go.dayandas.icu Open in urlscan Pro
172.67.142.208 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://crystalshub.net/fr_fr/streaming-club-valider-compte-gratuit?lead=669e983810088
Effective URL:
https://go.dayandas.icu/7322b350494af5ad3d3ad2d1de95cbd5ef0e0474?oid=465&affid=15&_ef_transaction_id=33e2207a6b4048ccb24...
Submission: On July 24 via api (July 24th 2024, 12:32:40 am UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 16 HTTP transactions. The main IP is 172.67.142.208, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.dayandas.icu.
TLS certificate: Issued by WE1 on July 9th 2024. Valid for: 3 months.

This is the only time go.dayandas.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	172.67.187.35 172.67.187.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	44.240.153.162 44.240.153.162	16509 (AMAZON-02) (AMAZON-02)
1 1	35.204.59.16 35.204.59.16	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	167.235.196.65 167.235.196.65	24940 (HETZNER-AS) (HETZNER-AS)
2 6	172.67.142.208 172.67.142.208	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	46.101.119.244 46.101.119.244	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:10:... 2606:4700:10::6816:3ab5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.28.178.17 52.28.178.17	16509 (AMAZON-02) (AMAZON-02)
16	7

2 172.67.187.35 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

crystalshub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.240.153.162 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-153-162.us-west-2.compute.amazonaws.com

api.trackszz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.59.16 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.59.204.35.bc.googleusercontent.com

go.trackinita.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.196.65 (Bühl, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: 65.196.235.167.app-dns.com

cka.freedropo.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.142.208 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

go.dayandas.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdn.soopercdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.101.119.244 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: stl.goldluckyoffer.top

stl.goldluckyoffer.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3ab5 (United States)

ASN13335 (CLOUDFLARENET, US)

eu-assets.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.178.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-178-17.eu-central-1.compute.amazonaws.com

eu.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	dayandas.icu 2 redirects go.dayandas.icu	57 KB
4	posthog.com eu-assets.i.posthog.com — Cisco Umbrella Rank: 115564 eu.i.posthog.com — Cisco Umbrella Rank: 35778	90 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	45 KB
3	trackszz.com 1 redirects api.trackszz.com — Cisco Umbrella Rank: 834422	4 KB
2	goldluckyoffer.top stl.goldluckyoffer.top	20 KB
2	crystalshub.net 2 redirects crystalshub.net	1 KB
1	soopercdn.com cdn.soopercdn.com	14 KB
1	freedropo.top 1 redirects cka.freedropo.top	817 B
1	trackinita.com 1 redirects go.trackinita.com — Cisco Umbrella Rank: 375287	289 B
16	9

	Domain	Requested by
6	go.dayandas.icu	2 redirects go.dayandas.icu
3	cdnjs.cloudflare.com	go.dayandas.icu
3	api.trackszz.com	1 redirects
2	eu.i.posthog.com	eu-assets.i.posthog.com
2	eu-assets.i.posthog.com	go.dayandas.icu eu-assets.i.posthog.com
2	stl.goldluckyoffer.top	go.dayandas.icu stl.goldluckyoffer.top
2	crystalshub.net	2 redirects
1	cdn.soopercdn.com	go.dayandas.icu
1	cka.freedropo.top	1 redirects
1	go.trackinita.com	1 redirects
16	10

This site contains no links.

Subject Issuer	Validity	Valid
*.trackszz.com Amazon RSA 2048 M03	`2024-05-07` - `2025-06-06`	a year	crt.sh
dayandas.icu WE1	`2024-07-09` - `2024-10-07`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
soopercdn.com WE1	`2024-06-07` - `2024-09-05`	3 months	crt.sh
stl.goldluckyoffer.top R11	`2024-06-10` - `2024-09-08`	3 months	crt.sh
*.i.posthog.com E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://go.dayandas.icu/7322b350494af5ad3d3ad2d1de95cbd5ef0e0474?oid=465&affid=15&_ef_transaction_id=33e2207a6b4048ccb2411f3fb9a22acd&sub1=66a04ba3bf7f1d00012a9831&sub2=1336_65bbafdd2b718787fd12cff1
Frame ID: A66D94194F3DE96D1463D102D3CD6C69
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Information

Page URL History Show full URLs

http://crystalshub.net/fr_fr/streaming-club-valider-compte-gratuit?lead=669e983810088 HTTP 307
https://crystalshub.net/fr_fr/streaming-club-valider-compte-gratuit?lead=669e983810088 HTTP 302
https://crystalshub.net/redirect/eyJ0byI6Imh0dHBzOlwvXC9hcGkudHJhY2tzenouY29tXC9jbGlja1wvdlAxbFp0bjR... HTTP 302
https://api.trackszz.com/click/vP1lZtn4NE?c1=FR3665&c2=ccsubmit&c3=200205&c4=65bbafdd2b718787fd12cff1... HTTP 302
https://api.trackszz.com/main/d.php?s=fd0df6f9c4bdc93a50b3c4d841f07f95&link=https%3A%2F%2Fgo.trackini... Page URL
https://go.trackinita.com/sl?id=65cb65ee1a0d3f7a69a68d66&pid=1336&sub1=Pn8eteZcax-66a04ba23b77cd718f30... HTTP 302
https://cka.freedropo.top/cmp/CFTK8/8GC3R/?sub1=66a04ba3bf7f1d00012a9831&sub2=1336_65bbafdd2b718787fd1... HTTP 302
https://go.dayandas.icu/de_DE/d5he1aNo4XIy?oid=465&affid=15&first_name=&last_name=&address=&zip_code... HTTP 302
https://go.dayandas.icu/enter/7322b350494af5ad3d3ad2d1de95cbd5ef0e0474?oid=465&affid=15&_ef_transact... HTTP 302
https://go.dayandas.icu/7322b350494af5ad3d3ad2d1de95cbd5ef0e0474?oid=465&affid=15&_ef_transaction_id... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

10 %
IPv6

9
Domains

10
Subdomains

7
IPs

4
Countries

221 kB
Transfer

680 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://crystalshub.net/fr_fr/streaming-club-valider-compte-gratuit?lead=669e983810088 HTTP 307
https://crystalshub.net/fr_fr/streaming-club-valider-compte-gratuit?lead=669e983810088 HTTP 302
https://crystalshub.net/redirect/eyJ0byI6Imh0dHBzOlwvXC9hcGkudHJhY2tzenouY29tXC9jbGlja1wvdlAxbFp0bjRORT9jMT1GUjM2NjUmYzI9Y2NzdWJtaXQmYzM9MjAwMjA1JmM0PTY1YmJhZmRkMmI3MTg3ODdmZDEyY2ZmMSZjNT0wY2UzMTNlMy0xYjg3LTQ1NjAtYjE2Yy1iYTI3N2I0YWI4YmEmYzY9c3ViaWQmYzEwPUZSX2Njc3VibWl0IiwiZGF0YSI6eyJ0IjozLCJyIjoxOSwiZSI6IjBjZTMxM2UzLTFiODctNDU2MC1iMTZjLWJhMjc3YjRhYjhiYSJ9fQ%3D%3D HTTP 302
https://api.trackszz.com/click/vP1lZtn4NE?c1=FR3665&c2=ccsubmit&c3=200205&c4=65bbafdd2b718787fd12cff1&c5=0ce313e3-1b87-4560-b16c-ba277b4ab8ba&c6=subid&c10=FR_ccsubmit HTTP 302
https://api.trackszz.com/main/d.php?s=fd0df6f9c4bdc93a50b3c4d841f07f95&link=https%3A%2F%2Fgo.trackinita.com%2Fsl%3Fid%3D65cb65ee1a0d3f7a69a68d66%26pid%3D1336%26sub1%3DPn8eteZcax-66a04ba23b77cd718f30bcad%26sub5%3D65bbafdd2b718787fd12cff1%26 Page URL
https://go.trackinita.com/sl?id=65cb65ee1a0d3f7a69a68d66&pid=1336&sub1=Pn8eteZcax-66a04ba23b77cd718f30bcad&sub5=65bbafdd2b718787fd12cff1& HTTP 302
https://cka.freedropo.top/cmp/CFTK8/8GC3R/?sub1=66a04ba3bf7f1d00012a9831&sub2=1336_65bbafdd2b718787fd12cff1 HTTP 302
https://go.dayandas.icu/de_DE/d5he1aNo4XIy?oid=465&affid=15&first_name=&last_name=&address=&zip_code=&city=&phone_number=&email=&_ef_transaction_id=33e2207a6b4048ccb2411f3fb9a22acd&sub1=66a04ba3bf7f1d00012a9831&sub2=1336_65bbafdd2b718787fd12cff1&sub3=&sub4=&sub5= HTTP 302
https://go.dayandas.icu/enter/7322b350494af5ad3d3ad2d1de95cbd5ef0e0474?oid=465&affid=15&_ef_transaction_id=33e2207a6b4048ccb2411f3fb9a22acd&sub1=66a04ba3bf7f1d00012a9831&sub2=1336_65bbafdd2b718787fd12cff1&sub3=&sub4=&sub5= HTTP 302
https://go.dayandas.icu/7322b350494af5ad3d3ad2d1de95cbd5ef0e0474?oid=465&affid=15&_ef_transaction_id=33e2207a6b4048ccb2411f3fb9a22acd&sub1=66a04ba3bf7f1d00012a9831&sub2=1336_65bbafdd2b718787fd12cff1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://crystalshub.net/fr_fr/streaming-club-valider-compte-gratuit?lead=669e983810088 HTTP 307
https://crystalshub.net/fr_fr/streaming-club-valider-compte-gratuit?lead=669e983810088 HTTP 302
https://crystalshub.net/redirect/eyJ0byI6Imh0dHBzOlwvXC9hcGkudHJhY2tzenouY29tXC9jbGlja1wvdlAxbFp0bjRORT9jMT1GUjM2NjUmYzI9Y2NzdWJtaXQmYzM9MjAwMjA1JmM0PTY1YmJhZmRkMmI3MTg3ODdmZDEyY2ZmMSZjNT0wY2UzMTNlMy0xYjg3LTQ1NjAtYjE2Yy1iYTI3N2I0YWI4YmEmYzY9c3ViaWQmYzEwPUZSX2Njc3VibWl0IiwiZGF0YSI6eyJ0IjozLCJyIjoxOSwiZSI6IjBjZTMxM2UzLTFiODctNDU2MC1iMTZjLWJhMjc3YjRhYjhiYSJ9fQ%3D%3D HTTP 302
https://api.trackszz.com/click/vP1lZtn4NE?c1=FR3665&c2=ccsubmit&c3=200205&c4=65bbafdd2b718787fd12cff1&c5=0ce313e3-1b87-4560-b16c-ba277b4ab8ba&c6=subid&c10=FR_ccsubmit HTTP 302
https://api.trackszz.com/main/d.php?s=fd0df6f9c4bdc93a50b3c4d841f07f95&link=https%3A%2F%2Fgo.trackinita.com%2Fsl%3Fid%3D65cb65ee1a0d3f7a69a68d66%26pid%3D1336%26sub1%3DPn8eteZcax-66a04ba23b77cd718f30bcad%26sub5%3D65bbafdd2b718787fd12cff1%26

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

d.php Show response
api.trackszz.com/main/
Redirect Chain

http://crystalshub.net/fr_fr/streaming-club-valider-compte-gratuit?lead=669e983810088
https://crystalshub.net/fr_fr/streaming-club-valider-compte-gratuit?lead=669e983810088
https://crystalshub.net/redirect/eyJ0byI6Imh0dHBzOlwvXC9hcGkudHJhY2tzenouY29tXC9jbGlja1wvdlAxbFp0bjRORT9jMT1GUjM2NjUmYzI9Y2NzdWJtaXQmYzM9MjAwMjA1JmM0PTY1YmJhZmRkMmI3MTg3ODdmZDEyY2ZmMSZjNT0wY2UzMTNl...
https://api.trackszz.com/click/vP1lZtn4NE?c1=FR3665&c2=ccsubmit&c3=200205&c4=65bbafdd2b718787fd12cff1&c5=0ce313e3-1b87-4560-b16c-ba277b4ab8ba&c6=subid&c10=FR_ccsubmit
https://api.trackszz.com/main/d.php?s=fd0df6f9c4bdc93a50b3c4d841f07f95&link=https%3A%2F%2Fgo.trackinita.com%2Fsl%3Fid%3D65cb65ee1a0d3f7a69a68d66%26pid%3D1336%26sub1%3DPn8eteZcax-66a04ba23b77cd718f3...

217 B
623 B

212ms
212ms

Document
text/html

44.240.153.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trackszz.com/main/d.php?s=fd0df6f9c4bdc93a50b3c4d841f07f95&link=https%3A%2F%2Fgo.trackinita.com%2Fsl%3Fid%3D65cb65ee1a0d3f7a69a68d66%26pid%3D1336%26sub1%3DPn8eteZcax-66a04ba23b77cd718f30bcad%26sub5%3D65bbafdd2b718787fd12cff1%26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.153.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-153-162.us-west-2.compute.amazonaws.com
Software: nginx/1.11.6 /
Resource Hash: 9dd874af53754c2a405693218e22146429734bd57745eae9fa3cf54d3ad074ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 24 Jul 2024 00:32:35 GMT
server: nginx/1.11.6

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Wed, 24 Jul 2024 00:32:34 GMT
location: /main/d.php?s=fd0df6f9c4bdc93a50b3c4d841f07f95&link=https%3A%2F%2Fgo.trackinita.com%2Fsl%3Fid%3D65cb65ee1a0d3f7a69a68d66%26pid%3D1336%26sub1%3DPn8eteZcax-66a04ba23b77cd718f30bcad%26sub5%3D65bbafdd2b718787fd12cff1%26
server: nginx/1.11.6

GET
H3

200

Primary Request 7322b350494af5ad3d3ad2d1de95cbd5ef0e0474 Show response
go.dayandas.icu/
Redirect Chain

https://go.trackinita.com/sl?id=65cb65ee1a0d3f7a69a68d66&pid=1336&sub1=Pn8eteZcax-66a04ba23b77cd718f30bcad&sub5=65bbafdd2b718787fd12cff1&
https://cka.freedropo.top/cmp/CFTK8/8GC3R/?sub1=66a04ba3bf7f1d00012a9831&sub2=1336_65bbafdd2b718787fd12cff1
https://go.dayandas.icu/de_DE/d5he1aNo4XIy?oid=465&affid=15&first_name=&last_name=&address=&zip_code=&city=&phone_number=&email=&_ef_transaction_id=33e2207a6b4048ccb2411f3fb9a22acd&sub1=66a04ba3bf7...
https://go.dayandas.icu/enter/7322b350494af5ad3d3ad2d1de95cbd5ef0e0474?oid=465&affid=15&_ef_transaction_id=33e2207a6b4048ccb2411f3fb9a22acd&sub1=66a04ba3bf7f1d00012a9831&sub2=1336_65bbafdd2b718787f...
https://go.dayandas.icu/7322b350494af5ad3d3ad2d1de95cbd5ef0e0474?oid=465&affid=15&_ef_transaction_id=33e2207a6b4048ccb2411f3fb9a22acd&sub1=66a04ba3bf7f1d00012a9831&sub2=1336_65bbafdd2b718787fd12cff1

28 KB
11 KB

688ms
688ms

Document
text/html

172.67.142.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.dayandas.icu/7322b350494af5ad3d3ad2d1de95cbd5ef0e0474?oid=465&affid=15&_ef_transaction_id=33e2207a6b4048ccb2411f3fb9a22acd&sub1=66a04ba3bf7f1d00012a9831&sub2=1336_65bbafdd2b718787fd12cff1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.142.208 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89263f9b34dd3f2de4068a51b23641ba4ce0b5d173be66efc8dca06fde18e09d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://api.trackszz.com/main/d.php?s=fd0df6f9c4bdc93a50b3c4d841f07f95&link=https%3A%2F%2Fgo.trackinita.com%2Fsl%3Fid%3D65cb65ee1a0d3f7a69a68d66%26pid%3D1336%26sub1%3DPn8eteZcax-66a04ba23b77cd718f30bcad%26sub5%3D65bbafdd2b718787fd12cff1%26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8a7fd06c0c1f2bd7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 24 Jul 2024 00:32:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6o0hn3Urtr2qM0Ts1RRb281z%2BzMBTtuctx00COM08GbJQ%2FwHeZliN4C4XqTtWPGqr2um57Wlr8Jr23sbT7zZqBHW3sHjRMjVzsnOCT1orYDUzHKhZTsgYXPoSivfPRS9fm4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8a7fd0696a922bd7-FRA
content-type: text/html; charset=UTF-8
date: Wed, 24 Jul 2024 00:32:37 GMT
location: https://go.dayandas.icu/7322b350494af5ad3d3ad2d1de95cbd5ef0e0474?oid=465&affid=15&_ef_transaction_id=33e2207a6b4048ccb2411f3fb9a22acd&sub1=66a04ba3bf7f1d00012a9831&sub2=1336_65bbafdd2b718787fd12cff1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lj%2F3%2BuxW%2Ffdf2Vpc2A7Nn5amVh9PM37jmeVpNmMHqOEDIG7lVEfEUpUtL%2F1bvEYk1PpRR1UE%2BmenYW0q0pEesnvvndGvgBT21lVIEMWYoqEaDJ0tFAbff0hMte%2BM77eF8BY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
api.trackszz.com/ 0
455 B 211ms
211ms Other
image/x-icon 44.240.153.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trackszz.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.153.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-153-162.us-west-2.compute.amazonaws.com
Software: nginx/1.11.6 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 00:32:35 GMT
last-modified: Fri, 12 Jan 2024 02:40:46 GMT
server: nginx/1.11.6
accept-ranges: bytes
etag: "65a0a6ae-0"
content-length: 0
content-type: image/x-icon

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ 88 KB
28 KB 98ms
48ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: go.dayandas.icu
URL: https://go.dayandas.icu/7322b350494af5ad3d3ad2d1de95cbd5ef0e0474?oid=465&affid=15&_ef_transaction_id=33e2207a6b4048ccb2411f3fb9a22acd&sub1=66a04ba3bf7f1d00012a9831&sub2=1336_65bbafdd2b718787fd12cff1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://go.dayandas.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 00:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2873618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27990
last-modified: Fri, 26 Aug 2022 18:34:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63091225-6d56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GBp%2FxhLLli5R14jKY6wSi%2F6TCVdvz6sWPq0jQO5G%2BzTxpyq0cTkm1H1UszD28vDFDSaYwVSVgbkZgmUI2qfEc%2BLj2kfXTqIj9wDvsOiGcCrwaiUU05i%2Bl8bNNieiP58I2gGU6o7R"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a7fd070b9ba9f2e-FRA
expires: Mon, 14 Jul 2025 00:32:38 GMT

GET
H3 200 styles.css
go.dayandas.icu/assets/css/ 53 KB
8 KB 136ms
135ms Stylesheet
text/css 172.67.142.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.dayandas.icu/assets/css/styles.css?id=ed8ac1c08d4d3f9d324296f3094c43d2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.142.208 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c5b8481febc886b3a96d81e477c3a09e5ca850c0f265d23c52baae54571fdd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 00:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 05:42:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"668ccdcb-d5db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4uDasc36ZvkCoEQ3kD3U%2Fz6ay0UITnhSZyo6qDjaZv7%2FQUxYYkyvuV%2F32Kdj%2FpMgaYWUHZ3yS6ZCeOxA%2FIhHBjX4LG3KPam5gWxxRZN43yf62Oqx9VXUgDxvU5Sq0BCZ6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8a7fd0706e392bd7-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 jquery-3.6.1.min.js Show response
go.dayandas.icu/assets/js/ 88 KB
31 KB 93ms
89ms Script
application/javascript 172.67.142.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.dayandas.icu/assets/js/jquery-3.6.1.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.142.208 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 00:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 05:42:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"668ccdcb-15e40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jg1BBjDOtYXi%2FCyEs8EqPZSSWRSpqC7s38%2Fxfz81v2pwrpAkN98QtQO0usOpuEOv%2BAe1jxx1W3BL3aRv0LjMd2pzmm%2B%2F1mr3RBUHnmIJeZmafAZY%2F3MjFLZxRPb%2FWk1yKfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8a7fd0707e3b2bd7-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/ 24 KB
7 KB 50ms
49ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://go.dayandas.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 00:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 982891
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6955
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-5f30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DEgj06zrkcbEEK0X1faCtlGY%2Bp1wuxQdifc4D8F7yNaau8kN4S03wEdV%2BezdDoKfcgf2ZW5skmdz1xVVNPjPqsfQaL5yc5j5e8oSGWrqW3zQfBawvrUWIMnklbsdqjUSYDyLcsH0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a7fd0716a4b9f2e-FRA
expires: Mon, 14 Jul 2025 00:32:38 GMT

GET
H3 200 card.svg
cdn.soopercdn.com/cp/form-campaign-checkout-v2/assets/images/ 33 KB
14 KB 136ms
67ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.soopercdn.com/cp/form-campaign-checkout-v2/assets/images/card.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8003f52342e1def68499f3d0d10d988f20cd7086faa0fa7eaaf7dcae42ed07e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 00:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IargREn8l%2FLxbGIummfFh9D3TC7bfr0EapeVNe8UOZ%2Fdh9i5Zt%2FLqJW21qiQAsQTBPAaj0VAIK8siV3XbwZTl3%2BIBaz2b%2BXsyio%2B848ZJSyK3DaNUMab7KhVeSv%2FVpcKFc7lXg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
cf-ray: 8a7fd070dad13655-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 card.min.js Show response
cdnjs.cloudflare.com/ajax/libs/card/1.3.1/js/ 49 KB
10 KB 97ms
50ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/card/1.3.1/js/card.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61a1aeeea29068f11931d842256185a8cf63a9eba801ca8e176c19a6266258a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 00:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4652842
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9498
last-modified: Mon, 04 May 2020 16:09:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e22-c3a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lnJ%2FIyL%2BAt5FcOo2VihjsdupoOGxoHL3RMogpy%2FPRw%2Fz%2FYAwQWXHLiZwFDtFYgWSmTHPlaAlmRYNTZ45ptQzKaSh8PHf7etpnR6M8kq3UsxAa5%2FR91JaRE7VIG4Rkms3jt3EDIxD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a7fd070bda165d9-FRA
expires: Mon, 14 Jul 2025 00:32:38 GMT

GET
H/1.1 200
OK everflow.js Show response
stl.goldluckyoffer.top/scripts/sdk/ 60 KB
19 KB 645ms
300ms Script
text/javascript 46.101.119.244
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://stl.goldluckyoffer.top/scripts/sdk/everflow.js
Requested by: Host: go.dayandas.icu
URL: https://go.dayandas.icu/7322b350494af5ad3d3ad2d1de95cbd5ef0e0474?oid=465&affid=15&_ef_transaction_id=33e2207a6b4048ccb2411f3fb9a22acd&sub1=66a04ba3bf7f1d00012a9831&sub2=1336_65bbafdd2b718787fd12cff1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.101.119.244 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: stl.goldluckyoffer.top
Software: nginx /
Resource Hash: 66224b80854f6d5a4da606cfd56524227c1189e17bbdc347cfb18998e2e3d90a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 00:32:39 GMT
content-encoding: gzip
server: nginx
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
transfer-encoding: chunked
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: ce5c9366-f951-4d9b-8e10-d0099ccac23d

GET
H2 200 array.js Show response
eu-assets.i.posthog.com/static/ 149 KB
51 KB 154ms
52ms Script
text/javascript 2606:4700:10::6816:3ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-assets.i.posthog.com/static/array.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3ab5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fe3878fe9d4ac3773f8d9cdd0dd833c2d1757c70a3a2ba4c7eadb98ce253f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://go.dayandas.icu/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 00:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18
x-envoy-upstream-service-time: 17
referrer-policy: same-origin
last-modified: Tue, 23 Jul 2024 22:37:28 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Cookie, Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 8a7fd0721b3a1c2e-FRA

POST
H2 200 / Show response
eu.i.posthog.com/decide/ 724 B
777 B 170ms
47ms XHR
application/json 52.28.178.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.i.posthog.com/decide/?v=3&ip=1&_=1721781158807&ver=1.149.0&compression=base64

Requested by

Host: eu-assets.i.posthog.com
URL: https://eu-assets.i.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.178.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-178-17.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

a7855df0010bb7ff258313b928a6a54a8fca7a056961adbbdb29a1a3b6b9527d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Jul 2024 00:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: envoy
cross-origin-opener-policy: same-origin
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://go.dayandas.icu
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7
access-control-allow-headers: X-Requested-With,Content-Type

POST
H2 200 / Show response
eu.i.posthog.com/e/ 13 B
412 B 161ms
45ms XHR
application/json 52.28.178.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.i.posthog.com/e/?ip=1&_=1721781158813&ver=1.149.0&compression=base64

Requested by

Host: eu-assets.i.posthog.com
URL: https://eu-assets.i.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.178.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-178-17.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Jul 2024 00:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: envoy
cross-origin-opener-policy: same-origin
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://go.dayandas.icu
access-control-allow-credentials: true
x-envoy-upstream-service-time: 6
access-control-allow-headers: X-Requested-With,Content-Type

GET
H2 200 recorder.js Show response
eu-assets.i.posthog.com/static/ 108 KB
38 KB 49ms
48ms Script
text/javascript 2606:4700:10::6816:3ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-assets.i.posthog.com/static/recorder.js?v=1.149.0

Requested by

Host: eu-assets.i.posthog.com
URL: https://eu-assets.i.posthog.com/static/array.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3ab5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19670845f25ad3403d2a2ac74158a4a042fb3018e4ade53eade3245744281b2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 00:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 283
x-envoy-upstream-service-time: 15
referrer-policy: same-origin
last-modified: Tue, 23 Jul 2024 22:37:28 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Cookie, Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a7fd073bcd21c2e-FRA

GET
H3 200 favicon.ico
go.dayandas.icu/ 0
455 B 62ms
61ms Other
image/x-icon 172.67.142.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.dayandas.icu/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.142.208 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 00:32:39 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
last-modified: Tue, 09 Jul 2024 05:42:35 GMT
server: cloudflare
etag: "668ccdcb-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=raGOU0Y%2FjtmSPt9MxfV2VCXACsemgXYGk1Ie9NaYbK3LgZrDFkfLghHmdbD3dLmghOEYkHAf7CVNJSrA4kJuQ%2FMQ8BnbVVB7k1b5r0DvXig0ZfzKadz6ONzPDZDddBDw6qY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a7fd075c9812bd7-FRA

GET
H/1.1 200
OK click Show response
stl.goldluckyoffer.top/sdk/ 87 B
720 B 259ms
259ms Fetch
application/json 46.101.119.244
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://stl.goldluckyoffer.top/sdk/click?effp=6090e92b2c6e73b0a959afb728b455ef&sec_ch_ua_platform=&sec_ch_ua_platform_version=&sec_ch_ua_model=&_ef_transaction_id=33e2207a6b4048ccb2411f3fb9a22acd&oid=465&affid=15&__cc=&async=json&sub1=66a04ba3bf7f1d00012a9831&sub2=1336_65bbafdd2b718787fd12cff1&__qp=oid%7Caffid%7C_ef_transaction_id%7Csub1%7Csub2&__rf=&__efckuq=44
Requested by: Host: stl.goldluckyoffer.top
URL: https://stl.goldluckyoffer.top/scripts/sdk/everflow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.101.119.244 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: stl.goldluckyoffer.top
Software: nginx /
Resource Hash: fdc485d0d372e2a0a1358fcbe009daf564ebe09922b65370851e33430bb0db87

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 00:32:39 GMT
server: nginx
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.dayandas.icu
access-control-allow-credentials: true
x-eflow-request-id: bef3bbaa-72fe-4bab-9bd1-7d0dd086007d
content-length: 87

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
crystalshub.net/	1969-12-31 23:59:59	Name: visitInfo::3665 Value: 87e4b20f3565b4117ff65255bf165ca81953ffcabcfb6315f610af574608cbe9a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A3665%22%3Bi%3A1%3Ba%3A1%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%227b1580286953febbd25432df7fca320d%22%3B%7D%7D
api.trackszz.com/	1970-01-20 22:16:28	Name: XSRF-TOKEN Value: eyJpdiI6InZxN25xcFZJOG9idThTZExIcnFtMHc9PSIsInZhbHVlIjoibWJmSjIrbDIraEVNT21kNkZLSDA0TzNNMjUxazhTR2YwUjVWcGtLS1pFSEVHMnpSVElYOHBXOEhUWDB1cTZoSU1naUs1dkc3K3ByXC9naTZkaUNuT1pBPT0iLCJtYWMiOiIzZjg4Y2U1MzMyNDdjYzVhMTdkOGFhMDJmYTNjMWVjYjE5YTc0YjVkNzEwNjFlZTQ3YTgzNDk1MWY3M2YyNjU2In0%3D
api.trackszz.com/	1970-01-20 22:16:28	Name: session Value: eyJpdiI6IlZ6TnFkXC92UkxyZUhaU1lzUXc0em93PT0iLCJ2YWx1ZSI6Ink4bnlTaWhOMEUzVG80Q2ZHZ3pzUUJET3hFbE1xTlwvQzd0UWdTM1lTU3RtcVMwTHI0KzNMWCt0TnN2cXpISG42Z3FSeFV0Snd4SnIrVWJHeUxjRkJnQT09IiwibWFjIjoiZWYwY2Q0NDBkMjcxNmQ3ZDgwYzI1NjdjMGY4ODdmZGI3NWVkMTYzZDQ5YjM1NGQzZWJjNTRkNTg1YjMzOGRkOCJ9
api.trackszz.com/	1970-01-20 22:17:47	Name: ept2 Value: eyJpdiI6IktDeXRkUlFaaWNRSU9Xb2JmUzMzTXc9PSIsInZhbHVlIjoieGFHZW16NERrQndqSk1wd01rejFXaVRnbEFScGZGUVp6QWk0R081eGxPY1BqNjRCVkloU1IxUjJvMUE4M3I2VEJcL3p2SDkxU2UxMTc3YU9RTVE1bENOMU9QZGtuZ3JwMWVzbHhTVHlnejE4Z0tidWw5RFVDWVFmMjlBTk9wUXpCZjFMS1wvc1wvdjVuZDFzSTA2UTdMR3RBZ2RuMjB1dnVod21ySDFtdmlhbDNYbVRDVnJsZlpIMzdDTWZqU1RtVlhoIiwibWFjIjoiYjg4N2U5ZGFmOGYxMjY0ZGE3MmE2NTVlMWU3YmJkNDlkZDQ3YTI3NGQ1MTc4ODQ0NzY0NGVlYWNhN2NhM2ExZSJ9
api.trackszz.com/	1970-01-20 22:16:28	Name: u5qQK5EJQdyd83wNDhZNkRuYXuChlymde1G1EXsC Value: eyJpdiI6IkF3Q1o2bGE3QWxRS2I4SUN2eDdnTEE9PSIsInZhbHVlIjoibEk3V3VuekZKUVJLM0xXVDdXT3ZWajRRaW5rd3cxWWs5OXpBSVI5XC9VMXpTSHUwYXRkZmNJZWV5WTFjajQ1ODVwdTl6aU4rOXJZQ0taSUFzK0ZGcEhuR3JCa0J6SjlpaklYWURpU2NMY3F5ZVFSZXRUVlhrZGZacDNRbmlxYzExdnBaMnBRSVwvczB5YWlmSE1VcTZHU1pubDhEckZISkhXN3lOdHN6VDk3OFdrYkltN0pJRGxOV0J4XC81anI4bVdRdXlPQVIyNGxLZDJnWkVwZ2ZndXcyYjJyZ2tPZnBCbHFVNmxcL1Jrc0dLOUxaZXdPU1J5NmdOMGRMcGxtdWJMXC9mOU1oQm51T1JldVlcL1g0aXVWK1daRHpia3I0Z2FPaVBXXC9OZHloSHU0Uzh5YTRXcTZwRk9WbzlSR1wvbjhUTXpzZ2Z0Y2JpdjZ0Y2piSmVqTDdtRkYwY0NiTWljTkEycDBsVVZ3V2VCN3ZvSlc4V1pGcHlkcDZaNDk2WlwvNEZPWGhpUUpsWEJTekUwZzcwQkcxZ21DUVp4WDNVT003ekJ1S2xHZHVweG5BelNYQlFJWlh0eFlzQ2VjRkdWXC9yb2M1R0ZWU2ZoS3FoT2kwQkJzZDgrQkljUHZ3QmpEMFpWWFJQK1dRVXhyUk5lRXRKVDk4ZnRTKzVHWUs5NE9yWlF1MWhOS1Fydisrb1FxZW55NDJQMW9jMFFqT3E4UlI1Z1ZLOHhSZ2dWNlwvdVp2d2d6ZEtPbDZodFRVN2xKazFmNlVKSzAwU3RSbjQydFlXZUUrdjU5YmVtNXZVTDMxMkpJdEx6TVBScmdCakx6K1V4akZodFFsREFtSWRTNHVNV2V2UzhoY1htXC8yMkZUcmJxV3NITFdnXC90VkY3NGpCY0crMVlyT1wvc3ZKM3pDeTVjK20xS2RXcmt6elk2eXlyeU5lTWRNUUJEd0ZGRVgrRHRRSmMzQzhFZFNKdFE9PSIsIm1hYyI6IjY4YzJhYTdmZTYzMTMxYTRkNWI4ZGUwYWE4ODU2NzI2YmQwNDk0MzllNTJhN2YzMmNiMTNmZDllYWQ2NjE5MmYifQ%3D%3D
go.trackinita.com/	1970-01-21 07:01:57	Name: afclick Value: 66a04ba3bf7f1d00012a9831
api.trackszz.com/	1970-01-20 22:26:25	Name: AWSALB Value: 1lMF39khbsOp+92DBfoMNr7/jtCT5fo5dTdLh2RAHceU1Oo2FOyn9mWwNmEz1G6N1lBO8XRqEkyxmavypb3zkgiw02TNKLwgXn2Nq9i8XSScHhcHQXz3Ch584M/H
api.trackszz.com/	1970-01-20 22:26:25	Name: AWSALBCORS Value: 1lMF39khbsOp+92DBfoMNr7/jtCT5fo5dTdLh2RAHceU1Oo2FOyn9mWwNmEz1G6N1lBO8XRqEkyxmavypb3zkgiw02TNKLwgXn2Nq9i8XSScHhcHQXz3Ch584M/H
cka.freedropo.top/	1970-01-20 22:17:47	Name: uniqueClick_8GC3R Value: fa3a7a97-56a1-4ce7-9082-de4cd12aee29:1721781156
cka.freedropo.top/	1970-01-21 00:25:57	Name: transaction_id Value: 33e2207a6b4048ccb2411f3fb9a22acd
go.dayandas.icu/	1970-01-20 22:16:31	Name: XSRF-TOKEN Value: eyJpdiI6IkRTMDdtVjNQQVNIVWdwM0Fjdm9NT2c9PSIsInZhbHVlIjoieUpSQnZjU2xPbmMxSmVwRUxEMXRjUjJPOFZrMkpzNWVXOHlLaWNWMHlTdXFMZVBZT29oK0hIQ0I5dWI1S1F3UzJQS0t3RitlclA1c0tUTzh4cmJBNTNKRkdaUmZsbnBtbXgvL2YrLzRMaFJZUFQwaGxoNmw2ZzhlbTZvMHpSTGIiLCJtYWMiOiI1MzllYzhiOWIwYzg1ODFhZWM4ZWUwMGU0MjlkZDA1MWQwZjhlZDhjZjA0YzM0ZjUzOGQzYzU0YWUwMjMzMTZlIiwidGFnIjoiIn0%3D
go.dayandas.icu/	1970-01-20 22:16:31	Name: sitesession Value: eyJpdiI6IkNPUExiNmJaZHE0NHdUY3VvVWhXY2c9PSIsInZhbHVlIjoibXYxZkdwZWJXd2djK3laOVdDRmlaVVlpUUhCQ080bU1VWS91NFFpUWNSYmpmUVJOMXBEL1dWNmRVWmxIeVNsQUExOHVXbWtZS1NBa0hBZEpqMWczTS95Yk9mejJpOEFqVVhlZTNJZWFWV0RVakpicVpCeldlb2FxL0c2TXVzQ3YiLCJtYWMiOiJkZGI4NTk3MzU3NjQ3YTUxNmFkZTE5MGVjYjIyYThjYmFmOTBkN2M5NzczYWVkOTEyZWFkZWVlMmQyNjA5MjEzIiwidGFnIjoiIn0%3D
go.dayandas.icu/	1970-01-20 22:16:31	Name: sN7cnKKz2fRGv3exmWGIhwM7h7i5N72HBSSzB9FS Value: eyJpdiI6IlMyVkpJUXBxcVkxdGZyMGQ0VDhyT2c9PSIsInZhbHVlIjoiZ1JWYkJ1SFpEMEtDbUxKVnQrRmg3MHZPU3lMVWdWSkw1MmlLNGNOdUc0OXBReU5wek5PaEJzeVBicllGTm92WTkvOTdmQ1Y4eVpmOVFKMWdENm83cEFRbWRSRy9SREJzSjFDQW5OQ2REdWtLZ1pHR0paenk1OEVjbi82czVwbUE2WGNndGdQTHZ2bVlVUk5rWldOMnk0ZFlNcUNZdXJDMytCRFkyUElUSTdPZ2I3bXBjdHFLVWJ1L3AvNFl4NzJTL1lJcjBmRS9la2grNHh3eWpRc25ydlMxVFdlTXRjcnhRNDhJMktXaGxoaHlEZ2RYZTFTaHNWYUxlOG4xeThOUzlRM3NvL0pwdjc1cHBCRlBGRVhJcHVXWUhSbDdSS1YyK0VvWmFib0NsVUYzRGJsazBUcWJzV3BmdzdBUm83MzRiZEhCdWMxWUhXN1FGb0ErSlBjRit6V1JBMEhBZExUbWdBa0FsVFlJQzlaRWlUK2VPRXR1aVBUZU44aXRCZ2VacElVT25LcmlBSEw4NmxPSTJVZWl5MXNUWUh1QmhlQW9pc0FveW5lVElQdnUvV3c4M1BkOTlhWDU5cjgxc2p0R0l6SHYvdEhiOHBGZlF0MDFvek1hU09kcDFmUkZwbUxJT1pzVUdUd3dqVTlyVEdTekRNa1hCU1J0WWh3UmNxa2hLSlo0QjZRSHVPbk02cmZqYlhLaENTZW9aalRzQ2NUZHluV3Q2NHlzU1JSWndlWTdVWGFZNW9vbzdhSDJLUEJ5Vll1cVlSbkJRZmxUN2JJdkFrQzBKL3BqSHNqYWNYVmNLdHA3L0ZuYnZEQ24zRmJwZWxVZlpqcEY2V3Jjb3AraXVZR2E4dDl0RFVBR2ZSaXVuTnI1aWxLRVRGZVNsM1dVbHh2MU5jYXFwTy91MjVHbXhkelZEVWNtb2I2L3Y1cy8ra2Zvd1NyK0tpMDArRDQxTVlyc051OWpWS014VzBXTU9DUERJaHNxN1RsSnZSa0FkbXF1Ulk3RU9HOG9HbGZOZGhqQXpDOHZIYk5BS2xNZzBaenZqUDErTEZ2N3MxM2FSSHkxS3BvczFxa1p1YkR2eFczQmJHaCs2YWJjZUtDWHY3NzVOZHRQRlFKaWZrbDV4L2tLOURqcUVEeFJ2Q09hVkpMTU9WL2dWcGFBdWJuMG1MbzF2eW1IZnZqUGpOdFowR0FLd3RNcG52c2ZveHNRRDVSMlJDQngyVDVEZjlkZlhIdkl6TUpJdEIrOUdoeG9MdUFRZnNwYjYzNlBmREtYUUZraUtmZW9jSEVQSldQd1ZkYXdFdVJFL2I4ZkZYMVpDaU9CY3pZQ1Y2RkRZMEtqUjBWRHR6ZHBuNmdmbUdia1ZheG5Bc2piRHU0MHhnSWd0U2ZhQ25FQjA5dElFQzlQVU9LY2taUGRCb0tWUHBEQk5GbE55RzBBWE45RGdiQnNmNVo1Yi9WNW4yTVl4K1A5SDlHR1RsRTMyRzJCMS90VWtpOU9OQlY0Q1JJeXhTaHcvNTZJVkcydTVVTDRONng1Q2F6S3Yzby8rNmdvRmRqRzErajMyWEtRZmRlRUNkTmd3N05EczFVQkZHZ1pIWkwzZ1FXZnoxQVR3dnUraTBEc0FhTXBzRHM5VUNGTVhJa3g0UHpKZnFwZU1uNHRVRitEb1R4R3JYOUs0NDlDdEU3TXlNWGtQZllscWYwRUhJKzB4UVRTNFl3Z0d5VUlIODVUTlRQT0hpQ2lVYWdwL1dPZEZxcXBRYXNuZ0RMMFdqRWZxKy93eE5GQjlscEM2ejBQa2tqR2N2RXdYWmVwc0JmUXlDSVBzZC9BR0lUODBOZDdDMDlpcVJKRDhzSUoyb0Nha0NVVVhNMnVkQ3ljNjFoVSIsIm1hYyI6IjU0NmNkYjAwZWViMGVhYmNjZTgxMTQ2NDYyN2RhZTI5MjMyMzQ2ODllMzkzZTlkZDYwYmZmNDI2ZWM4ZTczMTQiLCJ0YWciOiIifQ%3D%3D
.dayandas.icu/	1970-01-21 07:01:57	Name: ph_phc_a7rVy3PbzcmPv4gYPyaA5wASI1xJ8UbRKbkENIG3TCr_posthog Value: %7B%22distinct_id%22%3A%220190e227-8395-77b6-a46f-7b7efa220b0a%22%2C%22%24sesid%22%3A%5B1721781158980%2C%220190e227-8395-77b6-a46f-7b7c7e6ef628%22%2C1721781158804%5D%7D
stl.goldluckyoffer.top/	1970-01-20 22:17:47	Name: uniqueClick Value: be71f11e-5ed1-4c25-9585-48887206de7e:1721781159
stl.goldluckyoffer.top/	1970-01-21 00:25:57	Name: transaction_id Value: 33e2207a6b4048ccb2411f3fb9a22acd
go.dayandas.icu/	1970-01-20 22:59:33	Name: ef_witness Value: 1
go.dayandas.icu/	1970-01-20 22:59:33	Name: ef_affid Value: 15
go.dayandas.icu/	1970-01-20 22:59:33	Name: ef_tid_c_o_465 Value: 33e2207a6b4048ccb2411f3fb9a22acd
go.dayandas.icu/	1970-01-20 22:59:33	Name: ef_tid_c_a_3 Value: 33e2207a6b4048ccb2411f3fb9a22acd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trackszz.com
cdn.soopercdn.com
cdnjs.cloudflare.com
cka.freedropo.top
crystalshub.net
eu-assets.i.posthog.com
eu.i.posthog.com
go.dayandas.icu
go.trackinita.com
stl.goldluckyoffer.top
104.17.25.14
167.235.196.65
172.67.142.208
172.67.187.35
188.114.97.3
2606:4700:10::6816:3ab5
35.204.59.16
44.240.153.162
46.101.119.244
52.28.178.17
19670845f25ad3403d2a2ac74158a4a042fb3018e4ade53eade3245744281b2f
4c5b8481febc886b3a96d81e477c3a09e5ca850c0f265d23c52baae54571fdd1
61a1aeeea29068f11931d842256185a8cf63a9eba801ca8e176c19a6266258a2
66224b80854f6d5a4da606cfd56524227c1189e17bbdc347cfb18998e2e3d90a
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
8003f52342e1def68499f3d0d10d988f20cd7086faa0fa7eaaf7dcae42ed07e9
89263f9b34dd3f2de4068a51b23641ba4ce0b5d173be66efc8dca06fde18e09d
9dd874af53754c2a405693218e22146429734bd57745eae9fa3cf54d3ad074ca
9fe3878fe9d4ac3773f8d9cdd0dd833c2d1757c70a3a2ba4c7eadb98ce253f14
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a7855df0010bb7ff258313b928a6a54a8fca7a056961adbbdb29a1a3b6b9527d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fdc485d0d372e2a0a1358fcbe009daf564ebe09922b65370851e33430bb0db87

go.dayandas.icu Open in urlscan Pro 172.67.142.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

10 %IPv6

9 Domains

10 Subdomains

7 IPs

4 Countries

221 kBTransfer

680 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

20 Cookies

Indicators

go.dayandas.icu Open in urlscan Pro
172.67.142.208 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

10 %
IPv6

9
Domains

10
Subdomains

7
IPs

4
Countries

221 kB
Transfer

680 kB
Size

20
Cookies

16 HTTP transactions
0 data transactions