| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb9adda4796e3cda8d92753c46964621c 5f1eba1f6085b23dea088a91fe6f8947172f9f62 a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2999
Expires: Wed, 07 Sep 2022 14:14:51 GMT
Date: Wed, 07 Sep 2022 13:24:52 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.27 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.27:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash99b7d23c1748d0526782b9ff9ea45f09 eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 13:04:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VecgpEQ3pSb0pCIZhq7vSRPW9SNehVHKTBq8gHKXWk_mHRDDZx042A==
Age: 1211
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.110 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.110:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PIckmIt8VqHPG05JrdMu-8p86mxA16A5TRHu0FsS5O0DDi-k12hRPA==
age: 34698
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/optin2widllds | 104.16.14.194 | 302 Found | 492 B |
URL HTTP/1.1www.saveday-inc.net/optin2widllds IP104.16.14.194:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477) Hashcafc0a2e782e1a7f8855f809a3835a5d 2057be0107fe88006d08752a7959861b59cdb8fd 1f4d945639b26abb863c3e3e8b4f158bcec7f9af951c0260e5a61d2b8490806d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /optin2widllds HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 07 Sep 2022 13:24:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.saveday-inc.net/optin1638821352637
CF-Ray: 746fc464af83b4fa-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 302 Found
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: 3a5b7ab70e8427ab506a26c5dd997f76
X-Runtime: 0.117161
Set-Cookie: __cf_bm=XVvge4LSmUAB6yesiJ_pe29hb89ngGyzlxQzUzKQpBw-1662557092-0-AaHPw4AKHROm2ttlUFYMqyDS0L61giYDwMpy6u6td/KYaNVk1zH8HayVKyB/sHbNOAJiz0wGD6fq9WKU68XiGc/FY/t3qXewiGZFVMN9hQ2d; path=/; expires=Wed, 07-Sep-22 13:54:52 GMT; domain=.www.saveday-inc.net; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 13:24:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/hosted/images/14/3fecf0667511e7a4522fc393ea60c4/vmc-logo.png | 104.16.13.194 | 200 OK | 11 kB |
URL HTTP/2www.saveday-inc.net/hosted/images/14/3fecf0667511e7a4522fc393ea60c4/vmc-logo.png IP104.16.13.194:0
File typePNG image data, 395 x 115, 8-bit colormap, non-interlaced\012- data Hasha8319ced5fa45dbf94a312e1ad9e9d8e d88a08d5a2a5c6ee3775b6cc16960b2ae69c4cc8 e6bbcf641c1e1950dda2d905d5d209d7426fcfe31f9dccd067e97fb4a9a16000
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /hosted/images/14/3fecf0667511e7a4522fc393ea60c4/vmc-logo.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: image/png
content-length: 11042
cf-ray: 746fc468994bb509-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "a8319ced5fa45dbf94a312e1ad9e9d8e"
last-modified: Tue, 11 Jul 2017 20:11:13 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/hosted/images/18/ae751067fe11e7b1f597f4a4384b61/bizlendr.png | 104.16.13.194 | 200 OK | 20 kB |
URL HTTP/2www.saveday-inc.net/hosted/images/18/ae751067fe11e7b1f597f4a4384b61/bizlendr.png IP104.16.13.194:0
File typePNG image data, 500 x 128, 8-bit colormap, non-interlaced\012- data Hash0b0d99a146d61334abaad568d18e5b01 f893dd595bd067ea1ed1879aa5792bf2d32337e5 8af8af276e195c7ff5e83a813e8f4542ceb059b0548ad094a92799882d25a5fa
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /hosted/images/18/ae751067fe11e7b1f597f4a4384b61/bizlendr.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: image/png
content-length: 20025
cf-ray: 746fc468a952b509-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "0b0d99a146d61334abaad568d18e5b01"
last-modified: Thu, 13 Jul 2017 19:04:33 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/hosted/images/5b/c23330667511e78cd7b3b12e64f51a/sbf-logo-2015.png | 104.16.13.194 | 200 OK | 4.3 kB |
URL HTTP/2www.saveday-inc.net/hosted/images/5b/c23330667511e78cd7b3b12e64f51a/sbf-logo-2015.png IP104.16.13.194:0
File typePNG image data, 800 x 120, 8-bit colormap, non-interlaced\012- data Hash723958dfc7b2d6fb4956404751e621b8 d1af418aa8263d6054c7b1fa2b814d03eedfcd07 580fca02db8385d70d615d73437dc607f508b61a4eae2fcb7c47f79509bed09f
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /hosted/images/5b/c23330667511e78cd7b3b12e64f51a/sbf-logo-2015.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: image/png
content-length: 4297
cf-ray: 746fc468994db509-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "723958dfc7b2d6fb4956404751e621b8"
last-modified: Tue, 11 Jul 2017 20:13:13 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/hosted/images/4e/ef52f098b111e7b71b9976c38ffff7/whatever2.png | 104.16.13.194 | 200 OK | 26 kB |
URL HTTP/2www.saveday-inc.net/hosted/images/4e/ef52f098b111e7b71b9976c38ffff7/whatever2.png IP104.16.13.194:0
File typePNG image data, 405 x 872, 8-bit colormap, non-interlaced\012- data Hash538af34ea4ab473bd579d5d061172388 cdbbbbca4a5f72b942d9ccb74621dc33d17b5a0d f98f0c220ec61ba7d68c78c464d929e56344c7f567df374d48e6e7ef7644b66a
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /hosted/images/4e/ef52f098b111e7b71b9976c38ffff7/whatever2.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: image/png
content-length: 25914
cf-ray: 746fc4689949b509-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "538af34ea4ab473bd579d5d061172388"
last-modified: Wed, 13 Sep 2017 18:28:21 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/hosted/images/de/0e695067fe11e792f73f20b3520f1e/logo.png | 104.16.13.194 | 200 OK | 2.5 kB |
URL HTTP/2www.saveday-inc.net/hosted/images/de/0e695067fe11e792f73f20b3520f1e/logo.png IP104.16.13.194:0
File typePNG image data, 378 x 88, 8-bit colormap, non-interlaced\012- data Hash05bfa1b2ab184dc7ea68a0265d3ff73e 6fb3612c62d80e52d8b2ecd853c600a2c4ab5a85 ad2ee6410ab30d6711b25ae0bf436a87f42e87b7caf69690d1335ad70ad3177d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /hosted/images/de/0e695067fe11e792f73f20b3520f1e/logo.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: image/png
content-length: 2492
cf-ray: 746fc468a95db509-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "05bfa1b2ab184dc7ea68a0265d3ff73e"
last-modified: Thu, 13 Jul 2017 19:10:04 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/hosted/images/13/8bb6408e8411e7b85fdf1b4f68b035/try8001.png | 104.16.13.194 | 200 OK | 29 kB |
URL HTTP/2www.saveday-inc.net/hosted/images/13/8bb6408e8411e7b85fdf1b4f68b035/try8001.png IP104.16.13.194:0
File typePNG image data, 1008 x 727, 8-bit colormap, non-interlaced\012- data Hash359b179cc2c42c8c056f487c793001ec 05b7a018d1c4e0e7713113078eabdaab6224f612 fb77000c1f1905aae5c49facba6eb39b98b1e64e3220f919ee8b14c3a9a75726
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /hosted/images/13/8bb6408e8411e7b85fdf1b4f68b035/try8001.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: image/png
content-length: 28863
cf-ray: 746fc4689947b509-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "359b179cc2c42c8c056f487c793001ec"
last-modified: Thu, 31 Aug 2017 19:39:28 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc0498832f97967e1fbaa64eba7c65094 2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7 63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:24:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.saveday-inc.net/hosted/images/17/ebf2f067ff11e7ad5ebb6414c806b3/logo-_1_.png | 104.16.13.194 | 200 OK | 19 kB |
URL HTTP/2www.saveday-inc.net/hosted/images/17/ebf2f067ff11e7ad5ebb6414c806b3/logo-_1_.png IP104.16.13.194:0
File typePNG image data, 2850 x 468, 8-bit colormap, non-interlaced\012- data Hash0fbdcd0f6b039c13b6ed66be70fc0314 36b7bc5d12241223cbef098fe38e43147c2a967d c972c2a7d41b2b76280b7a407864155f8b6958d243e8694b65450b021a0f0477
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /hosted/images/17/ebf2f067ff11e7ad5ebb6414c806b3/logo-_1_.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: image/png
content-length: 19131
cf-ray: 746fc468a95eb509-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "0fbdcd0f6b039c13b6ed66be70fc0314"
last-modified: Thu, 13 Jul 2017 19:11:44 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/hosted/images/e3/5898c0668411e7acaccf8145dd3756/ev.png | 104.16.13.194 | 200 OK | 6.7 kB |
URL HTTP/2www.saveday-inc.net/hosted/images/e3/5898c0668411e7acaccf8145dd3756/ev.png IP104.16.13.194:0
File typePNG image data, 400 x 90, 8-bit colormap, non-interlaced\012- data Hashf68b926f96eb6f38c9f7ce0a971ba829 b8dd228cc203a00d134bccc02dd75e7405aa6caa d95d481199724f2d02fd35875e38da134650283fed9732139c13ddd029439343
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /hosted/images/e3/5898c0668411e7acaccf8145dd3756/ev.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: image/png
content-length: 6681
cf-ray: 746fc468a951b509-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "f68b926f96eb6f38c9f7ce0a971ba829"
last-modified: Tue, 11 Jul 2017 22:04:22 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc0498832f97967e1fbaa64eba7c65094 2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7 63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:24:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.27 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.27:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 07 Sep 2022 12:38:18 GMT
Expires: Wed, 07 Sep 2022 12:58:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ELLDRPIUknVgmp6swW4ayYJ3l-ZTWko3DVYdRijS45kmzQcKwQXNcw==
Age: 2795
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash62c739a1335c5cf0fd4e783db6cdf14b 4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:24:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtm.js?id=GTM-P958L4W | 142.250.74.72 | 200 OK | 56 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-P958L4W IP142.250.74.72:0
File typeASCII text, with very long lines (5176) Hashf6fc53d37cd4ef8dc215c2ab8d00a56c aca68e2576df6a8c7c2c7282293598f3ae0f2196 b54880d829c5e935726ef2b557867461965bb08780bc377c956ec2a6eaacea51
GET /gtm.js?id=GTM-P958L4W HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Sep 2022 13:24:53 GMT
expires: Wed, 07 Sep 2022 13:24:53 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 56480
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/hosted/images/ab/5dfff0471a11e7855f5dca53cab33b/cloudstrip-hero_2x.png | 104.16.13.194 | 200 OK | 73 kB |
URL HTTP/2www.saveday-inc.net/hosted/images/ab/5dfff0471a11e7855f5dca53cab33b/cloudstrip-hero_2x.png IP104.16.13.194:0
File typePNG image data, 2672 x 586, 8-bit colormap, non-interlaced\012- data Hashdbd17d87cba35875b87a1d0333e07214 b5ccaf88d53022b112e9e060e53ce611d6e8834b 149cc0e62e4f5a30b5625466d0427f3260aa7d7320b214c91056d8b40fff6f39
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /hosted/images/ab/5dfff0471a11e7855f5dca53cab33b/cloudstrip-hero_2x.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: image/png
content-length: 72836
cf-ray: 746fc46a4c35b509-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "dbd17d87cba35875b87a1d0333e07214"
last-modified: Thu, 01 Jun 2017 22:36:04 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash62c739a1335c5cf0fd4e783db6cdf14b 4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:24:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 471 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
Hasha81b0f5b5d11bf95fc176833b2f6e808 5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5 8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 553
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc4692a080b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/hosted/images/ab/88d21326a04b7b856568fb725e7bda/fa-logo1.png | 104.16.13.194 | 200 OK | 10 kB |
URL HTTP/2www.saveday-inc.net/hosted/images/ab/88d21326a04b7b856568fb725e7bda/fa-logo1.png IP104.16.13.194:0
File typePNG image data, 253 x 50, 8-bit/color RGBA, non-interlaced\012- data Hash77b1a9149d16b03a46a6c04e8c7a5aae c1d4deb42b6eef43914d9f44a45f720a427ca18f 1bee03fe6a3e710b9fb29e414ec7f38a941dc5f9082826479cb8bf62a753f50b
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /hosted/images/ab/88d21326a04b7b856568fb725e7bda/fa-logo1.png HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: image/png
content-length: 10077
cf-ray: 746fc4689944b509-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "77b1a9149d16b03a46a6c04e8c7a5aae"
last-modified: Tue, 23 Nov 2021 21:15:27 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 46 kB |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
Hash4ca84bc5f3c3f14d0acfdfb8a0c9f280 fa95a098c5c86cdb0e6a51e2af3363508d01e5dc f5361a8043e14a9de34cda4852a870bcaf47049dd385c52f56c5feb9394edf5d
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 495
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46c6db80b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.36.24.174 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.36.24.174:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FNnK+8bu1JoltpvVnCDpSw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 22RKNwLsADLmMVKO4CNBPezJdKs=
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 471 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
Hash0b218225171cae57237cd71ae6f3347b 821f6cda5bf110fad5777736e92a27db636d488c 1372a445d0f8e9b0b2b3abb6762ca5ec3867bb42928aa2f7ed84a47f660f3c59
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 556
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46c7dc20b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/userevents/?funnel_id=eThENnR4Zmk0a0FISk4weWlPVCtYQT09LS1qSTVRUk9LZTMvZGlCM2FBaXozT1hRPT0%3D--2df597deecf7a425802bd0e5ecd1ce6489e1b6da&page_id=bnJGR3d4YkRYRFdIM3ZzV2lYbCt5QT09LS16Y0xaMHVRaldFN21aL0tJcExMNjJ3PT0%3D--f69358841eaa48b41796588213093f23443e94b9&funnel_step_id=bmx6T2NwQWN5Y3BBUGJKRG9xTWRmZz09LS00ZEJjRHBDTlpwZm5IL0o3Z1dySDdnPT0%3D--59786c96d79346d129f68009f96dd021e7f5294a&user_id=aFpPcDVVUHlMeFJlM2hRQ2lpa1VQUT09LS1vbWRub1ZCbjlONHZxUG5QeExtbUl3PT0%3D--9a3311e5bcd523b6cbc509fe3878988b1767476c&account_id=VzB0SUFYd0xhTVhpTmVsSUdsSkZydz09LS1NMmNvNGRXVVRSbkV3ckcra1BRRmxnPT0%3D--c221cb55afa42b5bc58c04268236493bfa97577b&page_code=NTIwOTg4ODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=fed4fa0c-87de-49a4-ac60-343555ea21a0&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637 | 104.16.13.194 | 202 Accepted | 20 kB |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=eThENnR4Zmk0a0FISk4weWlPVCtYQT09LS1qSTVRUk9LZTMvZGlCM2FBaXozT1hRPT0%3D--2df597deecf7a425802bd0e5ecd1ce6489e1b6da&page_id=bnJGR3d4YkRYRFdIM3ZzV2lYbCt5QT09LS16Y0xaMHVRaldFN21aL0tJcExMNjJ3PT0%3D--f69358841eaa48b41796588213093f23443e94b9&funnel_step_id=bmx6T2NwQWN5Y3BBUGJKRG9xTWRmZz09LS00ZEJjRHBDTlpwZm5IL0o3Z1dySDdnPT0%3D--59786c96d79346d129f68009f96dd021e7f5294a&user_id=aFpPcDVVUHlMeFJlM2hRQ2lpa1VQUT09LS1vbWRub1ZCbjlONHZxUG5QeExtbUl3PT0%3D--9a3311e5bcd523b6cbc509fe3878988b1767476c&account_id=VzB0SUFYd0xhTVhpTmVsSUdsSkZydz09LS1NMmNvNGRXVVRSbkV3ckcra1BRRmxnPT0%3D--c221cb55afa42b5bc58c04268236493bfa97577b&page_code=NTIwOTg4ODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=fed4fa0c-87de-49a4-ac60-343555ea21a0&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637 IP104.16.13.194:0
File typegzip compressed data, max compression\012- data Hash56f5d7f608e25d64207135f045f988cb 901eb59372ae330ae85e1384da93479b21ae1082 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /userevents/?funnel_id=eThENnR4Zmk0a0FISk4weWlPVCtYQT09LS1qSTVRUk9LZTMvZGlCM2FBaXozT1hRPT0%3D--2df597deecf7a425802bd0e5ecd1ce6489e1b6da&page_id=bnJGR3d4YkRYRFdIM3ZzV2lYbCt5QT09LS16Y0xaMHVRaldFN21aL0tJcExMNjJ3PT0%3D--f69358841eaa48b41796588213093f23443e94b9&funnel_step_id=bmx6T2NwQWN5Y3BBUGJKRG9xTWRmZz09LS00ZEJjRHBDTlpwZm5IL0o3Z1dySDdnPT0%3D--59786c96d79346d129f68009f96dd021e7f5294a&user_id=aFpPcDVVUHlMeFJlM2hRQ2lpa1VQUT09LS1vbWRub1ZCbjlONHZxUG5QeExtbUl3PT0%3D--9a3311e5bcd523b6cbc509fe3878988b1767476c&account_id=VzB0SUFYd0xhTVhpTmVsSUdsSkZydz09LS1NMmNvNGRXVVRSbkV3ckcra1BRRmxnPT0%3D--c221cb55afa42b5bc58c04268236493bfa97577b&page_code=NTIwOTg4ODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=fed4fa0c-87de-49a4-ac60-343555ea21a0&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.saveday-inc.net
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 07 Sep 2022 13:24:54 GMT
content-type: text/html
cf-ray: 746fc46c8a23b51e-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 3cb6651a03a55fbc4aa32370c6f6d7e6
x-runtime: 0.030410
set-cookie: __cf_bm=FbtA1PTxQPaJq1_.V_Zt_N14LjFmXVB54nHyeW9dpro-1662557094-0-AUiDGO7ZaCnTD5Vs0154FI0QrnJPYgQCJaL/8cQO1/7rPq/4BIHnZvHgCZ3eC+I/1AgHW/8saFq39A0Zc3Ol4iN8FYo3/iBOnSaLIc8DzyB3; path=/; expires=Wed, 07-Sep-22 13:54:54 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash21d1b5be072df45253749eeb3290be82 4ac9978797c085289b9fcc2fe9a57b619e1c78c9 9ea779e1ad86a4a7c403b574908e2dc60d079b366ab1cf439b34c73c9a9c64c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:24:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 27 kB |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
File typegzip compressed data, from Unix\012- data Hash8e7e24fb3539746aa8b869558f589615 d8086d86bbd5cfacc3b6a5ef14aa917830e137dd 7304497ee417a664bdea67d7307ca36a36013556b927c3ea5bca6c04b66236ef
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 548
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46c7dcb0b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 16 kB |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
File typegzip compressed data, max compression\012- data Hash4738d969770682feba80f04bf171d65b be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7 1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 565
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46d6ed70b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 471 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
Hash0b218225171cae57237cd71ae6f3347b 821f6cda5bf110fad5777736e92a27db636d488c 1372a445d0f8e9b0b2b3abb6762ca5ec3867bb42928aa2f7ed84a47f660f3c59
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 494
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46abbb00b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 472 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
Hash8fc7316fab55e89a81536e926eab6f83 7fcab743b176312e76999b39a1b2a3b97dbeb10f 8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1005
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:54 GMT
server: cloudflare
cf-ray: 746fc46f38ef0b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash10585eccdd73117e0bc71ecaf1cd02cb 7bda7ff7308cac8c8824a5a558097a15a2325f5e 6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:24:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 471 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
Hashc1437437047f21dec9a10a2ea619f302 2312d50c7870f3fee0f3b837ce466eac9f60d23a 81e03c89f4b0a326ef9784b89eff6bba41bc940a4d7b54957ad1964d01db3a79
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 555
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46c6daa0b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 1.0 kB |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
File typegzip compressed data, max compression\012- data Hash84dbed7651e04849a644bee8acaf8b73 dca1cf16c8b806cc2fc15409edecca8e4e47a2c3 ee7a4e15ee9f15294ff13f4303d1b6667bdbc06846c5e7852505e9a5358d4034
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1599
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46d0e6f0b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-106500592-1&cid=1017554000.1662557088&jid=546057091&gjid=1037327531&_gid=1355425120.1662557088&_u=YGBAgAABAAAAAE~&z=1643704168 | 142.251.1.156 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-106500592-1&cid=1017554000.1662557088&jid=546057091&gjid=1037327531&_gid=1355425120.1662557088&_u=YGBAgAABAAAAAE~&z=1643704168 IP142.251.1.156:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-106500592-1&cid=1017554000.1662557088&jid=546057091&gjid=1037327531&_gid=1355425120.1662557088&_u=YGBAgAABAAAAAE~&z=1643704168 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.saveday-inc.net
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.saveday-inc.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Sep 2022 13:24:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash10585eccdd73117e0bc71ecaf1cd02cb 7bda7ff7308cac8c8824a5a558097a15a2325f5e 6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:24:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashc1437437047f21dec9a10a2ea619f302 2312d50c7870f3fee0f3b837ce466eac9f60d23a 81e03c89f4b0a326ef9784b89eff6bba41bc940a4d7b54957ad1964d01db3a79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:24:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.facebook.com/tr/?id=1954455964797727&ev=PageView&dl=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&rl=&if=false&ts=1662557087964&sw=1280&sh=1024&v=2.9.79&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1662557087963.1758884844&it=1662557087664&coo=false&rqm=GET | 31.13.72.36 | 200 OK | 44 B |
URL HTTP/2www.facebook.com/tr/?id=1954455964797727&ev=PageView&dl=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&rl=&if=false&ts=1662557087964&sw=1280&sh=1024&v=2.9.79&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1662557087963.1758884844&it=1662557087664&coo=false&rqm=GET IP31.13.72.36:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb798f4ce7359fd815df4bdf76503b295 f8cc6addf1707ad236ad9970b0a48f9733d07da5 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=1954455964797727&ev=PageView&dl=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&rl=&if=false&ts=1662557087964&sw=1280&sh=1024&v=2.9.79&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1662557087963.1758884844&it=1662557087664&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Wed, 07 Sep 2022 13:24:54 GMT
expires: Wed, 07 Sep 2022 13:24:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashf53ebd30fa3351f320ca2c8764734ff1 9205e35b1cef1602414af2350ba6205f4129234c d486cc21bbc47eac5718644e1b280d12a5a4bc92ec97a0e88f184bf6422cb6f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:24:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.no/pagead/1p-user-list/842761054/?random=1662557087658&cv=9&fst=1662555600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&tiba=SaveDay&async=1&fmt=3&is_vtc=1&random=3976226663&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y | 142.250.74.3 | 200 OK | 42 B |
URL HTTP/2www.google.no/pagead/1p-user-list/842761054/?random=1662557087658&cv=9&fst=1662555600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&tiba=SaveDay&async=1&fmt=3&is_vtc=1&random=3976226663&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y IP142.250.74.3:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/842761054/?random=1662557087658&cv=9&fst=1662555600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637&tiba=SaveDay&async=1&fmt=3&is_vtc=1&random=3976226663&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 13:24:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashf53ebd30fa3351f320ca2c8764734ff1 9205e35b1cef1602414af2350ba6205f4129234c d486cc21bbc47eac5718644e1b280d12a5a4bc92ec97a0e88f184bf6422cb6f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 13:24:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 44 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb798f4ce7359fd815df4bdf76503b295 f8cc6addf1707ad236ad9970b0a48f9733d07da5 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 588
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46c6db00b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashbc70b1691dd339e8120b92ba393ffb69 99118be3645b3182ccdc5f9da149a97c220a3929 da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3624
Expires: Wed, 07 Sep 2022 14:25:19 GMT
Date: Wed, 07 Sep 2022 13:24:55 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashbc70b1691dd339e8120b92ba393ffb69 99118be3645b3182ccdc5f9da149a97c220a3929 da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3624
Expires: Wed, 07 Sep 2022 14:25:19 GMT
Date: Wed, 07 Sep 2022 13:24:55 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashbc70b1691dd339e8120b92ba393ffb69 99118be3645b3182ccdc5f9da149a97c220a3929 da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3624
Expires: Wed, 07 Sep 2022 14:25:19 GMT
Date: Wed, 07 Sep 2022 13:24:55 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashbc70b1691dd339e8120b92ba393ffb69 99118be3645b3182ccdc5f9da149a97c220a3929 da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3624
Expires: Wed, 07 Sep 2022 14:25:19 GMT
Date: Wed, 07 Sep 2022 13:24:55 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash70c964498818242b742575cfa1769b67 cde85fbe83c9e29618edf4e05002bd623e3ab965 bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8462
x-amzn-requestid: d75d69c1-87be-47e2-8684-3c9a25edee2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYpFL-IAMFukQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdd0-1c6d025672cc490734bb54e4;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yzw88Z7aubNEll7UXkvaIWbftL95Y0UDTMnOEh_uhKqWgNycBA9Adw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:22 GMT
age: 56613
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg | 34.120.237.76 | 200 OK | 6.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf922505178de0cea92eedcfda85a9f67 50f1459de01174e594e03e7df4dfaa8eb1798672 981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 05:10:03 GMT
age: 29692
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1462b0c8fff091f29c7c5145031c08aa 55154c3878e9650f463805c3829f03a1603f14c1 62f913a6498b21da33451e7cf0e37c5fdef565324bcd35d93cb536527394a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11778
x-amzn-requestid: 2956f23c-8907-48de-b82a-73da9ae1d75e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYVHnLoAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdce-5d76bbe82dc2823407fe67f3;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6tTqfG7yRrMw0cMwiQFlu9XuRzxlK7uzTXL-cAMFmrrDrKL9Rd3zqA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:20 GMT
age: 56615
etag: "55154c3878e9650f463805c3829f03a1603f14c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 4.8 kB |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4f29d8aaae2d67c27c58001e7553dea7 5200b601017ce86614783b76fd2a775c1c48d4e9 6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 556
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46c6dad0b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe12fd665-3bdf-498a-98f0-c69e29204995.jpeg | 34.120.237.76 | 200 OK | 6.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe12fd665-3bdf-498a-98f0-c69e29204995.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash78bacb8692b8f5a5b5b628335778adc0 9cf78c7901f15b194592efb0db560af569e9470f 871fe5479807b985202b776b60378918e89e04d7da9b9a546a0ce72857a01b90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe12fd665-3bdf-498a-98f0-c69e29204995.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6919
x-amzn-requestid: a1211a4e-4467-40ef-956b-6f16c2f5e322
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqY4EgPoAMFW5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdd2-0de380ca078cc4ba584ab2ad;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HVrWkw2U_gO-W8SLzenCLKlOlpDqXu_RH0VDHnNinY1riORljfkqdA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:23 GMT
age: 56612
etag: "9cf78c7901f15b194592efb0db560af569e9470f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash79f4356c488498012cc7fc03be21e3df dd9cd9b711d7112efa85eff8a798346dbd7d5f5f ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:38:56 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 53159
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/assets/pushcrew.js | 104.16.13.194 | 200 OK | 2.2 kB |
URL HTTP/2www.saveday-inc.net/assets/pushcrew.js IP104.16.13.194:0
File typeASCII text, with very long lines (637), with no line terminators Hashee19c929c3b08f48541fc4d408a045ff 5abdd08c402379a622c4549544a344893ca3fccf 094b583ffc5309bfa460fcd10b8a74756654e5eaa7912c7d8700b71dbbd7cbaa
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /assets/pushcrew.js HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: application/x-javascript
cf-ray: 746fc468b981b509-OSL
access-control-allow-origin: *
age: 881
cache-control: public, max-age=1200
etag: W/"630e9cfb-27d"
expires: Wed, 07 Sep 2022 13:44:53 GMT
last-modified: Tue, 30 Aug 2022 23:27:55 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/nr-1216.min.js | 151.101.86.137 | 200 OK | 14 kB |
URL HTTP/2js-agent.newrelic.com/nr-1216.min.js IP151.101.86.137:0
File typeASCII text, with very long lines (32022) Hashb7c09cc097b2847f9edc784adba62dcb 5aa648623cf5e3b4b215fe5d068a7904c59f2925 6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Sep 2022 13:24:57 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 6128
x-timer: S1662557097.272244,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 72 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
File typegzip compressed data, from Unix\012- data Hash107d93e382e2c9b00fbf9fb0edc65d86 77e750e3ebf9706f4f6dd253785602d70be17c6c a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 594
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:57 GMT
server: cloudflare
cf-ray: 746fc48288150b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 643
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:57 GMT
server: cloudflare
cf-ray: 746fc482a8520b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 751
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:25:01 GMT
server: cloudflare
cf-ray: 746fc49e0f150b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 553
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46919f20b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 510
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46919f10b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/cdn-cgi/rum? | 104.16.13.194 | 200 OK | 0 B |
URL HTTP/2www.saveday-inc.net/cdn-cgi/rum? IP104.16.13.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /cdn-cgi/rum? HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 29990
Origin: https://www.saveday-inc.net
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTIwOTg4ODA=:visited=true; cf:visitor_id=0a14c206-9b1f-4214-8955-7f60db3dae66; addevent_track_cookie=d571e957-fe99-4d9d-1142-4ff67c30ec88; _gcl_au=1.1.2088749376.1662557087; _ga=GA1.2.1017554000.1662557088; _gid=GA1.2.1355425120.1662557088; _dc_gtm_UA-106500592-1=1; _fbp=fb.1.1662557087963.1758884844
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:57 GMT
content-type: text/plain
access-control-allow-origin: https://www.saveday-inc.net
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 746fc4828bf5b509-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/vendor.js | 104.16.13.194 | 200 OK | 0 B |
URL HTTP/2www.saveday-inc.net/vendor.js IP104.16.13.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /vendor.js HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: application/javascript
cf-ray: 746fc46c38a2b509-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss, store
x-request-id: ea6cc96dcf43f7b8395893733a94bb7d
x-runtime: 0.023204
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 753
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:25:01 GMT
server: cloudflare
cf-ray: 746fc49e0f160b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/assets/userevents/application.js | 104.16.13.194 | 200 OK | 0 B |
URL HTTP/2www.saveday-inc.net/assets/userevents/application.js IP104.16.13.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /assets/userevents/application.js HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: application/x-javascript
cf-ray: 746fc4689939b509-OSL
access-control-allow-origin: *
age: 882
cache-control: public, max-age=1200
etag: W/"630e9cfc-1353"
expires: Wed, 07 Sep 2022 13:44:53 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 IP142.250.74.10:0
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 13:24:53 GMT
date: Wed, 07 Sep 2022 13:24:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 555
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46aab8f0b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| prospectrmktg.com/1410/st46?s=X33W9DWW-9EX0-C65Y-9638-F1E0E32WD83A&p=https%3A//www.saveday-inc.net/optin1638821352637&r= | 199.103.4.90 | 200 OK | 0 B |
URL HTTP/1.1prospectrmktg.com/1410/st46?s=X33W9DWW-9EX0-C65Y-9638-F1E0E32WD83A&p=https%3A//www.saveday-inc.net/optin1638821352637&r= IP199.103.4.90:0 ASN#22663 PROMINIC-NET-INC
GET /1410/st46?s=X33W9DWW-9EX0-C65Y-9638-F1E0E32WD83A&p=https%3A//www.saveday-inc.net/optin1638821352637&r= HTTP/1.1
Host: prospectrmktg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 13:24:58 GMT
Connection: close
Content-Type: image/png
Strict-Transport-Security: max-age=604800
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 496
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46c7dc50b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/optin1638821352637 | 104.16.13.194 | 200 OK | 0 B |
URL HTTP/2www.saveday-inc.net/optin1638821352637 IP104.16.13.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /optin1638821352637 HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: text/html; charset=utf-8
cf-ray: 746fc4670efdb509-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Wed, 15 Dec 2021 19:05:35 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: db3ade980dcadbb2e206fefc51994315386aecbc
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: 9e7987240c96065453b2c3f1e2d14623
x-runtime: 0.502820
set-cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih; path=/; expires=Wed, 07-Sep-22 13:54:53 GMT; domain=.www.saveday-inc.net; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp; report-to cf-csp-endpoint
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 555
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46c4d7f0b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/images/closemodal.png | 104.16.13.194 | 200 OK | 0 B |
URL HTTP/2app.clickfunnels.com/images/closemodal.png IP104.16.13.194:0
GET /images/closemodal.png HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: image/webp
cf-ray: 746fc4693d38b51e-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 586755
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "630e9cfc-314"
expires: Sat, 08 Oct 2022 13:24:53 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
set-cookie: __cf_bm=iswux_VM_4U2NDPWDKdy_TBfjYAYbqbWE0VmcjNS0cY-1662557093-0-AUobAHQnnYK8FbGSz+688Jmxuo2Bh5Umkxlydy1ZFYidzd5PtF8yZKpas09jcmLwgYHkj+YSkTBI3HLm3AeRQ05WtFvmsY85rhGsAR/2EKiD; path=/; expires=Wed, 07-Sep-22 13:54:53 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 556
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46c7dca0b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/userevents/?funnel_id=eThENnR4Zmk0a0FISk4weWlPVCtYQT09LS1qSTVRUk9LZTMvZGlCM2FBaXozT1hRPT0%3D--2df597deecf7a425802bd0e5ecd1ce6489e1b6da&page_id=bnJGR3d4YkRYRFdIM3ZzV2lYbCt5QT09LS16Y0xaMHVRaldFN21aL0tJcExMNjJ3PT0%3D--f69358841eaa48b41796588213093f23443e94b9&funnel_step_id=bmx6T2NwQWN5Y3BBUGJKRG9xTWRmZz09LS00ZEJjRHBDTlpwZm5IL0o3Z1dySDdnPT0%3D--59786c96d79346d129f68009f96dd021e7f5294a&user_id=aFpPcDVVUHlMeFJlM2hRQ2lpa1VQUT09LS1vbWRub1ZCbjlONHZxUG5QeExtbUl3PT0%3D--9a3311e5bcd523b6cbc509fe3878988b1767476c&account_id=VzB0SUFYd0xhTVhpTmVsSUdsSkZydz09LS1NMmNvNGRXVVRSbkV3ckcra1BRRmxnPT0%3D--c221cb55afa42b5bc58c04268236493bfa97577b&page_code=NTIwOTg4ODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=63e87cb3-ae76-48a1-b463-4eeee1507aff&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637 | 104.16.13.194 | 202 Accepted | 0 B |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=eThENnR4Zmk0a0FISk4weWlPVCtYQT09LS1qSTVRUk9LZTMvZGlCM2FBaXozT1hRPT0%3D--2df597deecf7a425802bd0e5ecd1ce6489e1b6da&page_id=bnJGR3d4YkRYRFdIM3ZzV2lYbCt5QT09LS16Y0xaMHVRaldFN21aL0tJcExMNjJ3PT0%3D--f69358841eaa48b41796588213093f23443e94b9&funnel_step_id=bmx6T2NwQWN5Y3BBUGJKRG9xTWRmZz09LS00ZEJjRHBDTlpwZm5IL0o3Z1dySDdnPT0%3D--59786c96d79346d129f68009f96dd021e7f5294a&user_id=aFpPcDVVUHlMeFJlM2hRQ2lpa1VQUT09LS1vbWRub1ZCbjlONHZxUG5QeExtbUl3PT0%3D--9a3311e5bcd523b6cbc509fe3878988b1767476c&account_id=VzB0SUFYd0xhTVhpTmVsSUdsSkZydz09LS1NMmNvNGRXVVRSbkV3ckcra1BRRmxnPT0%3D--c221cb55afa42b5bc58c04268236493bfa97577b&page_code=NTIwOTg4ODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=63e87cb3-ae76-48a1-b463-4eeee1507aff&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637 IP104.16.13.194:0
GET /userevents/?funnel_id=eThENnR4Zmk0a0FISk4weWlPVCtYQT09LS1qSTVRUk9LZTMvZGlCM2FBaXozT1hRPT0%3D--2df597deecf7a425802bd0e5ecd1ce6489e1b6da&page_id=bnJGR3d4YkRYRFdIM3ZzV2lYbCt5QT09LS16Y0xaMHVRaldFN21aL0tJcExMNjJ3PT0%3D--f69358841eaa48b41796588213093f23443e94b9&funnel_step_id=bmx6T2NwQWN5Y3BBUGJKRG9xTWRmZz09LS00ZEJjRHBDTlpwZm5IL0o3Z1dySDdnPT0%3D--59786c96d79346d129f68009f96dd021e7f5294a&user_id=aFpPcDVVUHlMeFJlM2hRQ2lpa1VQUT09LS1vbWRub1ZCbjlONHZxUG5QeExtbUl3PT0%3D--9a3311e5bcd523b6cbc509fe3878988b1767476c&account_id=VzB0SUFYd0xhTVhpTmVsSUdsSkZydz09LS1NMmNvNGRXVVRSbkV3ckcra1BRRmxnPT0%3D--c221cb55afa42b5bc58c04268236493bfa97577b&page_code=NTIwOTg4ODA%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=63e87cb3-ae76-48a1-b463-4eeee1507aff&url=https%3A%2F%2Fwww.saveday-inc.net%2Foptin1638821352637 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.saveday-inc.net
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 07 Sep 2022 13:24:54 GMT
content-type: text/html
cf-ray: 746fc46c8a27b51e-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: b274ea1f8368483e5951eef0cece49aa
x-runtime: 0.040674
set-cookie: __cf_bm=CIOhybjcsDpfxiOuNye77j4nyJ8MKpOObp4d9Ws69bI-1662557094-0-ATV2rLTVcJrwzVzrw04X7IDIoJZceeWDfNq0UcTt9+O1gTluJEC5iOP+ovnAUlxG02NdZN39d1kUGU3gxdiPONEQGohuI63l3GYjWiFRFQjq; path=/; expires=Wed, 07-Sep-22 13:54:54 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 643
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:25:01 GMT
server: cloudflare
cf-ray: 746fc49e0f170b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/assets/lander.css | 104.16.13.194 | 200 OK | 0 B |
URL HTTP/2www.saveday-inc.net/assets/lander.css IP104.16.13.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /assets/lander.css HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: text/css
cf-ray: 746fc468892db509-OSL
access-control-allow-origin: *
age: 882
cache-control: public, max-age=1200
etag: W/"630e9cfc-6a514"
expires: Wed, 07 Sep 2022 13:44:53 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/assets/lander.js | 104.16.13.194 | 200 OK | 0 B |
URL HTTP/2www.saveday-inc.net/assets/lander.js IP104.16.13.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /assets/lander.js HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: application/x-javascript
cf-ray: 746fc468a96eb509-OSL
access-control-allow-origin: *
age: 882
cache-control: public, max-age=1200
etag: W/"630e9d40-238fd1"
expires: Wed, 07 Sep 2022 13:44:53 GMT
last-modified: Tue, 30 Aug 2022 23:29:04 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 533
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46c4d7d0b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.9.0/css/all.css | 104.21.63.54 | 200 OK | 0 B |
URL HTTP/2use.fontawesome.com/releases/v5.9.0/css/all.css IP104.21.63.54:0
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: text/css
x-amz-id-2: 5R63sGXcq2LptVgWp1Hbu23fLcn6t7yox4MdVDD4fYkPpwwpE0tP8nap3nE7BUsLxb2kn6BawAQ=
x-amz-request-id: FW5J89H89QA35JM6
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 41278
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPynmiQgEwZgyPeKeNQFfI3%2FSxn2pMXU71tYDeD0Q3D15SKrji4BLS1IkAoIZXcFhC%2Figg5hpSMt%2FnvTOpf9c5HzrPSUrELHKX8Wv%2FzHSohE4QPSEewS9msINfR5zCa85%2FSh36Gw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746fc468b898b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 556
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46c7dbb0b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 881
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:57 GMT
server: cloudflare
cf-ray: 746fc482a8510b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 | 104.18.47.230 | 200 OK | 0 B |
URL HTTP/2static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP104.18.47.230:0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.saveday-inc.net
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 746fc4692eda1bfe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 556
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46c7dc10b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 545
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:57 GMT
server: cloudflare
cf-ray: 746fc485bbf80b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/cdn-cgi/rum? | 104.16.13.194 | 200 OK | 0 B |
URL HTTP/2www.saveday-inc.net/cdn-cgi/rum? IP104.16.13.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /cdn-cgi/rum? HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 431
Origin: https://www.saveday-inc.net
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTIwOTg4ODA=:visited=true; cf:visitor_id=0a14c206-9b1f-4214-8955-7f60db3dae66; addevent_track_cookie=d571e957-fe99-4d9d-1142-4ff67c30ec88; _gcl_au=1.1.2088749376.1662557087; _ga=GA1.2.1017554000.1662557088; _gid=GA1.2.1355425120.1662557088; _dc_gtm_UA-106500592-1=1; _fbp=fb.1.1662557087963.1758884844; is_eu=false; puj70qegsxmgi00v=true; 11661049_viewed_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:25:01 GMT
content-type: text/plain
access-control-allow-origin: https://www.saveday-inc.net
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 746fc49e0eaeb509-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/mailcheck.min.js | 104.16.13.194 | 200 OK | 0 B |
URL HTTP/2app.clickfunnels.com/mailcheck.min.js IP104.16.13.194:0
GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: application/x-javascript
cf-ray: 746fc4693d37b51e-OSL
access-control-allow-origin: *
age: 181
etag: W/"630e9cfc-a8d"
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=zgW3NkwaXLCncNzGN82aiWl8uy7BqAzHUv62_lYReWc-1662557093-0-AQ5dFxzNggbYSa2OvXZQ1NISrTmjdR23fyhf1etbj3L9DEnZ2LH/uaxzaRpS7cZzRpHXEbv92uWHI1DqOF4boTugMdcqCPdYzio0yBb9oT9R; path=/; expires=Wed, 07-Sep-22 13:54:53 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.9.0/css/v4-shims.css | 104.21.63.54 | 200 OK | 0 B |
URL HTTP/2use.fontawesome.com/releases/v5.9.0/css/v4-shims.css IP104.21.63.54:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
content-type: text/css
x-amz-id-2: 29dQf2WVNOHot5Ay8pBeGC9Jp0pul03AFXB61uD4zFysCnT6qW6VHySxi6MC8oLZjApsDY/NPq0=
x-amz-request-id: B6FTANBTWNEFCW5M
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2641280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zG9W0czqP5M3vJMuw%2BrLP5pG08%2FY%2FWSpYZEABlvPlc3IXJiCdgZPXPubI9NENAv07EaqNva0ZGnUMeSd7ApJzFlX7Q6TMNrHnJ9V3%2BYCLHpSCSVcOm0LJUM0QZrmxVu2yUCJbeEa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746fc468c8b2b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 554
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46aab890b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1600
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:53 GMT
server: cloudflare
cf-ray: 746fc46d0e6a0b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp | 104.18.21.157 | 200 OK | 0 B |
URL HTTP/2csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp IP104.18.21.157:0
POST /cdn-cgi/script_monitor/report?m=_jrDKRGYNj3eAH.cId3Krg_UumhphTYyJ9Zw8MCVPho-1662557093-0-Aer_qGbuX_YmRKjiEjl3XmQk3iVpSHk20J7T8BDPohXc54fIqAiNlcF-e0P3qbg2XcyZSNs9Qi-QLeyW_UzgWgvjUt4nwIQPf5OXsInb5Ynp HTTP/1.1
Host: csp-reporting.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 751
Origin: https://www.saveday-inc.net
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:54 GMT
server: cloudflare
cf-ray: 746fc46f18d00b69-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.saveday-inc.net/images/background.png?_unique=0.6137570701133614&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.saveday-inc.net/optin1638821352637&_title=SaveDay&_key=fq1volzp&_page_key=puj70qegsxmgi00v&_fid=11661049&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.saveday-inc.net/optin1638821352637&_referrer= | 104.16.13.194 | 200 OK | 0 B |
URL HTTP/2www.saveday-inc.net/images/background.png?_unique=0.6137570701133614&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.saveday-inc.net/optin1638821352637&_title=SaveDay&_key=fq1volzp&_page_key=puj70qegsxmgi00v&_fid=11661049&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.saveday-inc.net/optin1638821352637&_referrer= IP104.16.13.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /images/background.png?_unique=0.6137570701133614&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.saveday-inc.net/optin1638821352637&_title=SaveDay&_key=fq1volzp&_page_key=puj70qegsxmgi00v&_fid=11661049&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.saveday-inc.net/optin1638821352637&_referrer= HTTP/1.1
Host: www.saveday-inc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saveday-inc.net/optin1638821352637
Cookie: __cf_bm=SJitCKiXrGXcKUmes8G0MEb1Ed8eTEEkmARz7nevfy8-1662557093-0-AT48X99IWscCwTGT2PRigHlgGk5haccVMj0ic1/DLtJw3f06iFOU25blbrc9G58KA8AH79OstgrvT7v0vOgHaHUK+CKx16O9sTYNYAIFFVih; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTIwOTg4ODA=:visited=true; cf:visitor_id=0a14c206-9b1f-4214-8955-7f60db3dae66; addevent_track_cookie=d571e957-fe99-4d9d-1142-4ff67c30ec88; _gcl_au=1.1.2088749376.1662557087; _ga=GA1.2.1017554000.1662557088; _gid=GA1.2.1355425120.1662557088; _dc_gtm_UA-106500592-1=1; _fbp=fb.1.1662557087963.1758884844
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Sep 2022 13:24:57 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 746fc481baceb509-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store, private
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 404f4303f3fb422cce45135f5be4ace2
x-runtime: 0.025286
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|