Report - dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87

Report Overview

Submitted URL
dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
IP
172.67.129.48
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-04 00:05:25
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.no	25607	2001-02-26	2016-04-05	2023-06-03	526 B	578 B	142.250.74.131
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2023-06-03	1.4 kB	880 B	216.239.32.36
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-06-03	482 B	28 kB	142.250.74.106
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2023-06-03	468 B	6.0 kB	104.17.24.14
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-03	2.7 kB	5.6 kB	142.250.74.131
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-06-03	428 B	88 kB	142.250.74.168
dailyoffertoyou.com	unknown	2022-12-06	2022-12-06	2023-06-03	7.8 kB	885 kB	104.21.1.113
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-03	1.6 kB	148 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-06-03	medium	dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-06-04	medium	dailyoffertoyou.com
2023-06-04	medium	dailyoffertoyou.com
2023-06-04	medium	dailyoffertoyou.com
2023-06-04	medium	dailyoffertoyou.com
2023-06-04	medium	dailyoffertoyou.com
2023-06-04	medium	dailyoffertoyou.com
2023-06-04	medium	dailyoffertoyou.com
2023-06-04	medium	dailyoffertoyou.com
2023-06-04	medium	dailyoffertoyou.com
2023-06-04	medium	dailyoffertoyou.com
2023-06-04	medium	dailyoffertoyou.com
2023-06-04	medium	dailyoffertoyou.com
2023-06-04	medium	dailyoffertoyou.com
2023-06-04	medium	dailyoffertoyou.com
2023-06-04	medium	dailyoffertoyou.com
2023-06-04	medium	dailyoffertoyou.com

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87	1.5 kB	2023-03-07	2023-11-16
Pretty URL dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87 IP 104.21.1.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 18:05:48 Last Seen2023-11-16 18:40:04 Times Seen28 Hash 3c53728ed19eca91edcf0bfd75377415 d417535f09654ce4a9a08de504f404bb60c51288 895792219d726de78b9fc7722220899aed3a890e6281acd0dc0943b09fbd46ff Loading...

	www.googletagmanager.com/gtag/js?id=G-MB2WV0SZV7	259 kB	2023-06-04	2023-06-04
Pretty URL www.googletagmanager.com/gtag/js?id=G-MB2WV0SZV7 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-04 02:05:27 Last Seen2023-06-04 02:05:27 Times Seen2 Hash f5212fd8ce6aa1bcb0d9c03215e02903 c21fceeeb52ecad08fc9ed48c6f39a09ecadbb85 6dd07e2ef83aea67303a8ea1061f1310c3bf62f3840684d20694f4a9d6e47db6 Loading...

	dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87	144 B	2023-04-26	2024-04-15
Pretty URL dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87 IP 104.21.1.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-26 20:30:02 Last Seen2024-04-15 20:04:16 Times Seen156 Hash 9865e082ce464be3e92b96e7240f9480 c0cb21290b77c70bb873d932ef5e8fc6d6ce70c3 cbacaccc01608e175df4cd24b8e10ab4f4e4b6708013b709250519be4b29affd Loading...

	dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87	413 B	2023-03-07	2023-11-16
Pretty URL dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87 IP 104.21.1.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:20:36 Last Seen2023-11-16 18:40:04 Times Seen30 Hash c8cd1e856e12074801be9eeb877a7139 e47c2c4ab1baf73bffbef728839bee4ef03a231a 389d2a62eeb476795625b490ccf167e70507d0a23ab19da7fb4ffef8ae27f47a Loading...

	dailyoffertoyou.com/CH-SPOST-T230523/js/jquery.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL dailyoffertoyou.com/CH-SPOST-T230523/js/jquery.min.js IP 104.21.1.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-26 10:26:38 Times Seen25944 Hash 4b57cf46dc8cb95c4cca54afc85e9540 05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855 Loading...

	dailyoffertoyou.com/CH-SPOST-T230523/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-26
Pretty URL dailyoffertoyou.com/CH-SPOST-T230523/js/bootstrap.min.js IP 104.21.1.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-26 16:13:23 Times Seen54688 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87	648 B	2023-03-07	2024-04-15
Pretty URL dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87 IP 104.21.1.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:03:18 Last Seen2024-04-15 06:30:57 Times Seen72 Hash 2d5ff87bd406e86a08b1c913946cfe9b a0d502a1c59a1efe16dc3ab0f6ffaa72e563e774 b9a28410259fbf8516580bd05a411ebb77be51701d34e159e1fce4b044df0290 Loading...

	dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87	593 B	2023-03-07	2023-11-16
Pretty URL dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87 IP 104.21.1.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 18:05:48 Last Seen2023-11-16 18:40:04 Times Seen28 Hash 9a1152c48e886a8ea7cfa6245420fbaf 341a45abc48097dabf4918e0c0d90090167faaf7 97ca4f4a591efdaf666e4b2c4824c3af4423e4e9e899fd018ef2605b838aaede Loading...

HTTP Transactions (33)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css

104.17.24.14

200 OK

5.0 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (27303)
Size
5.0 kB (4972 bytes)
Hash
4fbd15cb6047af93373f4f895639c8bf
12d6861075de8e293265ff6ff03b1f3adcb44c76
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

HTTP Headers

GET /ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Jun 2023 00:05:07 GMT
content-type: text/css; charset=utf-8
content-length: 4972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-6b4a"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 450701
expires: Fri, 24 May 2024 00:05:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83NuxjFgYQRwSTCslPVPPdpK57DtGx1vA8y7KsVUf2XpxKqhHukdoTs1rKI4cBYu3NJV5IEHZhB3X9HFwhzxNof82Ak5JbBn25bO6ELnK3bRh2GDGjh2d1LrlF%2B9ke2N7JtVviE%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d1bec21dfd1b524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0c2c7b69894efc120cd8bab945a227b2
11800be962b5b0cf260591d3c55113d217cbfa3b
61fdd82d5869d4eb3e250031c6a63be89e282cfdc50e3a7f04de1e6ba17044f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 00:05:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-MB2WV0SZV7

142.250.74.168

200 OK

88 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-MB2WV0SZV7
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type
ASCII text, with very long lines (5858)
Size
88 kB (87818 bytes)
Hash
f5212fd8ce6aa1bcb0d9c03215e02903
c21fceeeb52ecad08fc9ed48c6f39a09ecadbb85
6dd07e2ef83aea67303a8ea1061f1310c3bf62f3840684d20694f4a9d6e47db6

HTTP Headers

GET /gtag/js?id=G-MB2WV0SZV7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Jun 2023 00:05:07 GMT
expires: Sun, 04 Jun 2023 00:05:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87818
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8543a104bf352a1cf8ad1bf2e07100a2
ce7140bcab4ded21050f0249e87e9e0afdd1f94a
06a7f106970ad07a284048a8847a60121e6d64ba0baabcc00e701491aee183fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 00:05:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dailyoffertoyou.com/CH-SPOST-T230523/img/crt.png

104.21.1.113

200 OK

351 B

URL GET HTTP/3
dailyoffertoyou.com/CH-SPOST-T230523/img/crt.png
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
PNG image data, 34 x 30, 8-bit colormap, non-interlaced\012- data
Size
351 B (351 bytes)
Hash
16c71a7ef2654b22c4b093187161f051
db8a054fc6c6324ca3e8be24e1fbd9eb3ae1e4b3
8fec42adebd0b6ff631af67e548efd23d38e20e20c6d1bbacc55479bae421c69

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /CH-SPOST-T230523/img/crt.png HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:05:08 GMT
content-type: image/png
content-length: 351
last-modified: Tue, 23 May 2023 06:55:25 GMT
etag: "15f-5fc56df29d140"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xm%2B%2BqJiGGWxA%2Byeawg%2B%2BLnhxDISoH%2B%2BzyyJC1YZ%2BUG1aKNgRqMfxZu7pSxg23lyT6KXUlJ2Lbhg8souQfi1%2BI%2B12rOHI267c1HLwjwpx%2F91D%2B2MOXCqgOwydvojQWgUDz5X8nfcj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bec21cde6069b-OSL
alt-svc: h3=":443"; ma=86400

dailyoffertoyou.com/CH-SPOST-T230523/img/line.png

104.21.1.113

200 OK

1.0 kB

URL GET HTTP/3
dailyoffertoyou.com/CH-SPOST-T230523/img/line.png
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
PNG image data, 800 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1031 bytes)
Hash
7029590a3d2131430c5f73a7f4dd1a77
77bb9d47965a9885babe74d625f002c97a815b19
341fba7a020cee1253f1219e53d83398f630361c56e8e347f3ade8af818e3484

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /CH-SPOST-T230523/img/line.png HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:05:08 GMT
content-type: image/png
content-length: 1031
last-modified: Tue, 23 May 2023 06:23:56 GMT
etag: "407-5fc566e91f700"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buMGK%2BV42XBUwtq0%2FMiowgMA1oktc16MDGMropmZtD4MHWhbvAwsPHWcbbs6zkbfytZ2vWYjyM51ua%2B1VkPNS3%2FYENmK%2B2SHlBJ6KSE0Iq%2BpAc%2FIW7k0hvkIIdBVXJ8T9Sbef9pB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bec21cdea069b-OSL
alt-svc: h3=":443"; ma=86400

dailyoffertoyou.com/CH-SPOST-T230523/img/btn.png

104.21.1.113

200 OK

766 B

URL GET HTTP/3
dailyoffertoyou.com/CH-SPOST-T230523/img/btn.png
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
PNG image data, 36 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
766 B (766 bytes)
Hash
f282efbc03f0b10d081fa10aef14d72f
091907964ff17fcac91e341ce7f0849e0cd4d412
87a93432361bc3166ee2d8848c42e22a27ac8c16354e644bd3dc9ee918b86a19

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /CH-SPOST-T230523/img/btn.png HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:05:08 GMT
content-type: image/png
content-length: 766
last-modified: Tue, 23 May 2023 06:23:05 GMT
etag: "2fe-5fc566b87c440"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BNMhBrHdjdfmqA2bocTOd7KZ%2FPr73ZsPi0%2Fum%2BhuFmi2hJV2T4iBJkP7eRl4FHefoGNWY%2BRCg0nANvAq8VTPYZc0icXUNpQ3nRquGyCMqBkJOmFpC%2FpdTFRmZ26miS8SfjSz79y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bec21cde8069b-OSL
alt-svc: h3=":443"; ma=86400

dailyoffertoyou.com/CH-SPOST-T230523/img/loader.gif

104.21.1.113

200 OK

4.8 kB

URL GET HTTP/3
dailyoffertoyou.com/CH-SPOST-T230523/img/loader.gif
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
GIF image data, version 89a, 64 x 64\012- data
Size
4.8 kB (4750 bytes)
Hash
ae8189a1eda896ee867dcd220d45eef6
7b7d57afc61a50d7e6a6362de88da28198239cc8
c297929a72964c7cfe17e2dfd5d17c15c2c03243b6cec7f67a3929030fbf8c3d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /CH-SPOST-T230523/img/loader.gif HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:05:08 GMT
content-type: image/gif
content-length: 4750
last-modified: Tue, 23 May 2023 06:23:58 GMT
etag: "128e-5fc566eb07b80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuJj4aHiaNVChqrbe8Li%2BKt7igTESSmpd%2FHYcXspZP4aBO7927LWg0wdAUJf%2FKsOo3yO09xNxvwkbRt4FkYYNHz90Is887K2Ij66AK0MCh3RtSziLFdn9IGeQ2k0u%2FBn8C2Egbxs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bec21cde9069b-OSL
alt-svc: h3=":443"; ma=86400

dailyoffertoyou.com/CH-SPOST-T230523/img/scl2.png

104.21.1.113

200 OK

5.2 kB

URL GET HTTP/3
dailyoffertoyou.com/CH-SPOST-T230523/img/scl2.png
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
PNG image data, 232 x 139, 8-bit/color RGBA, non-interlaced\012- data
Size
5.2 kB (5161 bytes)
Hash
6f1c9e790dba54aa2005e6f87a33f007
6185a50f4bab2628d664f752aaac2ee330be2c8d
6a76fbc151144fdf5b3388534b62f19b3906aec975d49975468e64075722773e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /CH-SPOST-T230523/img/scl2.png HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:05:08 GMT
content-type: image/png
content-length: 5161
last-modified: Tue, 23 May 2023 06:25:51 GMT
etag: "1429-5fc56756cb9c0"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7In%2BCd%2FGd%2F8U%2BynARw9yqBetBNdvTAcu%2FezUJpAdcfTyGC6UwV1Vq0kRAYuOJ780Hy57KaUvcsuq2DcPk%2FC%2Fx16cUs4HIVf015Il%2Fd1tZLs%2FJFU3lws6WucifM%2BHfNNWByIwrarb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bec21cdf0069b-OSL
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d11f1919fef5d8fccf8a87cf62ec7d61
b862276403c5375ce0cf2707ff0141d0f765fafa
7002839ec0a73f7a79f9f8720287932bd850a6a1b741ad91808e402ecb1c0d48

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 00:05:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dailyoffertoyou.com/CH-SPOST-T230523/js/bootstrap.min.js

104.21.1.113

200 OK

12 kB

URL GET HTTP/3
dailyoffertoyou.com/CH-SPOST-T230523/js/bootstrap.min.js
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32033)
Size
12 kB (11804 bytes)
Hash
5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /CH-SPOST-T230523/js/bootstrap.min.js HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:05:08 GMT
content-type: application/javascript
last-modified: Tue, 23 May 2023 06:26:03 GMT
etag: W/"90b5-5fc567623d4c0"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBpEz1oNSCfu1qKngVd4%2FIxRGGebonLkWDydOi9R29UWTNHYJTrGfyL0m9lpyhsw23C4MGZOWlF%2FV%2B0ALrx1E3j0o%2FyRx9v3w7MQCV4rWmC6W%2FJkP4jrgDZQER4lIdDCSBj6J1P4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bec21cded069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dailyoffertoyou.com/CH-SPOST-T230523/img/bnr.jpeg

104.21.1.113

200 OK

124 kB

URL GET HTTP/3
dailyoffertoyou.com/CH-SPOST-T230523/img/bnr.jpeg
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1553x865, components 3\012- data
Size
124 kB (124095 bytes)
Hash
c552cff17dd534d2f337eab40b2a6b80
38c23905c535723a1b2392e67d3542c0712be345
c1e62203667211ee8c382a272f7d0cec00c661167a84a840788bf27f4cda2815

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /CH-SPOST-T230523/img/bnr.jpeg HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:05:08 GMT
content-type: image/jpeg
content-length: 124095
last-modified: Tue, 23 May 2023 06:23:03 GMT
etag: "1e4bf-5fc566b693fc0"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGDLREtmWqUHdQvzI4cVpWQRIqTtErrL4z1UrqFPZforITwwPN1nF6n%2FOFao5rRDOTT9htisnUJiF1CLQXOaDufRAWHTh9tym5Y0VKNoz3uvRMIziNolIMdPAbIxZFAbNrKhW9yI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bec21cde4069b-OSL
alt-svc: h3=":443"; ma=86400

dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87

104.21.1.113

200 OK

175 kB

URL User Request GET HTTP/2
dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Size
175 kB (175175 bytes)
Hash
05e8b37528c72ca47a20700f608a18d4
99ef8f10edf91d98044e3cf4dfcc18ee0afbdc0f
eba082551ecb47f7cc0a5464fb3130962bc296cef2d2d4d2f99ec794fceeb11f

Detections

Analyzer	Verdict	Alert
openphish	PostFinance
quad9	Sinkholed

HTTP Headers

GET /CH-SPOST-T230523/?u=12C87 HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Jun 2023 00:05:07 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQ7JHLnvFIh4f1bTshdcKB3RtH3LOp30E3dzkHa9bArN149aXrYm1L2TBFdOs320UOG6D8KqgNqjshC8tg0j8Q9dhv3sdI4L4lMhRkTvGimiBQYLMroFUemni%2FVjQGJEAr%2FxUriB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1bec1c6d080b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dailyoffertoyou.com/CH-SPOST-T230523/img/bl.png

104.21.1.113

200 OK

46 kB

URL GET HTTP/3
dailyoffertoyou.com/CH-SPOST-T230523/img/bl.png
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
PNG image data, 174 x 210, 8-bit/color RGBA, non-interlaced\012- data
Size
46 kB (45665 bytes)
Hash
40bc77921bbd21a08acb6d7141fe86df
706bb6bef91f57464d9042e20b6aef2316b9e2a2
381e24805e0f9c4aecfd9bdedc1c34b0ef7388f753517dfb89b2c52f6952b05c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /CH-SPOST-T230523/img/bl.png HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:05:08 GMT
content-type: image/png
content-length: 45665
last-modified: Tue, 23 May 2023 06:23:49 GMT
etag: "b261-5fc566e272740"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLrEgte6JRGeHWS29EmPPqOH6uiJkASaPhnpkYxIfyHfyIUA8TMGRh47VDTNys4JZ3rbZC3FP%2FTQ%2BDjE3j4ZLUj7k%2Fk3UU8e6BYvRINjU7qECxObFIXjZTAxnCC%2BSwXhBesR9uKt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bec21cdeb069b-OSL
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4657e1301201c546b03bf8a42be0e1a4
561ed76fd2c38e8107da101d54546e44b219e539
b7c25875352ba1d913c952fc778770209c663f8b7bb3a33b40532b1910938c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 00:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4657e1301201c546b03bf8a42be0e1a4
561ed76fd2c38e8107da101d54546e44b219e539
b7c25875352ba1d913c952fc778770209c663f8b7bb3a33b40532b1910938c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 00:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4657e1301201c546b03bf8a42be0e1a4
561ed76fd2c38e8107da101d54546e44b219e539
b7c25875352ba1d913c952fc778770209c663f8b7bb3a33b40532b1910938c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 00:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dailyoffertoyou.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 11:49:35 GMT
expires: Fri, 31 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 216935
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dailyoffertoyou.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 11:49:35 GMT
expires: Fri, 31 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 216935
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dailyoffertoyou.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 11:49:35 GMT
expires: Fri, 31 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 216935
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4657e1301201c546b03bf8a42be0e1a4
561ed76fd2c38e8107da101d54546e44b219e539
b7c25875352ba1d913c952fc778770209c663f8b7bb3a33b40532b1910938c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 00:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
165e9dd224579af1dc9c74fc98d283ef
c9789aede3537dc85b0901c39f07ea8a6917d54e
346e2ba593025ca29aafcb8c17bf868530e333be891c97edda5320f78fa116f6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 00:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MB2WV0SZV7&cid=749896005.1685837110&gtm=45je35v0&aip=1&z=79242268

142.250.74.131

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MB2WV0SZV7&cid=749896005.1685837110&gtm=45je35v0&aip=1&z=79242268
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint21:0A:07:7D:46:C8:E2:9C:FF:DD:13:5F:61:67:E7:07:A9:0D:75:16
ValidityFri, 19 May 2023 12:59:38 GMT - Fri, 11 Aug 2023 12:59:37 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MB2WV0SZV7&cid=749896005.1685837110&gtm=45je35v0&aip=1&z=79242268 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 00:05:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dailyoffertoyou.com/CH-SPOST-T230523/js/wow.js

104.21.1.113

404 Not Found

649 B

URL GET HTTP/3
dailyoffertoyou.com/CH-SPOST-T230523/js/wow.js
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
649 B (649 bytes)
Hash
bcfa5a415f46b3af8ee31690ae2a3c51
f8d3e1bf09cc112aa6b8278a0cea81e535272db7
80152e76d3e35408323beb82b0fdf7132cf438d466a1e0febb7465ba70fa8eb0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /CH-SPOST-T230523/js/wow.js HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sun, 04 Jun 2023 00:05:08 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIfEj%2BAWMDQl0y6J3pBTqmq2TWu4CEZ%2FZMGNKEdEQKqfsperjXbf0NbyflwxQZ5pqO7e7w1qFZEIg73bCeov69pnCRGEJCCHhfUSyYf01glb7Ozm02YgCT6jOx4SckXGNww3ymfB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bec21cdef069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

region1.analytics.google.com/g/collect?v=2&tid=G-MB2WV0SZV7&gtm=45je35v0&_p=282072702&_gaz=1&cid=749896005.1685837110&ul=en-us&sr=1280x1024&_s=1&sid=1685837109&sct=1&seg=0&dl=https%3A%2F%2Fdailyoffertoyou.com%2FCH-SPOST-T230523%2F%3Fu%3D12C87&dt=Paketverfolgung&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-MB2WV0SZV7&gtm=45je35v0&_p=282072702&_gaz=1&cid=749896005.1685837110&ul=en-us&sr=1280x1024&_s=1&sid=1685837109&sct=1&seg=0&dl=https%3A%2F%2Fdailyoffertoyou.com%2FCH-SPOST-T230523%2F%3Fu%3D12C87&dt=Paketverfolgung&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-MB2WV0SZV7&gtm=45je35v0&_p=282072702&_gaz=1&cid=749896005.1685837110&ul=en-us&sr=1280x1024&_s=1&sid=1685837109&sct=1&seg=0&dl=https%3A%2F%2Fdailyoffertoyou.com%2FCH-SPOST-T230523%2F%3Fu%3D12C87&dt=Paketverfolgung&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dailyoffertoyou.com
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://dailyoffertoyou.com
date: Sun, 04 Jun 2023 00:05:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-MB2WV0SZV7&gtm=45je35v0&_p=282072702&cid=749896005.1685837110&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1685837109&sct=1&seg=0&dl=https%3A%2F%2Fdailyoffertoyou.com%2FCH-SPOST-T230523%2F%3Fu%3D12C87&dt=Paketverfolgung&en=scroll&epn.percent_scrolled=90

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-MB2WV0SZV7&gtm=45je35v0&_p=282072702&cid=749896005.1685837110&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1685837109&sct=1&seg=0&dl=https%3A%2F%2Fdailyoffertoyou.com%2FCH-SPOST-T230523%2F%3Fu%3D12C87&dt=Paketverfolgung&en=scroll&epn.percent_scrolled=90
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-MB2WV0SZV7&gtm=45je35v0&_p=282072702&cid=749896005.1685837110&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1685837109&sct=1&seg=0&dl=https%3A%2F%2Fdailyoffertoyou.com%2FCH-SPOST-T230523%2F%3Fu%3D12C87&dt=Paketverfolgung&en=scroll&epn.percent_scrolled=90 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dailyoffertoyou.com
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://dailyoffertoyou.com
date: Sun, 04 Jun 2023 00:05:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

dailyoffertoyou.com/favicon.ico

104.21.1.113

404 Not Found

209 B

URL GET HTTP/3
dailyoffertoyou.com/favicon.ico
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
209 B (209 bytes)
Hash
8ace35f18ab1832bacfde13597767517
22e4ee51bbdba11b19a2d6879bc60126dc89eecd
f87134d32dc903f27ed9c905bfd824f31192dac9e05887b2dedbb1ca416d1280

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Cookie: _ga_MB2WV0SZV7=GS1.1.1685837109.1.0.1685837109.60.0.0; _ga=GA1.1.749896005.1685837110
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sun, 04 Jun 2023 00:05:11 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNZaNkjh9uqiT2vhNUUCOK33y2Bc7dDb2Yb3pzGQmOeyrINu7G2uVK3rNwqsUT1%2Bw9MXuY%2Bmj3dzja8OIXxyk0b1FhGy23vj5Q0%2FmBmA5YBvPv5zv1Xo3lNzh1erLSJY04oyS1Hc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bec346cfc069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dailyoffertoyou.com/CH-SPOST-T230523/css/custom.css

104.21.1.113

200 OK

68 kB

URL GET HTTP/3
dailyoffertoyou.com/CH-SPOST-T230523/css/custom.css
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
68 kB (67801 bytes)
Hash
2a88dc4f1b6250ad90b478227615b03c
1d3483c21263ffe387e8ef16359b1e75fe643a75
058406cb016d991a817ded91c00c788dcc934576665bba6832bdd0753f71988f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /CH-SPOST-T230523/css/custom.css HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:05:08 GMT
content-type: text/css
last-modified: Tue, 23 May 2023 06:20:13 GMT
etag: W/"108d9-5fc5661474140"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjE2Pz7%2FlI7M7p7oo%2BWgTs9wKnLmWoR3%2BPJZ7DR2KGKUVRPf6eGz5biYT9vYZFOAtiq2e3R1ri4E3nvv8GXM3TPnmVqWOVN2TFmfL9G1MuuCx2wlGLng%2BiMc62xQzeKsQQ7zZYmJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bec21bde2069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dailyoffertoyou.com/CH-SPOST-T230523/css/bootstrap.min.css

104.21.1.113

200 OK

121 kB

URL GET HTTP/3
dailyoffertoyou.com/CH-SPOST-T230523/css/bootstrap.min.css
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65371)
Size
121 kB (121200 bytes)
Hash
ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /CH-SPOST-T230523/css/bootstrap.min.css HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:05:10 GMT
content-type: text/css
last-modified: Tue, 23 May 2023 06:19:54 GMT
etag: W/"1d970-5fc5660255680"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZUvtVoimKeQn3fZi1cpQ3pXt9Lb6Xn5ISbna0FmqfDz4Fj5%2BbN7i5vJgJvf2xywZ3WVxMKUHtlOyfn06klN7bVtE5mnRKJN2OM58tUUUS0FkOE347Zh3%2B5KU7fB7XlRMPSY85P9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bec21bddf069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dailyoffertoyou.com/CH-SPOST-T230523/css/animate.css

104.21.1.113

200 OK

57 kB

URL GET HTTP/3
dailyoffertoyou.com/CH-SPOST-T230523/css/animate.css
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (460)
Size
57 kB (57095 bytes)
Hash
cb67371414710491ee3730390d1efb33
2e70ccc82e0ed3de2fd87409e6ca66e7b1a2d285
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /CH-SPOST-T230523/css/animate.css HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:05:08 GMT
content-type: text/css
last-modified: Tue, 23 May 2023 06:19:22 GMT
etag: W/"df07-5fc565e3d0e80"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkEe37QYmA4QG%2F819OjDxldk6t%2BYfEQaPAVjkB2uedjijklLI%2FRhG4otn0YTwxGWi%2B79yX1XSOK5hUHi7ZLaPQDY6QZtkKuHoi5fY%2BJBk9Iht5Ewo0378bc9o3EIxQ52LlJl8Efy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bec21bde1069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dailyoffertoyou.com/CH-SPOST-T230523/img/logo.jpeg

104.21.1.113

200 OK

172 kB

URL GET HTTP/3
dailyoffertoyou.com/CH-SPOST-T230523/img/logo.jpeg
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 2170x740, components 3\012- data
Size
172 kB (171701 bytes)
Hash
3fae8f335a1ec01a4fc898c79a635d1d
7d3d331357509a764bc4dfbb804735251e826881
235798df18b044dc8c326d79293465c51c3b01312dd210a683c3b87481d73c51

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /CH-SPOST-T230523/img/logo.jpeg HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:05:08 GMT
content-type: image/jpeg
content-length: 171701
last-modified: Tue, 23 May 2023 06:25:43 GMT
etag: "29eb5-5fc5674f2a7c0"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXcHWbtukqiiPweNWskvCrqMEcg2xRUqqLmAwH6OBkGSWKIi3DT%2BMtXoNn8w%2FWFq7koMU0w1ItIEJW3jprxaGp2ovYffgdK9ooTqjbbYNya04jipKfj7qiJ%2BFbsa1%2BgyOhILO%2FCe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bec21cde7069b-OSL
alt-svc: h3=":443"; ma=86400

dailyoffertoyou.com/CH-SPOST-T230523/js/jquery.min.js

104.21.1.113

200 OK

87 kB

URL GET HTTP/3
dailyoffertoyou.com/CH-SPOST-T230523/js/jquery.min.js
IP
104.21.1.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5E:98:0C:8A:E3:69:87:E5:B1:60:2F:57:6D:48:49:9F:2B:DD:02:28
ValidityFri, 03 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
87 kB (86926 bytes)
Hash
4b57cf46dc8cb95c4cca54afc85e9540
05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /CH-SPOST-T230523/js/jquery.min.js HTTP/1.1
Host: dailyoffertoyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 04 Jun 2023 00:05:08 GMT
content-type: application/javascript
last-modified: Tue, 23 May 2023 06:26:15 GMT
etag: W/"1538e-5fc5676daefc0"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m15IPzQo4v0gFUec721355v2d8tJwEg7HhZ68iyu6F%2BoMoswyRoWb%2Bd82F5Na0p%2BKxu3HNfEjyvQw54tc%2FjlTTOgB20rNHY9IMddSoVr7VfIKNZvaWq5OgUamOMWgdLF%2FMTaE3pm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1bec21cdee069b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

142.250.74.106

200 OK

28 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://dailyoffertoyou.com/CH-SPOST-T230523/?u=12C87
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
ASCII text
Size
28 kB (27635 bytes)
Hash
148780e949868bb5f5a68f866d83c028
eb8446d2e6ef3ce76dd76a8ac7c38556d86e14b2
ab618c26a11027f879b5e9a4b28120545ba14270a5da6d33e623f9a2b8b8d38d

HTTP Headers

GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dailyoffertoyou.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Jun 2023 00:05:08 GMT
date: Sun, 04 Jun 2023 00:05:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML