z	2023-03-07T05:10:27Z	781 B	14 kB	172.67.169.247
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-07T06:08:40Z	599 B	711 B	142.251.1.156
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-07T10:01:43Z	771 B	2.0 kB	216.58.207.226
bam.nr-data.net	630	2015-02-10T01:06:27Z	2023-03-06T05:22:52Z	871 B	607 B	162.247.241.14
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-07T05:09:06Z	325 B	1.6 kB	143.204.55.115
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-07T09:34:07Z	987 B	2.2 kB	93.184.220.29
js-agent.newrelic.com	378	2018-06-22T06:15:37Z	2023-03-06T05:22:52Z	363 B	15 kB	151.101.86.137
prospectrmktg.com	unknown	2021-11-09T01:06:35Z	2022-10-04T23:49:13Z	468 B	141 B	199.103.4.90
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-07T05:09:06Z	321 B	229 B	34.117.237.239
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-07T07:41:56Z	755 B	757 B	142.250.74.3
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-07T05:09:18Z	3.6 kB	7.7 kB	142.250.74.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-07T07:15:10Z	679 B	3.7 kB	216.58.211.10
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-07T08:27:55Z	364 B	21 kB	142.250.74.174
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-07T05:09:11Z	365 B	28 kB	31.13.72.12
ocsp.starfieldtech.com	6616	2012-06-22T20:08:50Z	2023-03-07T05:14:05Z	334 B	2.4 kB	192.124.249.36
app.clickfunnels.com	34727	2015-03-12T09:40:23Z	2023-03-06T07:43:06Z	5.0 kB	7.0 kB	104.16.14.194
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-07T05:09:06Z	401 B	5.8 kB	143.204.55.49
www.saveday-inc.net	unknown	2021-12-03T02:06:00Z	2022-11-02T15:17:54Z	15 kB	368 kB	104.16.12.194
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-07T05:09:22Z	3.2 kB	70 kB	34.120.237.76
static.cloudflareinsights.com	1294	2019-09-24T16:34:56Z	2023-03-06T10:20:26Z	451 B	393 B	172.64.156.26

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed
2022-09-01	medium	saveday-inc.net	Sinkholed

JavaScript (32)

	URL	Size	First Seen	Last Seen
	www.saveday-inc.net/optin1638821352637	395 B	2023-03-07	2024-04-21
Pretty URL www.saveday-inc.net/optin1638821352637 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1084 Hash b2c93212afb38693d023d97f822acd42 a971c75819436a7c7d9c3b388b8be10f1286fdcb dbde09f9e5cc2ecdeffe30752eac8756ca637e0c524bdbd5b1c7e5704aae004f Loading...

	www.saveday-inc.net/optin1638821352637	1.2 kB	2023-03-07	2024-03-13
Pretty URL www.saveday-inc.net/optin1638821352637 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-13 20:33:05 Times Seen718 Hash f53804c0abbd5d0ead0a41ca2dd89599 39d28f2df6171e4847aafb50cff964da0b33aef0 1dfb574d71b367cdf50909a035c1865d63381accb868b60d395d6ad71c426821 Loading...

	www.saveday-inc.net/vendor.js	18 kB	2023-03-07	2024-04-21
Pretty URL www.saveday-inc.net/vendor.js IP 104.16.16.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:03 Times Seen1311 Hash bf2a8a168c0be1544c34f363c276586e 581e49c9b7bdd06dab54c00931f4256b223e620e 7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d Loading...

	connect.facebook.net/en_US/fbevents.js	103 kB	2023-03-07	2023-03-10
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:32 Last Seen2023-03-10 21:11:15 Times Seen1 Hash 5305b4c3687465914bde30aa6b980757 d60bd17643d1af61efc22a75d62efa91d7f1fa68 f62054be93b9f30643e209e390ae4299eb0501d1d89d9c8a3c6ee496ea9bd99c Loading...

	bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4551&ck=1&ref=https://www.saveday-inc.net/optin1638821352637&ap=496&be=630&fe=4306&dc=1267&perf=%7B%22timing%22:%7B%22of%22:1662030961880,%22n%22:0,%22f%22:435,%22dn%22:443,%22dne%22:443,%22c%22:444,%22s%22:447,%22ce%22:461,%22rq%22:462,%22rp%22:600,%22rpe%22:604,%22dl%22:609,%22di%22:1239,%22ds%22:1266,%22de%22:1379,%22dc%22:4305,%22l%22:4305,%22le%22:4416%7D,%22navigation%22:%7B%7D%7D&fcp=999&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4551&ck=1&ref=https://www.saveday-inc.net/optin1638821352637&ap=496&be=630&fe=4306&dc=1267&perf=%7B%22timing%22:%7B%22of%22:1662030961880,%22n%22:0,%22f%22:435,%22dn%22:443,%22dne%22:443,%22c%22:444,%22s%22:447,%22ce%22:461,%22rq%22:462,%22rp%22:600,%22rpe%22:604,%22dl%22:609,%22di%22:1239,%22ds%22:1266,%22de%22:1379,%22dc%22:4305,%22l%22:4305,%22le%22:4416%7D,%22navigation%22:%7B%7D%7D&fcp=999&jsonp=NREUM.setToken IP 162.247.241.14 ASN #23467 NEWRELIC-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	www.saveday-inc.net/optin1638821352637	1.0 kB	2023-03-07	2024-04-21
Pretty URL www.saveday-inc.net/optin1638821352637 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1074 Hash 7e04d8a0aac6ab1ec08163bd215a5711 f425cd8bab39529985cf2a9cf866a877b4fca17a 4e3d5220213c311337410362a4654f5ea226e71707a85229385cec6d871cc05a Loading...

	www.saveday-inc.net/optin1638821352637	3 B	2023-03-07	2024-04-25
Pretty URL www.saveday-inc.net/optin1638821352637 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-04-25 10:30:24 Times Seen1142 Hash f67be96ce768fb5b40aecf0438f97886 d27fecd03a022cc6f670ca42ef1b99d5f5bcc74c 3441b5696d6abf2bd959d18bcb31dde8239a6ad8185bfa659af60bc764c238a8 Loading...

	www.saveday-inc.net/optin1638821352637	104 B	2023-03-07	2024-04-21
Pretty URL www.saveday-inc.net/optin1638821352637 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1185 Hash 00b5ba65cbf82b44301e01048b806055 3be24afc94edb8de2099ccafa2bfcdbfbef301cd 699e1188e23d8be696d8ca3b45d7eba8c1c97f6ce4e9da4051cce63907ea8442 Loading...

	www.saveday-inc.net/optin1638821352637	594 B	2023-03-07	2023-03-07
Pretty URL www.saveday-inc.net/optin1638821352637 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-03-07 13:22:23 Times Seen1 Hash ada7715cd3e500e96a95316268664a7b 1aa9197838adacf991f2a88186b8b43d3dd7bc6b 180721da5182d2815f66c6b0a310eefe1ecdda94c4a678b638157cebc3a61c61 Loading...

	www.saveday-inc.net/optin1638821352637	271 B	2023-03-07	2024-04-21
Pretty URL www.saveday-inc.net/optin1638821352637 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1080 Hash c0d8faa83b4d63e92f56614251d001d4 4377d94b43b83ca010c78aa4c482d86ca19a9593 1d35b00811c224b9c83537f23634d9e7b07f75841c3d99e6ded3c759571f45a7 Loading...

	connect.facebook.net/signals/config/1954455964797727?v=2.9.78&r=stable	300 kB	2023-03-07	2023-03-07
Pretty URL connect.facebook.net/signals/config/1954455964797727?v=2.9.78&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-03-07 13:22:23 Times Seen1 Hash ba9eee1aabe12377c3dd66ff5dca73ac 33e0edd850116163e8bb41033e305a051a52b961 b6d519571a9b6ca92a2ce4d562e50c4a4d73f655e86b331689de5ea6f59f0fd6 Loading...

	www.saveday-inc.net/optin1638821352637	280 B	2023-03-07	2023-03-07
Pretty URL www.saveday-inc.net/optin1638821352637 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-03-07 12:03:09 Times Seen1 Hash 7b62cae79664fb3bcf6cf8585d07c6d0 dcc69a089b2a8cda99539fb6313e4f18e510367a eac5f5725184a6f08c54aa9c6736a1197ba73f89b371a5f9309eb5611e323363 Loading...

	www.saveday-inc.net/assets/pushcrew.js	637 B	2023-03-07	2024-04-21
Pretty URL www.saveday-inc.net/assets/pushcrew.js IP 104.16.16.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1406 Hash 0a67c27615e7d2202f261dcc0a82d744 0fa0a8ca56efded583bd4201821015a63c623d44 f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422 Loading...

	www.googletagmanager.com/gtag/js?id=AW-842761054	116 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=AW-842761054 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:09 Last Seen2023-03-07 12:03:09 Times Seen1 Hash 265bbfa2b0ee1e4cb88351f67ef95a46 1033989282626dffcd3f90ce8460d1a2d047363d 85de0027d2ba2f19f8882bad914a41336275fb6452af7c6ae6ddb6af3f005e38 Loading...

	www.saveday-inc.net/optin1638821352637	130 B	2023-03-07	2023-05-21
Pretty URL www.saveday-inc.net/optin1638821352637 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-05-21 15:22:25 Times Seen3 Hash faaff1e64bbf42c5e6adcca1657c510c 3757a7b56286db2e66d699867cd4c7362162c1e0 0af4a7f940c989a6d0e4bcd55409d930727177d3655efe6b2751a8e83e2adbfe Loading...

	www.saveday-inc.net/optin1638821352637	247 B	2023-03-07	2023-03-07
Pretty URL www.saveday-inc.net/optin1638821352637 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-03-07 13:22:23 Times Seen1 Hash bb67153cd740c7fece5570dac3d53b70 5aa76305cbd5ba001accf244db3573c62133e1de bee1c5036828dd5c93940c46b9812f8f762409e7407ef8cfe358167fe44758b2 Loading...

	static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194	14 kB	2023-03-07	2024-04-25
Pretty URL static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP 172.64.156.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 06:01:23 Times Seen1634 Hash 19514b1be5ee33b45d32c1fcd4c67ec2 bdeab77b43cafcc638df9d7c26f1aa7f46bf1fd5 fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Loading...

	www.saveday-inc.net/optin1638821352637	482 B	2023-03-07	2023-05-21
Pretty URL www.saveday-inc.net/optin1638821352637 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-05-21 15:22:25 Times Seen3 Hash c834733e07e2bd76b740e06fb1836fc7 c77b7616cc5c556f2771b2804b014484a2d602ae d7680193207c28b45149ce6a123286f2608ecfb6ed4305fe2562a60dcca302fe Loading...

	www.googletagmanager.com/gtm.js?id=GTM-P958L4W	149 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-P958L4W IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:09 Last Seen2023-03-07 12:03:09 Times Seen1 Hash e8250dfb459a2431b393d9544eddaaeb 6196856f070fcd5bb95b9a7fd77f87b6f9e5a78a 535185da61c4f387fdc127517fc14c503ccd6cb31483b3404d3553cb0761657f Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-18
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-18 21:14:10 Times Seen840 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	www.google.com/pagead/conversion_async.js	42 kB	2023-03-07	2023-03-17
Pretty URL www.google.com/pagead/conversion_async.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:19 Last Seen2023-03-17 12:30:23 Times Seen1 Hash 70049e468e315dbffce0c07753fca6f9 6c1cb5e25675de7746ed7dbb4d103aba9faabea0 94cc0d6d41e4b4bcde2f4f3d6292224215a698f20ffe7915c04cb55146537266 Loading...

	www.saveday-inc.net/optin1638821352637	10 kB	2023-03-07	2023-03-17
Pretty URL www.saveday-inc.net/optin1638821352637 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-03-17 12:27:39 Times Seen1 Hash 61abdb73cf60f39fa1f99dbd202754ac 8d0f53cfd61600543702b775cccfdb6cff316a83 42f0f6e0965f466635a6785e94642889e31ade69c5d6c892182d03c91abd6082 Loading...

	www.saveday-inc.net/assets/userevents/application.js	4.9 kB	2023-03-07	2023-03-17
Pretty URL www.saveday-inc.net/assets/userevents/application.js IP 104.16.16.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-03-17 12:27:39 Times Seen1 Hash 8c7a2fbb2ccf04e864c50ff46ff6975d 1f9e9ece9dd37561093248324faa202260eb616c 004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158 Loading...

	www.saveday-inc.net/optin1638821352637	341 B	2023-03-07	2023-05-21
Pretty URL www.saveday-inc.net/optin1638821352637 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-05-21 15:22:25 Times Seen3 Hash 0898cf9b054fb4f43f62525e4f641caa eca3f76140b40e5c5ca2fbc2bc42ac4c1cb6b211 5b36bfb50c269265a116c6df8284845763939bbf6d3abdf6967edfd772804a09 Loading...

	app.clickfunnels.com/mailcheck.min.js	2.7 kB	2023-03-07	2024-03-13
Pretty URL app.clickfunnels.com/mailcheck.min.js IP 104.16.14.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-13 20:33:05 Times Seen1044 Hash 199756d42d03ff6741642748ea00028d b5c4f6fd1b0e5d1bac97870b3885d08ccb7d2ac1 e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/842761054/?random=1662030963615&cv=9&fst=1662030963615&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8t0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&tiba=SaveDay&auid=2078061120.1662030963&hn=www.google.com&async=1&rfmt=3&fmt=4	2.3 kB	2023-03-07	2023-03-07
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/842761054/?random=1662030963615&cv=9&fst=1662030963615&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8t0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&tiba=SaveDay&auid=2078061120.1662030963&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 216.58.207.226 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:09 Last Seen2023-03-07 12:03:09 Times Seen1 Hash 9dfd5e1912792b5c041aaf12b8cfdfb0 a5db2c78833eb204e347cc70f5f77b9bf8d7fee1 a3dfdf4a75bff2936d37587417af8075976b725a7283c8ba162f85239ab42ea6 Loading...

	js-agent.newrelic.com/nr-1216.min.js	39 kB	2023-03-07	2023-12-02
Pretty URL js-agent.newrelic.com/nr-1216.min.js IP 151.101.86.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-12-02 09:02:29 Times Seen204 Hash 9f533d8cd24b2c5e3b4dc886ecbd43e8 4aaad79f222fbcf885679bb30ac0cb6c14ec06eb 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708 Loading...

	www.saveday-inc.net/assets/lander.js	2.3 MB	2023-03-07	2023-03-17
Pretty URL www.saveday-inc.net/assets/lander.js IP 104.16.16.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:09 Last Seen2023-03-17 12:27:39 Times Seen1 Hash 55bfc8a713b8bec8d24b6400e8b67cc6 0b52f076ef067091cb0f78672c4a3409969e5ede 5824467254c4dff6cbb9de37d441170f9243287bba4380e206297e2f2c0ef7cd Loading...

	www.saveday-inc.net/optin1638821352637	101 B	2023-03-07	2024-04-21
Pretty URL www.saveday-inc.net/optin1638821352637 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1073 Hash 58d9451139b4d777d43d7c3e074a944a 58dbf64854e67993dd579ecc78d1a32fea9266ed 85f043b5d0590f154a02cf29f549340485f0e6dd78c70ab8746555092fc9d493 Loading...

	www.saveday-inc.net/optin1638821352637	1.6 kB	2023-03-07	2024-04-21
Pretty URL www.saveday-inc.net/optin1638821352637 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1073 Hash 9695240da93eaffb74ee6d46ae6ea5da f545f6cec4b5da6fb0a50a17ee0bc878030c5047 88533b116813899d4cf0751961b7568763677a97033cfb35180d523e2cf2cfd1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2aa74ac3a264c3e10ae463a262aaf72c	20 kB	2023-03-07	2024-04-21
Pretty Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:01 Times Seen1093 Hash 2aa74ac3a264c3e10ae463a262aaf72c c5ff579cf0cc2ba1d98711b366ec148152abbaf5 9c1ea695852f01d2fc6027d572b126b740a9c4634540fb0d39ea3656377eef77 Loading...

	#2 Eval - 8ecd378e4eb7ea5dcef71300632bd86f	119 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 01:29:18 Last Seen2023-03-07 13:22:23 Times Seen1 Hash 8ecd378e4eb7ea5dcef71300632bd86f 7bc0eb03718e4795c62bec5737785a2841c92b70 a2f901be3de4422661b5ce7f5e37d51d3c65a2297d1dd2c0130aa3605ab6ceed Loading...

HTTP Transactions (68)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 10:41:13 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G2XB9h32DnbhlVwLxCwP3yhC-MAVitfQwmM6tQM9lsKThcP7BUgyqQ==
Age: 2088

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3443
Expires: Thu, 01 Sep 2022 12:13:25 GMT
Date: Thu, 01 Sep 2022 11:16:02 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: D0oTHv0r3j8hb4Rukzhl_jLhEr78Q9HGZG_OKSYwubQeald253-J8A==
age: 36046
X-Firefox-Spdy: h2

www.saveday-inc.net/optin1638821352637

104.16.12.194

301 Moved Permanently

492 B

URL HTTP/1.1
www.saveday-inc.net/optin1638821352637
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477)
Size
492 B (492 bytes)
Hash
0cdcca07ba81b22b5d1e1f5e4303d000
d2b3732e2466c47ebc5758ef090607c4b27f05c1
6ac95d4aa615949df4ba0197a7d93758139b18e0ae7908cf8e942af17d3fc246

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /optin1638821352637 HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Sep 2022 11:16:02 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.saveday-inc.net/optin1638821352637
CF-Ray: 743d97692de1b50b-OSL
Access-Control-Allow-Origin: *
Cache-Control: max-age=60, public, s-maxage=600, r-maxage=10
Last-Modified: Wed, 15 Dec 2021 19:05:35 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 301 Moved Permanently
X-Content-Digest: 4791ab4e4bb02c248e0628fc786cdf3652183d0a
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss, store
X-Request-Id: bfdb242651341d89fd2814f40576b304
X-Runtime: 0.124167
Set-Cookie: __cf_bm=kOACc99bJUAd4J4UsZN9DEfimLPv7UhS_wP0VJyfvGo-1662030962-0-AT00An79eQJNjkrNvAJopiCk84Xjt6pjwqE0Lv1IneAWWJdjxfnEKHBcw/s0TAh3hoGGPs+Fb0gzWAepyLLqTs7jDgsrQNe0uKHIet/XtKDa; path=/; expires=Thu, 01-Sep-22 11:46:02 GMT; domain=.www.saveday-inc.net; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.saveday-inc.net/hosted/images/13/8bb6408e8411e7b85fdf1b4f68b035/try8001.png

104.16.16.194

200 OK

29 kB

URL HTTP/2
www.saveday-inc.net/hosted/images/13/8bb6408e8411e7b85fdf1b4f68b035/try8001.png
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1008 x 727, 8-bit colormap, non-interlaced\012- data
Size
29 kB (28681 bytes)
Hash
d9225a0254f90a7b70197066418092db
d31c03420b19b48d7b2b8fdc943291042fcadd06
390e21f5319f73df68f611078643756b8504b811044546c92a88c9474ccdc542

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hosted/images/13/8bb6408e8411e7b85fdf1b4f68b035/try8001.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: image/png
content-length: 28681
cf-ray: 743d976ce8fbb529-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "359b179cc2c42c8c056f487c793001ec"
last-modified: Thu, 31 Aug 2017 19:39:28 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=28863
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2

www.saveday-inc.net/hosted/images/18/ae751067fe11e7b1f597f4a4384b61/bizlendr.png

104.16.16.194

200 OK

19 kB

URL HTTP/2
www.saveday-inc.net/hosted/images/18/ae751067fe11e7b1f597f4a4384b61/bizlendr.png
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 500 x 128, 8-bit colormap, non-interlaced\012- data
Size
19 kB (19119 bytes)
Hash
a5814f39e63891db033b244f29270c4c
42bbb15bfaf3759f535d86114ca016a4481faea1
01c4b44279e1fb4a32c30ad8d524e10553ae33ca7c89bcf5c37f72fec9db4527

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hosted/images/18/ae751067fe11e7b1f597f4a4384b61/bizlendr.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: image/png
content-length: 19119
cf-ray: 743d976cf91cb529-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "0b0d99a146d61334abaad568d18e5b01"
last-modified: Thu, 13 Jul 2017 19:04:33 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=20025
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2

www.saveday-inc.net/hosted/images/17/ebf2f067ff11e7ad5ebb6414c806b3/logo-_1_.png

104.16.16.194

200 OK

19 kB

URL HTTP/2
www.saveday-inc.net/hosted/images/17/ebf2f067ff11e7ad5ebb6414c806b3/logo-_1_.png
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2850 x 468, 8-bit colormap, non-interlaced\012- data
Size
19 kB (19099 bytes)
Hash
7052353bfc9af7a56c9a7debed247e06
16d64ea7419fbea88c33f65cc51cfcfcbca89d70
c961f819a80415a4530c268e66eaff17804683304b0be4d84038934355f7073e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hosted/images/17/ebf2f067ff11e7ad5ebb6414c806b3/logo-_1_.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: image/png
content-length: 19099
cf-ray: 743d976cf91fb529-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "0fbdcd0f6b039c13b6ed66be70fc0314"
last-modified: Thu, 13 Jul 2017 19:11:44 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=19131
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2

www.saveday-inc.net/hosted/images/14/3fecf0667511e7a4522fc393ea60c4/vmc-logo.png

104.16.16.194

200 OK

11 kB

URL HTTP/2
www.saveday-inc.net/hosted/images/14/3fecf0667511e7a4522fc393ea60c4/vmc-logo.png
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 395 x 115, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11030 bytes)
Hash
47596d50f7f6e2c87e90f2b26ae24b60
6e48271e0e666d98581dc0be58acb68aec9e7bbc
65d7a0774ed02b08d5b3f9bb0a6062072b34d5f5b02116d302b5226533897808

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hosted/images/14/3fecf0667511e7a4522fc393ea60c4/vmc-logo.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: image/png
content-length: 11030
cf-ray: 743d976cf915b529-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "a8319ced5fa45dbf94a312e1ad9e9d8e"
last-modified: Tue, 11 Jul 2017 20:11:13 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11042
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2

www.saveday-inc.net/hosted/images/5b/c23330667511e78cd7b3b12e64f51a/sbf-logo-2015.png

104.16.16.194

200 OK

3.4 kB

URL HTTP/2
www.saveday-inc.net/hosted/images/5b/c23330667511e78cd7b3b12e64f51a/sbf-logo-2015.png
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 800 x 120, 8-bit colormap, non-interlaced\012- data
Size
3.4 kB (3415 bytes)
Hash
1f38e8262fcc10c890bcf12686fa6f9e
e9c67897a2dd850f858d4207985d97138d1cf697
16fe269d2ef311ebd25fd8f51d592000926d4b04250a78e88705729f5b7a5006

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hosted/images/5b/c23330667511e78cd7b3b12e64f51a/sbf-logo-2015.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: image/png
content-length: 3415
cf-ray: 743d976cf918b529-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "723958dfc7b2d6fb4956404751e621b8"
last-modified: Tue, 11 Jul 2017 20:13:13 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=4297
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2

www.saveday-inc.net/hosted/images/de/0e695067fe11e792f73f20b3520f1e/logo.png

104.16.16.194

200 OK

2.5 kB

URL HTTP/2
www.saveday-inc.net/hosted/images/de/0e695067fe11e792f73f20b3520f1e/logo.png
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 378 x 88, 8-bit colormap, non-interlaced\012- data
Size
2.5 kB (2492 bytes)
Hash
05bfa1b2ab184dc7ea68a0265d3ff73e
6fb3612c62d80e52d8b2ecd853c600a2c4ab5a85
ad2ee6410ab30d6711b25ae0bf436a87f42e87b7caf69690d1335ad70ad3177d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hosted/images/de/0e695067fe11e792f73f20b3520f1e/logo.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: image/png
content-length: 2492
cf-ray: 743d976cf91eb529-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "05bfa1b2ab184dc7ea68a0265d3ff73e"
last-modified: Thu, 13 Jul 2017 19:10:04 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2

www.saveday-inc.net/hosted/images/e3/5898c0668411e7acaccf8145dd3756/ev.png

104.16.16.194

200 OK

6.7 kB

URL HTTP/2
www.saveday-inc.net/hosted/images/e3/5898c0668411e7acaccf8145dd3756/ev.png
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 400 x 90, 8-bit colormap, non-interlaced\012- data
Size
6.7 kB (6681 bytes)
Hash
f68b926f96eb6f38c9f7ce0a971ba829
b8dd228cc203a00d134bccc02dd75e7405aa6caa
d95d481199724f2d02fd35875e38da134650283fed9732139c13ddd029439343

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hosted/images/e3/5898c0668411e7acaccf8145dd3756/ev.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: image/png
content-length: 6681
cf-ray: 743d976cf91bb529-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "f68b926f96eb6f38c9f7ce0a971ba829"
last-modified: Tue, 11 Jul 2017 22:04:22 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2

www.saveday-inc.net/hosted/images/4e/ef52f098b111e7b71b9976c38ffff7/whatever2.png

104.16.16.194

200 OK

26 kB

URL HTTP/2
www.saveday-inc.net/hosted/images/4e/ef52f098b111e7b71b9976c38ffff7/whatever2.png
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 405 x 872, 8-bit colormap, non-interlaced\012- data
Size
26 kB (25878 bytes)
Hash
a6a2cceea4519da39f2ef5197771795f
e5c2558962afaaef620108c5e9c065c43067a4a8
be7b50ca96b0374d6da75e4f6cb7b8a00aa01d97515da6808ed6f8dd2d00408c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hosted/images/4e/ef52f098b111e7b71b9976c38ffff7/whatever2.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: image/png
content-length: 25878
cf-ray: 743d976ce8fdb529-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "538af34ea4ab473bd579d5d061172388"
last-modified: Wed, 13 Sep 2017 18:28:21 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=25914
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2

www.saveday-inc.net/hosted/images/ab/88d21326a04b7b856568fb725e7bda/fa-logo1.png

104.16.16.194

200 OK

9.9 kB

URL HTTP/2
www.saveday-inc.net/hosted/images/ab/88d21326a04b7b856568fb725e7bda/fa-logo1.png
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 253 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
9.9 kB (9908 bytes)
Hash
37b7bc4233cf462b9ae927c515ccf920
68911f3dc2308106f1b7720d38c6d13ebe6a49df
cb5b3df5a5efde3037928aac79b540949669c2c19472934fe52a849cb1beaa0a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hosted/images/ab/88d21326a04b7b856568fb725e7bda/fa-logo1.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: image/png
content-length: 9908
cf-ray: 743d976ce8f7b529-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "77b1a9149d16b03a46a6c04e8c7a5aae"
last-modified: Tue, 23 Nov 2021 21:15:27 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10077
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a7aab826beb3533ba03cfe6bab46f240
000c9a63535a3c7c9cadaea7630f1f1443399d56
5fc3e2785f52dbe5fa0e7bbe8d9bfa8476b574a3357df2374ea991e049a1d73b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 11:16:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

216.58.211.10

200 OK

2.9 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type
data
Size
2.9 kB (2920 bytes)
Hash
f354ca30effde1f40b6362ca5372ce27
d866f7e60bf52d4f2987da1317267b0d59987949
d160c4304accc13f289fec126f7c67ea1032cc79911baf3ca029b593dacbe8d0

HTTP Headers

GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Sep 2022 11:16:02 GMT
date: Thu, 01 Sep 2022 11:16:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.saveday-inc.net/optin1638821352637

104.16.16.194

200 OK

26 kB

URL HTTP/2
www.saveday-inc.net/optin1638821352637
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10200), with CRLF, LF line terminators
Size
26 kB (26252 bytes)
Hash
97f5a098b24b36c586fad6dfc8ab76e0
d80b2194c2081048ed9f611df25d2799707d0790
56912901e09fe993e1aa5e7ad7277ff26ca5efb8fe2aebea138a8175f94c8b87

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /optin1638821352637 HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: text/html; charset=utf-8
cf-ray: 743d976b7eb1b529-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Wed, 15 Dec 2021 19:05:35 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: eb72ff27a87274bc80251d3acb7b708b5932e9b0
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss, store
x-request-id: 84f67b7284afa9071a2a8e1ce03ab63d
x-runtime: 0.519141
set-cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi; path=/; expires=Thu, 01-Sep-22 11:46:02 GMT; domain=.www.saveday-inc.net; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.saveday-inc.net/hosted/images/ab/5dfff0471a11e7855f5dca53cab33b/cloudstrip-hero_2x.png

104.16.16.194

200 OK

73 kB

URL HTTP/2
www.saveday-inc.net/hosted/images/ab/5dfff0471a11e7855f5dca53cab33b/cloudstrip-hero_2x.png
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2672 x 586, 8-bit colormap, non-interlaced\012- data
Size
73 kB (72740 bytes)
Hash
62d7d31d12c0dc75b6494d90bbe2eb33
3ae54eed9059d36987731dc39333ee00e7df72e9
e8fcb3e1568229af6b8ef9234c6935b2784c48251f614c66b11a4ab72b0fd870

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hosted/images/ab/5dfff0471a11e7855f5dca53cab33b/cloudstrip-hero_2x.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: image/png
content-length: 72740
cf-ray: 743d976e1a70b529-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "dbd17d87cba35875b87a1d0333e07214"
last-modified: Thu, 01 Jun 2017 22:36:04 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=72836
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc8ab005623fccad97ec544c1b7ff472
afb4a818db5137fc07b986aa4e5a62ff0032096b
20e90eaeefc4c5e091fd10088cbd47d7774010d1ec9bfa9e00b023919ff47c76

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 11:16:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.saveday-inc.net/assets/lander.css

104.16.16.194

200 OK

128 kB

URL HTTP/2
www.saveday-inc.net/assets/lander.css
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (53232)
Size
128 kB (127951 bytes)
Hash
3f90cf2147862f523f71344561869705
a4525d8987253e9a9050fcecffe19d74786e2472
4a8626279a72503f877dbe683fb60913a87f0e1d983e0ba39fb494b98fcea97d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/lander.css HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: text/css
cf-ray: 743d976cd8e5b529-OSL
access-control-allow-origin: *
age: 858
cache-control: public, max-age=1200
etag: W/"630e9cfc-6a514"
expires: Thu, 01 Sep 2022 11:36:02 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=6nKBpuq8iDDai4cYmUVI7MFMYL3WlDzGZ2pSM5tM1yc-1662030962-0-AbTor-WXBloZGXZ-Xo1p5aQVn5qKhk5QFQw5krNY97rdewhRPzuVz_frn-GKWXoez5B5Rnj3bkdOQorzbub3Y3P6JA6OlJZY5MLzpnvnaR_F"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=6nKBpuq8iDDai4cYmUVI7MFMYL3WlDzGZ2pSM5tM1yc-1662030962-0-AbTor-WXBloZGXZ-Xo1p5aQVn5qKhk5QFQw5krNY97rdewhRPzuVz_frn-GKWXoez5B5Rnj3bkdOQorzbub3Y3P6JA6OlJZY5MLzpnvnaR_F; report-to cf-csp-endpoint
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc8ab005623fccad97ec544c1b7ff472
afb4a818db5137fc07b986aa4e5a62ff0032096b
20e90eaeefc4c5e091fd10088cbd47d7774010d1ec9bfa9e00b023919ff47c76

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 11:16:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5003
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 11:16:03 GMT
Last-Modified: Thu, 01 Sep 2022 09:52:40 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

use.fontawesome.com/releases/v5.9.0/css/all.css

172.67.169.247

200 OK

12 kB

URL HTTP/2
use.fontawesome.com/releases/v5.9.0/css/all.css
IP
172.67.169.247:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (55782)
Size
12 kB (12196 bytes)
Hash
86ef4a0c105ab124a2c3949720a9878a
9d9e218cc7e75987efaa5709e61aeb60553a5654
228411fcb1860c6781da6cc6c99ff74c9374cda5d0a8e7cb0c2e9f4aadc6250f

HTTP Headers

GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: text/css
x-amz-id-2: 5R63sGXcq2LptVgWp1Hbu23fLcn6t7yox4MdVDD4fYkPpwwpE0tP8nap3nE7BUsLxb2kn6BawAQ=
x-amz-request-id: FW5J89H89QA35JM6
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2193553
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=faaW9NgqxZzqbju5Dx5jwdk4zUGQmeXeLg%2BnLb4VtLzBwep8Z6f60%2Ba%2BzcM3kgJL9iYArTDWALGPxC%2BmAkAZm0sxL1SWVLI2kUEgHxlBuoQJnOQTYoIdInBEEUftq2B1YuoPl2gQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743d976d1e10b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
345c982ec6af16250abc3cfceefc2aca
66711b2640ee505b079e907bbce2233cad0b687c
b3bac8ebd249787713bae59dd97a45da5d9728d2615a91fa9778c3fc20a8f1e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4310
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 11:16:03 GMT
Last-Modified: Thu, 01 Sep 2022 10:04:13 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Thu, 01 Sep 2022 10:41:12 GMT
expires: Thu, 01 Sep 2022 12:41:12 GMT
cache-control: public, max-age=7200
age: 2091
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1b4a73637dd140aa2a59daa477faa306
7375e688e33e8398841e96d1d8d5a80885a7f744
95be73fc23236be733bc5de76f214a6c9efddf515d7479e1391e95ee1c09441c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 11:16:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (26683 bytes)
Hash
3886a53246a3dfaac5f51aade9081703
3b5d9435d9630584c20a57aac39e497d8eace989
aa1df43802d0b9cd71d4f1beb49efdfe2e6f4665862c2510d90ddeb0ca7453c8

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Ur3gLptfg22CFbN/9uisO08PcxjsubJYNgvYD4JRqN+VKvlfOGaVQLUOLL5kLv4V3yhZMT6MX8oGBVf8Z5AowQ==
content-length: 26683
x-fb-trip-id: 1904183273
date: Thu, 01 Sep 2022 11:16:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.google.com/pagead/conversion_async.js

142.250.74.164

200 OK

16 kB

URL HTTP/2
www.google.com/pagead/conversion_async.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1623)
Size
16 kB (15687 bytes)
Hash
4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a

HTTP Headers

GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 01 Sep 2022 11:16:03 GMT
expires: Thu, 01 Sep 2022 11:16:03 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
345c982ec6af16250abc3cfceefc2aca
66711b2640ee505b079e907bbce2233cad0b687c
b3bac8ebd249787713bae59dd97a45da5d9728d2615a91fa9778c3fc20a8f1e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4310
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 11:16:03 GMT
Last-Modified: Thu, 01 Sep 2022 10:04:13 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1145866c536ee429cd1062cf67702ce1
7a6539548ef7146a32f8375f0c4b549561ea3f54
d20925f628903a9c88f8cf350448ed265d03e2a7ff24221dda6797501cf58a90

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 11:16:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.starfieldtech.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1846 bytes)
Hash
1aa7da27b773d254ded01a50b28cec30
6af1e3fba5b644aeb36507ef5f7bd9246416c830
c18690a730f154e4fb76f93440f861622f4e8a73fc07e500fdd90c0cef27a9b0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 01 Sep 2022 11:16:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Sep 2022 08:31:06 GMT
Expires: Fri, 02 Sep 2022 08:31:06 GMT
ETag: "6af1e3fba5b644aeb36507ef5f7bd9246416c830"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1e230d71fac53f0baf663d169fd0ab4b
e6b9eef8b4169298034c58114a94028a16d426e2
bd490fdde2b281ce5559ad22ea4a954037b546adae591950f47c0d37de1125d6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 11:16:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ed0d982177205beee7fe2a874d759219
86649dcfb3b756df526a4ee83445884902a709eb
ad0c07211b6d2c5f157e4f878bfe57ed6d9a094cf3925f3401b6bdd44ee0fce9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 11:16:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-106500592-1&cid=1570946145.1662030964&jid=1860438175&gjid=449284635&_gid=1898542099.1662030964&_u=YGBAgAABAAAAAE~&z=492823044

142.251.1.156

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-106500592-1&cid=1570946145.1662030964&jid=1860438175&gjid=449284635&_gid=1898542099.1662030964&_u=YGBAgAABAAAAAE~&z=492823044
IP
142.251.1.156:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-106500592-1&cid=1570946145.1662030964&jid=1860438175&gjid=449284635&_gid=1898542099.1662030964&_u=YGBAgAABAAAAAE~&z=492823044 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.saveday-inc.net
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.saveday-inc.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 01 Sep 2022 11:16:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/842761054/?random=1662030963615&cv=9&fst=1662030963615&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8t0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&tiba=SaveDay&auid=2078061120.1662030963&hn=www.google.com&async=1&rfmt=3&fmt=4

216.58.207.226

200 OK

1.0 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/842761054/?random=1662030963615&cv=9&fst=1662030963615&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8t0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&tiba=SaveDay&auid=2078061120.1662030963&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2254), with no line terminators
Size
1.0 kB (1040 bytes)
Hash
f2a43a91e3d958887961f97b4d041f20
87fe5477ca1e33a47d0ffbebb1f9102735bb19d2
e32e2e519a224f7a5bdd91d3fbd2286b7ae3269aea493d5a8a4d2556ca55e01b

HTTP Headers

GET /pagead/viewthroughconversion/842761054/?random=1662030963615&cv=9&fst=1662030963615&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8t0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&tiba=SaveDay&auid=2078061120.1662030963&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 11:16:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1040
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Sep-2022 11:31:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1e230d71fac53f0baf663d169fd0ab4b
e6b9eef8b4169298034c58114a94028a16d426e2
bd490fdde2b281ce5559ad22ea4a954037b546adae591950f47c0d37de1125d6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 11:16:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ed0d982177205beee7fe2a874d759219
86649dcfb3b756df526a4ee83445884902a709eb
ad0c07211b6d2c5f157e4f878bfe57ed6d9a094cf3925f3401b6bdd44ee0fce9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 11:16:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a903e9e44a7d33edea89855b8eb81cc0
7de6f45551976c234c93be2a4966c5ee7832e4ea
e622e37b64b87dc7c04e43c424a030a9d09be1e77066d4b22d57743e91007d57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 11:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/842761054/?random=1662030963615&cv=9&fst=1662030000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&tiba=SaveDay&async=1&fmt=3&is_vtc=1&random=3879187817&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/842761054/?random=1662030963615&cv=9&fst=1662030000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&tiba=SaveDay&async=1&fmt=3&is_vtc=1&random=3879187817&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/842761054/?random=1662030963615&cv=9&fst=1662030000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&tiba=SaveDay&async=1&fmt=3&is_vtc=1&random=3879187817&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 11:16:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a903e9e44a7d33edea89855b8eb81cc0
7de6f45551976c234c93be2a4966c5ee7832e4ea
e622e37b64b87dc7c04e43c424a030a9d09be1e77066d4b22d57743e91007d57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 11:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.facebook.com/tr/?id=1954455964797727&ev=PageView&dl=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&rl=&if=false&ts=1662030963948&sw=1280&sh=1024&v=2.9.78&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1662030963947.1761649430&it=1662030963609&coo=false&rqm=GET

31.13.72.36

200 OK

44 B

URL HTTP/2
www.facebook.com/tr/?id=1954455964797727&ev=PageView&dl=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&rl=&if=false&ts=1662030963948&sw=1280&sh=1024&v=2.9.78&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1662030963947.1761649430&it=1662030963609&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
44 B (44 bytes)
Hash
b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

HTTP Headers

GET /tr/?id=1954455964797727&ev=PageView&dl=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&rl=&if=false&ts=1662030963948&sw=1280&sh=1024&v=2.9.78&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1662030963947.1761649430&it=1662030963609&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
date: Thu, 01 Sep 2022 11:16:04 GMT
expires: Thu, 01 Sep 2022 11:16:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: 
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9809
Expires: Thu, 01 Sep 2022 13:59:33 GMT
Date: Thu, 01 Sep 2022 11:16:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9809
Expires: Thu, 01 Sep 2022 13:59:33 GMT
Date: Thu, 01 Sep 2022 11:16:04 GMT
Connection: keep-alive

app.clickfunnels.com/mailcheck.min.js

104.16.14.194

200 OK

1.6 kB

URL HTTP/2
app.clickfunnels.com/mailcheck.min.js
IP
104.16.14.194:0
ASN
#13335 CLOUDFLARENET

File type
C source, ASCII text, with very long lines (525)
Size
1.6 kB (1642 bytes)
Hash
2c603dcc3c6d8835064b56e074b1a07b
4ff8c777312613311eeeb9ac84f172d138f14482
a484ef588cb69c43b82110036bbebea07678a762d5ce528fd4e70610b9d30986

HTTP Headers

GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: application/x-javascript
cf-ray: 743d976d4ba10b02-OSL
access-control-allow-origin: *
age: 1667
etag: W/"630e9cfc-a8d"
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=4JeIE8tE52QcJ96xed7KRuzaKOPJt16UfBLD3_3EkN4-1662030962-0-AdCMlmVLHmTsQHjdvYuwWBkcXJGK12yECTMyfLYantUoje/g0J9ZeJVEwKrpxl66ytFOTBRAnIVRLr1kWmc7tP7cXYIU8h26hAK5Er9JYwc8; path=/; expires=Thu, 01-Sep-22 11:46:02 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9809
Expires: Thu, 01 Sep 2022 13:59:33 GMT
Date: Thu, 01 Sep 2022 11:16:04 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4a31025-b077-4937-93a3-a0669697b0ee.jpeg

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4a31025-b077-4937-93a3-a0669697b0ee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8044 bytes)
Hash
043263cdba253c3eb4bfa33c95e8ca21
6d814e56d87e2579e51139759fa7dfb8195a6529
9c7cf679c9a6a0d0a2c75a85b13d8407a5e0fe2448d73fced51b45a3e701e9c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4a31025-b077-4937-93a3-a0669697b0ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8044
x-amzn-requestid: 8ea16c8b-f0aa-4ce9-a99d-8e59c51ffb8d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3j7Ge9IAMFQBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2e5-6762d09b569221944f9b7870;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tZWKpWZnFUVhefoWK-AwAYKOsmAcMhTmPXEyWp0BJPKfhgooGpI6xQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:47:20 GMT
age: 48524
etag: "6d814e56d87e2579e51139759fa7dfb8195a6529"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11031 bytes)
Hash
494ba0180ab4b2b80ca11aeb67ae69ab
2082e9f809e97bbcaf6ff11846398aca472f9f0f
c6a707e79315677912fa7cf6ab592abf4377aa76e51ae5149d4bae7e663d6801

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11031
x-amzn-requestid: bd49a4c9-205b-4553-90a3-308ebc6be818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv4hOHzVoAMFl8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd46e-783de8c2461d7cb9167f734e;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mDad6prX28HjnDw7hq0B9vE_BaX9qqrjaOo7A46jhu2S505prB5SJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:11 GMT
age: 49133
etag: "2082e9f809e97bbcaf6ff11846398aca472f9f0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761bec2c-917c-4d76-b30f-d952432e80ae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8243 bytes)
Hash
f6f2d3a00d6d7da233136a2f97288438
db7ad928f5cb3478e16a4827aa1324d5f0441aee
e52e34961bd591a719e421a2c42681ae4e7f53162e708c0e1cd23a032b8c1461

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761bec2c-917c-4d76-b30f-d952432e80ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8243
x-amzn-requestid: cf7ca552-b255-4629-8115-9dd951f9c4c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3i4EKBoAMFxPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2df-38f269ff114135be10791fd7;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4gctfV7TlofTF8DzNbjpedJURjS8oVCK3QDciVxHoCaXPLBj1i-bVw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:31 GMT
etag: "db7ad928f5cb3478e16a4827aa1324d5f0441aee"
content-type: image/jpeg
age: 49113
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

17 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
17 kB (16818 bytes)
Hash
12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: fa921878-2054-453b-b313-681cdd9c9068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj-Z_HUNIAMFltg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b110c-053ce81943fea70c2de7daa0;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 06:54:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 69fDjN-ZeYA8RVO_WGTY1KQHZ1t3PNdWIwq3ax1e1wKmuPODyGCMcQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 14:46:29 GMT
age: 73775
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10137 bytes)
Hash
ac4d5b101c9dc6a6f7e4bf252bfa9ca7
b844f3dcb14a2995644312406a80842e3f02a114
e81f08ce6d9c7670f6e291f3d6a674b624386bd550d5c364264c3ff8fb7c797a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10137
x-amzn-requestid: 7d5f19c4-7c9b-4aad-928c-bb44da795f1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaISzFY1IAMF-zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630720de-0ea5331041f0167a196f9820;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:12:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qYh5Pc0cx8--7rIjlMt8IhDKNDMnZEpC_7xfNBIJxWllyLcG9Eh6xg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 04:34:41 GMT
age: 24083
etag: "b844f3dcb14a2995644312406a80842e3f02a114"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
b0f6c541f6335bb709d2270147bd5aed
b691ef5e7a302e2678302818130a9637c3efbe3a
e63922331a4463519e6df77ae7a1ad3316a36e54dd03c00ff6b119ee3fa684c5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 79dc68ea-ea2e-4eab-bab9-1c89b0a955a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjMSvHJ-oAMF6Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ac0de-2370cf5363d5f308121f0ca4;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 01:11:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAEve6mBQ9a1hr2fBR8xq42pxeG9Kjn4yWaMr4z4On46QC9R1K91pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 14:58:03 GMT
age: 73081
etag: "b691ef5e7a302e2678302818130a9637c3efbe3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

js-agent.newrelic.com/nr-1216.min.js

151.101.86.137

200 OK

14 kB

URL HTTP/2
js-agent.newrelic.com/nr-1216.min.js
IP
151.101.86.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32022)
Size
14 kB (14391 bytes)
Hash
b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa

HTTP Headers

GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 01 Sep 2022 11:16:06 GMT
via: 1.1 varnish
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 5307
x-timer: S1662030966.370046,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2

bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4551&ck=1&ref=https://www.saveday-inc.net/optin1638821352637&ap=496&be=630&fe=4306&dc=1267&perf=%7B%22timing%22:%7B%22of%22:1662030961880,%22n%22:0,%22f%22:435,%22dn%22:443,%22dne%22:443,%22c%22:444,%22s%22:447,%22ce%22:461,%22rq%22:462,%22rp%22:600,%22rpe%22:604,%22dl%22:609,%22di%22:1239,%22ds%22:1266,%22de%22:1379,%22dc%22:4305,%22l%22:4305,%22le%22:4416%7D,%22navigation%22:%7B%7D%7D&fcp=999&jsonp=NREUM.setToken

162.247.241.14

200 OK

77 B

URL HTTP/1.1
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4551&ck=1&ref=https://www.saveday-inc.net/optin1638821352637&ap=496&be=630&fe=4306&dc=1267&perf=%7B%22timing%22:%7B%22of%22:1662030961880,%22n%22:0,%22f%22:435,%22dn%22:443,%22dne%22:443,%22c%22:444,%22s%22:447,%22ce%22:461,%22rq%22:462,%22rp%22:600,%22rpe%22:604,%22dl%22:609,%22di%22:1239,%22ds%22:1266,%22de%22:1379,%22dc%22:4305,%22l%22:4305,%22le%22:4416%7D,%22navigation%22:%7B%7D%7D&fcp=999&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef

HTTP Headers

GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4551&ck=1&ref=https://www.saveday-inc.net/optin1638821352637&ap=496&be=630&fe=4306&dc=1267&perf=%7B%22timing%22:%7B%22of%22:1662030961880,%22n%22:0,%22f%22:435,%22dn%22:443,%22dne%22:443,%22c%22:444,%22s%22:447,%22ce%22:461,%22rq%22:462,%22rp%22:600,%22rpe%22:604,%22dl%22:609,%22di%22:1239,%22ds%22:1266,%22de%22:1379,%22dc%22:4305,%22l%22:4305,%22le%22:4416%7D,%22navigation%22:%7B%7D%7D&fcp=999&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 11:16:06 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 743d97851b4cb529-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=914b42da07b73ccc; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

app.clickfunnels.com/userevents/?funnel_id=TERuLzlMT1QyUmI2cjl6Z2dmZGpRdz09LS0yU09hdVpNTlhWUkVwVnRZRkozRVpRPT0%3D--f8d9c12fd70f7382ad04147506224e188f8d67d9&page_id=ZURDMEF1VEdnK29jY1ZnM3lLZGJBUT09LS1Nc2x6YkhxTEk4TlY3RXlpZlBMM0Z3PT0%3D--540424eab81e55586376c7ede8b78065b59557c1&funnel_step_id=dFMxNStYQ1lnNmFEbE9jZkxlUGpjZz09LS1KdGQ1V244dExTSDQ5TG9UK0JhNGZnPT0%3D--a7bbb107fd353a7d3ed15d79f62491b19266ef83&user_id=MThHRmdSNXYvR3YvVy9zeENKTzZlZz09LS1UNmJ1RkZ3ZU1qamo1TkYxd285RHRnPT0%3D--60a5a656a5aa3e8c8000061a647bf3f7b4290bcb&account_id=MnRualZFVHBndlU0VEtJelJzQU5XUT09LS02bGx2czdQYmphL2pWTGRuQ0IySlV3PT0%3D--098aa40c0a1cf7f3fb301d9f6a197c070efd50be&page_code=NTIwOTg4ODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=a7b51d15-eb74-4341-a296-0a7bbb2fc6e8&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637

104.16.14.194

202 Accepted

0 B

URL HTTP/2
app.clickfunnels.com/userevents/?funnel_id=TERuLzlMT1QyUmI2cjl6Z2dmZGpRdz09LS0yU09hdVpNTlhWUkVwVnRZRkozRVpRPT0%3D--f8d9c12fd70f7382ad04147506224e188f8d67d9&page_id=ZURDMEF1VEdnK29jY1ZnM3lLZGJBUT09LS1Nc2x6YkhxTEk4TlY3RXlpZlBMM0Z3PT0%3D--540424eab81e55586376c7ede8b78065b59557c1&funnel_step_id=dFMxNStYQ1lnNmFEbE9jZkxlUGpjZz09LS1KdGQ1V244dExTSDQ5TG9UK0JhNGZnPT0%3D--a7bbb107fd353a7d3ed15d79f62491b19266ef83&user_id=MThHRmdSNXYvR3YvVy9zeENKTzZlZz09LS1UNmJ1RkZ3ZU1qamo1TkYxd285RHRnPT0%3D--60a5a656a5aa3e8c8000061a647bf3f7b4290bcb&account_id=MnRualZFVHBndlU0VEtJelJzQU5XUT09LS02bGx2czdQYmphL2pWTGRuQ0IySlV3PT0%3D--098aa40c0a1cf7f3fb301d9f6a197c070efd50be&page_code=NTIwOTg4ODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=a7b51d15-eb74-4341-a296-0a7bbb2fc6e8&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637
IP
104.16.14.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /userevents/?funnel_id=TERuLzlMT1QyUmI2cjl6Z2dmZGpRdz09LS0yU09hdVpNTlhWUkVwVnRZRkozRVpRPT0%3D--f8d9c12fd70f7382ad04147506224e188f8d67d9&page_id=ZURDMEF1VEdnK29jY1ZnM3lLZGJBUT09LS1Nc2x6YkhxTEk4TlY3RXlpZlBMM0Z3PT0%3D--540424eab81e55586376c7ede8b78065b59557c1&funnel_step_id=dFMxNStYQ1lnNmFEbE9jZkxlUGpjZz09LS1KdGQ1V244dExTSDQ5TG9UK0JhNGZnPT0%3D--a7bbb107fd353a7d3ed15d79f62491b19266ef83&user_id=MThHRmdSNXYvR3YvVy9zeENKTzZlZz09LS1UNmJ1RkZ3ZU1qamo1TkYxd285RHRnPT0%3D--60a5a656a5aa3e8c8000061a647bf3f7b4290bcb&account_id=MnRualZFVHBndlU0VEtJelJzQU5XUT09LS02bGx2czdQYmphL2pWTGRuQ0IySlV3PT0%3D--098aa40c0a1cf7f3fb301d9f6a197c070efd50be&page_code=NTIwOTg4ODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=a7b51d15-eb74-4341-a296-0a7bbb2fc6e8&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.saveday-inc.net
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Thu, 01 Sep 2022 11:16:03 GMT
content-type: text/html
cf-ray: 743d97708f2a0b02-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 50dc18d492937ad0b1125d90454ce656
x-runtime: 0.041022
set-cookie: __cf_bm=43NpW5pBndr92UKhPbaZlqn2XDGWbb3cFRmVtAAZa_c-1662030963-0-AXtG3CAOU8Fe5+mTGpcW/W0hPOnu8zSi1TKAJ1MZKYSUsldt01fAMun1gKVkmcyy71fkahSXHe3BcAXSPJEimmhzdIu6ZPIQu3OoTxQrHzdZ; path=/; expires=Thu, 01-Sep-22 11:46:03 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.9.0/css/v4-shims.css

172.67.169.247

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP
172.67.169.247:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: text/css
x-amz-id-2: 29dQf2WVNOHot5Ay8pBeGC9Jp0pul03AFXB61uD4zFysCnT6qW6VHySxi6MC8oLZjApsDY/NPq0=
x-amz-request-id: B6FTANBTWNEFCW5M
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2115149
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxIPmOsgqsWxLmZvvGo9L5u6giySXfY0KuEhaK3V73YtVdmiYWjGupGZAlwNSaLC6GFhPx9S6m89rb56jNDeZhPTUE6GhLg5a%2BjnCQmtCPEPEhsH6rHrfzVeyasHSDrfG8EFxV8j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743d976d1e13b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.saveday-inc.net/assets/lander.js

104.16.16.194

200 OK

0 B

URL HTTP/2
www.saveday-inc.net/assets/lander.js
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/lander.js HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: application/x-javascript
cf-ray: 743d976cf92eb529-OSL
access-control-allow-origin: *
age: 782
cache-control: public, max-age=1200
etag: W/"630e9d40-238fd1"
expires: Thu, 01 Sep 2022 11:36:02 GMT
last-modified: Tue, 30 Aug 2022 23:29:04 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

prospectrmktg.com/1410/st46?s=X33W9DWW-9EX0-C65Y-9638-F1E0E32WD83A&p=https%3A//www.saveday-inc.net/optin1638821352637&r=

199.103.4.90

200 OK

0 B

URL HTTP/1.1
prospectrmktg.com/1410/st46?s=X33W9DWW-9EX0-C65Y-9638-F1E0E32WD83A&p=https%3A//www.saveday-inc.net/optin1638821352637&r=
IP
199.103.4.90:0
ASN
#22663 PROMINIC-NET-INC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1410/st46?s=X33W9DWW-9EX0-C65Y-9638-F1E0E32WD83A&p=https%3A//www.saveday-inc.net/optin1638821352637&r= HTTP/1.1
Host: prospectrmktg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 11:16:07 GMT
Connection: close
Content-Type: image/png
Strict-Transport-Security: max-age=604800

www.saveday-inc.net/cdn-cgi/rum?

104.16.16.194

200 OK

0 B

URL HTTP/2
www.saveday-inc.net/cdn-cgi/rum?
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 431
Origin: https://www.saveday-inc.net
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTIwOTg4ODA=:visited=true; cf:visitor_id=431bda82-6c56-4f1f-aedf-2f6826dfdc91; addevent_track_cookie=d4b7c6fb-5459-44a8-4031-327a3ab66bf0; _gcl_au=1.1.2078061120.1662030963; _ga=GA1.2.1570946145.1662030964; _gid=GA1.2.1898542099.1662030964; _dc_gtm_UA-106500592-1=1; _fbp=fb.1.1662030963947.1761649430; is_eu=false; puj70qegsxmgi00v=true; 11661049_viewed_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.saveday-inc.net
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 743d97a18a79b529-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

www.saveday-inc.net/assets/pushcrew.js

104.16.16.194

200 OK

0 B

URL HTTP/2
www.saveday-inc.net/assets/pushcrew.js
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/pushcrew.js HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: application/x-javascript
cf-ray: 743d976d0943b529-OSL
access-control-allow-origin: *
age: 546
cache-control: public, max-age=1200
etag: W/"630e9cfb-27d"
expires: Thu, 01 Sep 2022 11:36:02 GMT
last-modified: Tue, 30 Aug 2022 23:27:55 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

app.clickfunnels.com/images/closemodal.png

104.16.14.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/images/closemodal.png
IP
104.16.14.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/closemodal.png HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: image/webp
cf-ray: 743d976d4ba20b02-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 60624
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "630e9cfc-314"
expires: Sun, 02 Oct 2022 11:16:02 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
set-cookie: __cf_bm=6UzkWJNvEiH1iyr3rZ0KMbvcT6oz6oeDaOKm5QYqfjY-1662030962-0-AVfNmydMLnxiSRzQtEdiGCT2xSjLaFGYlFaBYmVVyR2xe7msl80IP1IE1OcdjBTrTNAC5bT+Jm/+BbbaZ47IyL9TrJvszbzTIvc9Hb6IkEhV; path=/; expires=Thu, 01-Sep-22 11:46:02 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

www.saveday-inc.net/cdn-cgi/rum?

104.16.16.194

200 OK

0 B

URL HTTP/2
www.saveday-inc.net/cdn-cgi/rum?
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 16708
Origin: https://www.saveday-inc.net
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTIwOTg4ODA=:visited=true; cf:visitor_id=431bda82-6c56-4f1f-aedf-2f6826dfdc91; addevent_track_cookie=d4b7c6fb-5459-44a8-4031-327a3ab66bf0; _gcl_au=1.1.2078061120.1662030963; _ga=GA1.2.1570946145.1662030964; _gid=GA1.2.1898542099.1662030964; _dc_gtm_UA-106500592-1=1; _fbp=fb.1.1662030963947.1761649430
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.saveday-inc.net
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 743d97845a50b529-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

172.64.156.26

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP
172.64.156.26:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.saveday-inc.net
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 743d976d5a9b0b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=TERuLzlMT1QyUmI2cjl6Z2dmZGpRdz09LS0yU09hdVpNTlhWUkVwVnRZRkozRVpRPT0%3D--f8d9c12fd70f7382ad04147506224e188f8d67d9&page_id=ZURDMEF1VEdnK29jY1ZnM3lLZGJBUT09LS1Nc2x6YkhxTEk4TlY3RXlpZlBMM0Z3PT0%3D--540424eab81e55586376c7ede8b78065b59557c1&funnel_step_id=dFMxNStYQ1lnNmFEbE9jZkxlUGpjZz09LS1KdGQ1V244dExTSDQ5TG9UK0JhNGZnPT0%3D--a7bbb107fd353a7d3ed15d79f62491b19266ef83&user_id=MThHRmdSNXYvR3YvVy9zeENKTzZlZz09LS1UNmJ1RkZ3ZU1qamo1TkYxd285RHRnPT0%3D--60a5a656a5aa3e8c8000061a647bf3f7b4290bcb&account_id=MnRualZFVHBndlU0VEtJelJzQU5XUT09LS02bGx2czdQYmphL2pWTGRuQ0IySlV3PT0%3D--098aa40c0a1cf7f3fb301d9f6a197c070efd50be&page_code=NTIwOTg4ODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=726c224e-7a78-4897-b932-c8ab72a7af41&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637

104.16.14.194

202 Accepted

0 B

URL HTTP/2
app.clickfunnels.com/userevents/?funnel_id=TERuLzlMT1QyUmI2cjl6Z2dmZGpRdz09LS0yU09hdVpNTlhWUkVwVnRZRkozRVpRPT0%3D--f8d9c12fd70f7382ad04147506224e188f8d67d9&page_id=ZURDMEF1VEdnK29jY1ZnM3lLZGJBUT09LS1Nc2x6YkhxTEk4TlY3RXlpZlBMM0Z3PT0%3D--540424eab81e55586376c7ede8b78065b59557c1&funnel_step_id=dFMxNStYQ1lnNmFEbE9jZkxlUGpjZz09LS1KdGQ1V244dExTSDQ5TG9UK0JhNGZnPT0%3D--a7bbb107fd353a7d3ed15d79f62491b19266ef83&user_id=MThHRmdSNXYvR3YvVy9zeENKTzZlZz09LS1UNmJ1RkZ3ZU1qamo1TkYxd285RHRnPT0%3D--60a5a656a5aa3e8c8000061a647bf3f7b4290bcb&account_id=MnRualZFVHBndlU0VEtJelJzQU5XUT09LS02bGx2czdQYmphL2pWTGRuQ0IySlV3PT0%3D--098aa40c0a1cf7f3fb301d9f6a197c070efd50be&page_code=NTIwOTg4ODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=726c224e-7a78-4897-b932-c8ab72a7af41&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637
IP
104.16.14.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /userevents/?funnel_id=TERuLzlMT1QyUmI2cjl6Z2dmZGpRdz09LS0yU09hdVpNTlhWUkVwVnRZRkozRVpRPT0%3D--f8d9c12fd70f7382ad04147506224e188f8d67d9&page_id=ZURDMEF1VEdnK29jY1ZnM3lLZGJBUT09LS1Nc2x6YkhxTEk4TlY3RXlpZlBMM0Z3PT0%3D--540424eab81e55586376c7ede8b78065b59557c1&funnel_step_id=dFMxNStYQ1lnNmFEbE9jZkxlUGpjZz09LS1KdGQ1V244dExTSDQ5TG9UK0JhNGZnPT0%3D--a7bbb107fd353a7d3ed15d79f62491b19266ef83&user_id=MThHRmdSNXYvR3YvVy9zeENKTzZlZz09LS1UNmJ1RkZ3ZU1qamo1TkYxd285RHRnPT0%3D--60a5a656a5aa3e8c8000061a647bf3f7b4290bcb&account_id=MnRualZFVHBndlU0VEtJelJzQU5XUT09LS02bGx2czdQYmphL2pWTGRuQ0IySlV3PT0%3D--098aa40c0a1cf7f3fb301d9f6a197c070efd50be&page_code=NTIwOTg4ODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=726c224e-7a78-4897-b932-c8ab72a7af41&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.saveday-inc.net
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Thu, 01 Sep 2022 11:16:03 GMT
content-type: text/html
cf-ray: 743d97709f330b02-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: c897333820adf04d317e991740ee03a6
x-runtime: 0.035976
set-cookie: __cf_bm=6rAFLiDX1k_uIsTYuOWoT.rJ953DJl6LZ5W.DvS4mbY-1662030963-0-AcTEtmslc7SmtCw/vzJDozM9yhb5rHKHkXwOYamZEmsCphPjvSa/JHZCLvBuy63kZ+Kk5RrHnKXx3D0gP9oAE2bNazQgqVBhJCokye+5VLwA; path=/; expires=Thu, 01-Sep-22 11:46:03 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=TERuLzlMT1QyUmI2cjl6Z2dmZGpRdz09LS0yU09hdVpNTlhWUkVwVnRZRkozRVpRPT0%3D--f8d9c12fd70f7382ad04147506224e188f8d67d9&page_id=ZURDMEF1VEdnK29jY1ZnM3lLZGJBUT09LS1Nc2x6YkhxTEk4TlY3RXlpZlBMM0Z3PT0%3D--540424eab81e55586376c7ede8b78065b59557c1&funnel_step_id=dFMxNStYQ1lnNmFEbE9jZkxlUGpjZz09LS1KdGQ1V244dExTSDQ5TG9UK0JhNGZnPT0%3D--a7bbb107fd353a7d3ed15d79f62491b19266ef83&user_id=MThHRmdSNXYvR3YvVy9zeENKTzZlZz09LS1UNmJ1RkZ3ZU1qamo1TkYxd285RHRnPT0%3D--60a5a656a5aa3e8c8000061a647bf3f7b4290bcb&account_id=MnRualZFVHBndlU0VEtJelJzQU5XUT09LS02bGx2czdQYmphL2pWTGRuQ0IySlV3PT0%3D--098aa40c0a1cf7f3fb301d9f6a197c070efd50be&page_code=NTIwOTg4ODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=1452e5fc-4b9e-42bb-bdbd-761d5b9a9ead&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637

104.16.14.194

202 Accepted

0 B

URL HTTP/2
app.clickfunnels.com/userevents/?funnel_id=TERuLzlMT1QyUmI2cjl6Z2dmZGpRdz09LS0yU09hdVpNTlhWUkVwVnRZRkozRVpRPT0%3D--f8d9c12fd70f7382ad04147506224e188f8d67d9&page_id=ZURDMEF1VEdnK29jY1ZnM3lLZGJBUT09LS1Nc2x6YkhxTEk4TlY3RXlpZlBMM0Z3PT0%3D--540424eab81e55586376c7ede8b78065b59557c1&funnel_step_id=dFMxNStYQ1lnNmFEbE9jZkxlUGpjZz09LS1KdGQ1V244dExTSDQ5TG9UK0JhNGZnPT0%3D--a7bbb107fd353a7d3ed15d79f62491b19266ef83&user_id=MThHRmdSNXYvR3YvVy9zeENKTzZlZz09LS1UNmJ1RkZ3ZU1qamo1TkYxd285RHRnPT0%3D--60a5a656a5aa3e8c8000061a647bf3f7b4290bcb&account_id=MnRualZFVHBndlU0VEtJelJzQU5XUT09LS02bGx2czdQYmphL2pWTGRuQ0IySlV3PT0%3D--098aa40c0a1cf7f3fb301d9f6a197c070efd50be&page_code=NTIwOTg4ODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=1452e5fc-4b9e-42bb-bdbd-761d5b9a9ead&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637
IP
104.16.14.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /userevents/?funnel_id=TERuLzlMT1QyUmI2cjl6Z2dmZGpRdz09LS0yU09hdVpNTlhWUkVwVnRZRkozRVpRPT0%3D--f8d9c12fd70f7382ad04147506224e188f8d67d9&page_id=ZURDMEF1VEdnK29jY1ZnM3lLZGJBUT09LS1Nc2x6YkhxTEk4TlY3RXlpZlBMM0Z3PT0%3D--540424eab81e55586376c7ede8b78065b59557c1&funnel_step_id=dFMxNStYQ1lnNmFEbE9jZkxlUGpjZz09LS1KdGQ1V244dExTSDQ5TG9UK0JhNGZnPT0%3D--a7bbb107fd353a7d3ed15d79f62491b19266ef83&user_id=MThHRmdSNXYvR3YvVy9zeENKTzZlZz09LS1UNmJ1RkZ3ZU1qamo1TkYxd285RHRnPT0%3D--60a5a656a5aa3e8c8000061a647bf3f7b4290bcb&account_id=MnRualZFVHBndlU0VEtJelJzQU5XUT09LS02bGx2czdQYmphL2pWTGRuQ0IySlV3PT0%3D--098aa40c0a1cf7f3fb301d9f6a197c070efd50be&page_code=NTIwOTg4ODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=1452e5fc-4b9e-42bb-bdbd-761d5b9a9ead&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.saveday-inc.net
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Thu, 01 Sep 2022 11:16:03 GMT
content-type: text/html
cf-ray: 743d97708f300b02-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 19c0f2aea9ea77d734e2e749473d4a7f
x-runtime: 0.037292
set-cookie: __cf_bm=0ZEB8Y1exSdiNdlvm2lM1z1lKas1.Q70aSXJDxZ4_Uw-1662030963-0-ASXE7zwEGwNW5wljcCpg5IE9vwZrQ/AJbD4xuWH5fne1lPNNGjaS6Z1BSRhiheKsFMBwTPfgFa+zC1QGmNBNzav/QPglVh1HeftMiU9i1FNB; path=/; expires=Thu, 01-Sep-22 11:46:03 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

www.saveday-inc.net/images/background.png?_unique=0.521692029812692&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.saveday-inc.net/optin1638821352637&_title=SaveDay&_key=fq1volzp&_page_key=puj70qegsxmgi00v&_fid=11661049&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.saveday-inc.net/optin1638821352637&_referrer=

104.16.16.194

200 OK

0 B

URL HTTP/2
www.saveday-inc.net/images/background.png?_unique=0.521692029812692&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.saveday-inc.net/optin1638821352637&_title=SaveDay&_key=fq1volzp&_page_key=puj70qegsxmgi00v&_fid=11661049&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.saveday-inc.net/optin1638821352637&_referrer=
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/background.png?_unique=0.521692029812692&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.saveday-inc.net/optin1638821352637&_title=SaveDay&_key=fq1volzp&_page_key=puj70qegsxmgi00v&_fid=11661049&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.saveday-inc.net/optin1638821352637&_referrer= HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTIwOTg4ODA=:visited=true; cf:visitor_id=431bda82-6c56-4f1f-aedf-2f6826dfdc91; addevent_track_cookie=d4b7c6fb-5459-44a8-4031-327a3ab66bf0; _gcl_au=1.1.2078061120.1662030963; _ga=GA1.2.1570946145.1662030964; _gid=GA1.2.1898542099.1662030964; _dc_gtm_UA-106500592-1=1; _fbp=fb.1.1662030963947.1761649430
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:06 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 743d9783994fb529-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store, private
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 296b5ab76ec67f7409695455964c589f
x-runtime: 0.018122
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.saveday-inc.net/vendor.js

104.16.16.194

200 OK

0 B

URL HTTP/2
www.saveday-inc.net/vendor.js
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vendor.js HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:03 GMT
content-type: application/javascript
cf-ray: 743d97705d83b529-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss, store
x-request-id: 8159298b09fbce3ec5ae1259a6511998
x-runtime: 0.016483
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.saveday-inc.net/assets/userevents/application.js

104.16.16.194

200 OK

0 B

URL HTTP/2
www.saveday-inc.net/assets/userevents/application.js
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/userevents/application.js HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:02 GMT
content-type: application/x-javascript
cf-ray: 743d976ce8f1b529-OSL
access-control-allow-origin: *
age: 858
cache-control: public, max-age=1200
etag: W/"630e9cfc-1353"
expires: Thu, 01 Sep 2022 11:36:02 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=XRaHgq_h9ghv1i.nkqkVT8VM0y_GE3AxNxAJ43yB11M-1662030962-0-ARpkby0gmHANq2l5PMx5B-apnKt-yVBfTnS4EiZO2vA7SSxon52y8Xm-V9eXGOyzVVFb6qLq0bSfOaj9jirtp4luH1iSDD7D3mdKPBFA72FS"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=XRaHgq_h9ghv1i.nkqkVT8VM0y_GE3AxNxAJ43yB11M-1662030962-0-ARpkby0gmHANq2l5PMx5B-apnKt-yVBfTnS4EiZO2vA7SSxon52y8Xm-V9eXGOyzVVFb6qLq0bSfOaj9jirtp4luH1iSDD7D3mdKPBFA72FS; report-to cf-csp-endpoint
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.saveday-inc.net/favicon.ico

104.16.16.194

200 OK

0 B

URL HTTP/2
www.saveday-inc.net/favicon.ico
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=YLJZ3i9vh3W32lAo54yZZ5SyYrCkbMpu.LYvoZvth20-1662030962-0-AaxCifhlBnI1MoWCeCgDMwKze+/Cxq9/tuPf22I/LNNZ3VQn882og+0nZnqToDB8eFlW/g9+pjleSfPoTGLKm2Pz5byyuoRbrTiWz81CPLJi; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTIwOTg4ODA=:visited=true; cf:visitor_id=431bda82-6c56-4f1f-aedf-2f6826dfdc91; addevent_track_cookie=d4b7c6fb-5459-44a8-4031-327a3ab66bf0; _gcl_au=1.1.2078061120.1662030963
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Sep 2022 11:16:03 GMT
content-type: image/x-icon
cf-ray: 743d9772b928b529-OSL
access-control-allow-origin: *
etag: W/"630e9cfc-3aee"
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: EXPIRED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (32)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations