urlscan.io logo urlscan.io
SecurityTrails logo

app.goodays.co Open in urlscan Pro
2620:1ec:46::44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://n.critizr.com/z/DwTdHl/
Effective URL: https://app.goodays.co/pro/login/?next=/pro/messages/active/34578149
Submission: On September 09 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 2620:1ec:46::44, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is app.goodays.co. The Cisco Umbrella rank of the primary domain is 462621.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on August 23rd 2023. Valid for: 6 months.
This is the only time app.goodays.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2 2620:1ec:46::44 8075 (MICROSOFT...)
6 13.107.246.45 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 99.86.8.175 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
18 6
1    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
n.critizr.com
2    2620:1ec:46::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
app.goodays.co
6    13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
critizr.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
7 critizr.com
n.critizr.com — Cisco Umbrella Rank: 947170
critizr.com — Cisco Umbrella Rank: 160346
129 KB
6 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1804
44 KB
3 gstatic.com
fonts.gstatic.com
51 KB
2 goodays.co
app.goodays.co — Cisco Umbrella Rank: 462621
4 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
923 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
21 KB
18 6
Domain Requested by
6 cdn.segment.com app.goodays.co
cdn.segment.com
6 critizr.com app.goodays.co
critizr.com
3 fonts.gstatic.com fonts.googleapis.com
2 app.goodays.co 1 redirects
1 fonts.googleapis.com critizr.com
1 www.google-analytics.com app.goodays.co
1 n.critizr.com 1 redirects
18 7

This site contains no links.

Subject Issuer Validity Valid
app.goodays.co
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-08-23 -
2024-02-23		 6 months crt.sh
critizr.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-05-10 -
2023-11-10		 6 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-01-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.goodays.co/pro/login/?next=/pro/messages/active/34578149
Frame ID: 8117558E9107330D1211F7DFBAEF96F9
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Goodays Backoffice

Page URL History Show full URLs

  1. https://n.critizr.com/z/DwTdHl/ HTTP 302
    https://app.goodays.co/pro/messages/active/34578149 HTTP 302
    https://app.goodays.co/pro/login/?next=/pro/messages/active/34578149 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

18
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

249 kB
Transfer

722 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://n.critizr.com/z/DwTdHl/ HTTP 302
    https://app.goodays.co/pro/messages/active/34578149 HTTP 302
    https://app.goodays.co/pro/login/?next=/pro/messages/active/34578149 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.goodays.co/pro/login/
Redirect Chain
  • https://n.critizr.com/z/DwTdHl/
  • https://app.goodays.co/pro/messages/active/34578149
  • https://app.goodays.co/pro/login/?next=/pro/messages/active/34578149
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.goodays.co/pro/login/?next=/pro/messages/active/34578149
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e61d77c041d79a2ef3938d8d48ca3f8ebf41bb279670c4baf6fc3f725a95625e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-language
nl
content-length
3070
content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 15:08:22 GMT
vary
Accept-Encoding, Origin, Accept-Language, Cookie
x-azure-ref
0Zor8ZAAAAADor7AHLabiSoPotID9VAvbQU1TMDRFREdFMTgxMgA5MWI1Y2M4Ny1kZTBlLTQzYzAtYWY0ZC04NzI5ZDBjMGRmOTA=
x-cache
CONFIG_NOCACHE
x-robots-tag
noindex, nofollow

Redirect headers

content-language
nl
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 15:08:22 GMT
location
/pro/login/?next=/pro/messages/active/34578149
vary
Origin, Accept-Language, Cookie
x-azure-ref
0Zor8ZAAAAABEPWzcg4TqQbFRGcBG4BKnQU1TMDRFREdFMTgxMgA5MWI1Y2M4Ny1kZTBlLTQzYzAtYWY0ZC04NzI5ZDBjMGRmOTA=
x-cache
CONFIG_NOCACHE
x-robots-tag
noindex, nofollow
landing.e31cd6bc80879645c4a1.min.css
critizr.com/media/backoffice/styles/ 		95 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://critizr.com/media/backoffice/styles/landing.e31cd6bc80879645c4a1.min.css
Requested by
Host: app.goodays.co
URL: https://app.goodays.co/pro/login/?next=/pro/messages/active/34578149
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
25c554a2f2541c956dd81efc9bfb0e3a2542ca77586e878065bb72e06c1fc692

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 09 Sep 2023 15:08:22 GMT
content-encoding
br
last-modified
Thu, 07 Sep 2023 12:28:01 GMT
content-md5
sQU7yqT5T6dx98VWEzW4WA==
etag
0x8DBAF9DE0B71F49
vary
Origin
x-cache
TCP_HIT
content-type
text/css
x-azure-ref
0Zor8ZAAAAACYB0rqE1l6TLuvfstYyzaoQU1TMDRFREdFMTgxOQA5MWI1Y2M4Ny1kZTBlLTQzYzAtYWY0ZC04NzI5ZDBjMGRmOTA=
x-ms-request-id
df2be0fa-501e-00b4-16b8-e21b12000000
cache-control
public, max-age=172800
x-ms-version
2009-09-19
goodays.svg
critizr.com/media/backoffice/images/landing/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://critizr.com/media/backoffice/images/landing/goodays.svg
Requested by
Host: app.goodays.co
URL: https://app.goodays.co/pro/login/?next=/pro/messages/active/34578149
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3a622d42cfd11a66dc546e1ae7badebf967b7a0157f473b7770407fcca1c5173

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 09 Sep 2023 15:08:22 GMT
last-modified
Thu, 07 Sep 2023 12:28:01 GMT
content-md5
cIAFK9BzSTvY790Wv8vzCA==
etag
0x8DBAF9DE0D37CCC
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
image/svg+xml
x-azure-ref
0Zor8ZAAAAACwapTN4CqYQo9ozGMC6bBNQU1TMDRFREdFMTgxOQA5MWI1Y2M4Ny1kZTBlLTQzYzAtYWY0ZC04NzI5ZDBjMGRmOTA=
x-ms-request-id
716520f5-c01e-00b5-172f-e33010000000
x-ms-version
2009-09-19
content-length
2589
critizr.svg
critizr.com/media/backoffice/images/landing/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://critizr.com/media/backoffice/images/landing/critizr.svg
Requested by
Host: app.goodays.co
URL: https://app.goodays.co/pro/login/?next=/pro/messages/active/34578149
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
94deeef1bfdc0714fc425a26957e7e544bce366f0c150822249ae4247197cab7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 09 Sep 2023 15:08:22 GMT
last-modified
Thu, 07 Sep 2023 12:28:04 GMT
content-md5
jHsMYUkh4HAEU1vCOuEKRg==
etag
0x8DBAF9DE269C024
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
image/svg+xml
x-azure-ref
0Zor8ZAAAAADQKhlrUICSTrUGf+xm1PuCQU1TMDRFREdFMTgxOQA5MWI1Y2M4Ny1kZTBlLTQzYzAtYWY0ZC04NzI5ZDBjMGRmOTA=
x-ms-request-id
71652123-c01e-00b5-402f-e33010000000
x-ms-version
2009-09-19
content-length
1399
landing.bundle.5e81684ac2d02309cdb3.min.js
critizr.com/media/backoffice/scripts/ 		357 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://critizr.com/media/backoffice/scripts/landing.bundle.5e81684ac2d02309cdb3.min.js
Requested by
Host: app.goodays.co
URL: https://app.goodays.co/pro/login/?next=/pro/messages/active/34578149
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fc5b262df35c1dddfcaa13fb8ab69bb0cb6baa97e2203701eb58556b9ae84bdd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 09 Sep 2023 15:08:22 GMT
content-encoding
br
last-modified
Thu, 07 Sep 2023 12:28:01 GMT
content-md5
aCFyV94acb1jPEsGkIlTOA==
etag
0x8DBAF9DE0836CA3
vary
Origin
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0Zor8ZAAAAAAR4AyeOI8UQ4sMtshxDgHeQU1TMDRFREdFMTgxOQA5MWI1Y2M4Ny1kZTBlLTQzYzAtYWY0ZC04NzI5ZDBjMGRmOTA=
x-ms-request-id
8ebf285d-501e-00a4-081a-e2ab30000000
cache-control
public, max-age=172800
x-ms-version
2009-09-19
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: app.goodays.co
URL: https://app.goodays.co/pro/login/?next=/pro/messages/active/34578149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Sep 2023 13:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4719
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 09 Sep 2023 15:49:43 GMT
css
fonts.googleapis.com/ 		4 KB
923 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,700i,900
Requested by
Host: critizr.com
URL: https://critizr.com/media/backoffice/styles/landing.e31cd6bc80879645c4a1.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
799e4a434a687433ba4259e467852d1d586a11f6956c3cdf189fcce0d032e96f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://critizr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Sep 2023 15:08:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 15:08:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Sep 2023 15:08:22 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/ 		105 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/analytics.min.js
Requested by
Host: app.goodays.co
URL: https://app.goodays.co/pro/login/?next=/pro/messages/active/34578149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64e46caf300945b2e71827963c2d1d2a1c1ba43259f9c98345b2f3dcb594bc51

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
phnpG0KnzZ2fw.vMh6YV.jIk2diLwESG
content-encoding
br
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
date
Sat, 09 Sep 2023 15:06:36 GMT
x-amz-cf-pop
FRA6-C1
age
116
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 07 Sep 2023 21:32:52 GMT
server
AmazonS3
etag
W/"b1915c4e5b1fb811bf105beecd7fe40f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
lAoNDa58el89Q442jFIH7s7cwe1JuDzgFS5ahjy1kWLugSDscJoYvg==
noise.png
critizr.com/media/backoffice/images/landing/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://critizr.com/media/backoffice/images/landing/noise.png
Requested by
Host: critizr.com
URL: https://critizr.com/media/backoffice/styles/landing.e31cd6bc80879645c4a1.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b0ed8f52140c9f6496f12e548c98c22b6d970600c8812b3533c791564505bd9c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://critizr.com/media/backoffice/styles/landing.e31cd6bc80879645c4a1.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 09 Sep 2023 15:08:22 GMT
last-modified
Thu, 07 Sep 2023 12:28:02 GMT
content-md5
PtDMcQD/+zQ8Op6xd6qRiA==
etag
0x8DBAF9DE141BEF4
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
image/png
x-azure-ref
0Z4r8ZAAAAABQ0Jcds6QTTJZNf8zzVz7kQU1TMDRFREdFMTgxOQA5MWI1Y2M4Ny1kZTBlLTQzYzAtYWY0ZC04NzI5ZDBjMGRmOTA=
x-ms-request-id
7165217f-c01e-00b5-152f-e33010000000
x-ms-version
2009-09-19
content-length
5346
color-chevron-up-down-white.svg
critizr.com/media/backoffice/images/ 		224 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://critizr.com/media/backoffice/images/color-chevron-up-down-white.svg
Requested by
Host: critizr.com
URL: https://critizr.com/media/backoffice/styles/landing.e31cd6bc80879645c4a1.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
49af3954f047002449f5ff3842785906f91d1e457cfcc629c8fd22de19e0b474

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://critizr.com/media/backoffice/styles/landing.e31cd6bc80879645c4a1.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 09 Sep 2023 15:08:22 GMT
last-modified
Thu, 07 Sep 2023 12:27:59 GMT
content-md5
wlOh38TqL3FZAi8sys7Agg==
etag
0x8DBAF9DDF5C0796
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
image/svg+xml
x-azure-ref
0Z4r8ZAAAAADMlUXGWyIoRZcWOEZfgUl7QU1TMDRFREdFMTgxOQA5MWI1Y2M4Ny1kZTBlLTQzYzAtYWY0ZC04NzI5ZDBjMGRmOTA=
x-ms-request-id
0b8ebebc-a01e-009f-672f-e3af36000000
x-ms-version
2009-09-19
content-length
224
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,700i,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.goodays.co
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 21:39:44 GMT
x-content-type-options
nosniff
age
149319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Sep 2024 21:39:44 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,700i,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.goodays.co
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 03:38:46 GMT
x-content-type-options
nosniff
age
214177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Sep 2024 03:38:46 GMT
S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v24/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,700i,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.goodays.co
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 19:30:40 GMT
x-content-type-options
nosniff
age
70663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5472
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 19:30:40 GMT
settings
cdn.segment.com/v1/projects/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92dedbd252ce117d065ca05541538eadbea04df69ed759f4cc13f2f2fdbfa1b0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
iLdjrRy6lFh0qOa6av0aRb1mwolClW1c
content-encoding
br
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
date
Sat, 09 Sep 2023 14:24:35 GMT
x-amz-cf-pop
FRA6-C1
age
2701
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 31 Jul 2023 12:36:58 GMT
server
AmazonS3
etag
W/"fb01bbc597be94e2922e5200d752c45b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
BG_4V8cU6dJQPWFcgWezQo0G4pZ4KxohQtt5daUqR-ePPt-EN9LF3w==
ajs-destination.bundle.0f003b5e4b03680982b4.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 01:33:37 GMT
x-amz-version-id
_H9yZPSmslU0Ha7Pi0hl0RDILCgEno6Z
content-encoding
br
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
5232887
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 11 Jul 2023 00:08:20 GMT
server
AmazonS3
etag
W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
F9dZ2Hm-QLMDCpxTVxXL91T1oW4wbfgwt5kNJEbwlR0IIoXgLbaGdg==
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 00:10:37 GMT
x-amz-version-id
MniMHHUYFjJc54scO3EWeBryCREtRHVz
content-encoding
br
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
13532267
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 06 Apr 2023 00:06:35 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
w-U0o9g4mzj0LG5x0PYYDXTJqDD8cSIHx58j0LgbEoFnZdbUu-RLuw==
28329fafaddd9058cb0e.js
cdn.segment.com/next-integrations/actions/amplitude-plugins/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/amplitude-plugins/28329fafaddd9058cb0e.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e29f49ec8f5aa2f7a702b88dc920d0561f53ef5b343a1ee3caaeb4e7c2a40d02

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
MrNm9zLclM4TM_JkRftJkwux61YDB7lg
content-encoding
br
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
date
Sat, 09 Sep 2023 08:09:48 GMT
x-amz-cf-pop
FRA6-C1
age
25116
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 04 Aug 2023 00:15:00 GMT
server
AmazonS3
etag
W/"d6a0181369a7321345db503f9bdca8f8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
suLyNE1hr_Aluic7M6ShXrSoTR0aLmsNUypKRWhunlsQ9P140nRFYQ==
6e09382dbc5c9f46c410.js
cdn.segment.com/next-integrations/actions/actions-plugin/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/actions-plugin/6e09382dbc5c9f46c410.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/28329fafaddd9058cb0e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
823552efe5f12f761cbb67f2efbbc1e143616bcc5d08f0ce966af8dda4c910b1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
TkOqs7nBAnNJDjfZBakurZ3snNs5HrzG
content-encoding
br
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
date
Fri, 08 Sep 2023 20:04:51 GMT
x-amz-cf-pop
FRA6-C1
age
68613
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 28 Aug 2023 16:43:32 GMT
server
AmazonS3
etag
W/"3d442a8d72c9295195a8adfcbf5edecd"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
DGyYWwsz58TTQMCvqGQnFGevrAV85zJlBVg6Ki1oLmqHArVfnHnLlg==

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| analytics object| Critizr function| clearImmediate function| setImmediate function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| webpackChunkDestination function| amplitude-pluginsDestination

3 Cookies

Domain/Path Name / Value
app.goodays.co/ Name: csrftoken
Value: jkMrFcBpLzeqIWs3v9y7T2Ak2mflQZuzpFtRaBnreDD8RfTH0IvLD2ZcdGhfWwch
.goodays.co/ Name: _ga
Value: GA1.2.2024833026.1694272103
.goodays.co/ Name: _gid
Value: GA1.2.1172547.1694272103

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.goodays.co
cdn.segment.com
critizr.com
fonts.googleapis.com
fonts.gstatic.com
n.critizr.com
www.google-analytics.com
13.107.246.45
2620:1ec:46::44
2620:1ec:bdf::45
2a00:1450:4001:806::200a
2a00:1450:4001:813::2003
2a00:1450:4001:830::200e
99.86.8.175
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
25c554a2f2541c956dd81efc9bfb0e3a2542ca77586e878065bb72e06c1fc692
3a622d42cfd11a66dc546e1ae7badebf967b7a0157f473b7770407fcca1c5173
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
49af3954f047002449f5ff3842785906f91d1e457cfcc629c8fd22de19e0b474
64e46caf300945b2e71827963c2d1d2a1c1ba43259f9c98345b2f3dcb594bc51
799e4a434a687433ba4259e467852d1d586a11f6956c3cdf189fcce0d032e96f
823552efe5f12f761cbb67f2efbbc1e143616bcc5d08f0ce966af8dda4c910b1
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92dedbd252ce117d065ca05541538eadbea04df69ed759f4cc13f2f2fdbfa1b0
94deeef1bfdc0714fc425a26957e7e544bce366f0c150822249ae4247197cab7
b0ed8f52140c9f6496f12e548c98c22b6d970600c8812b3533c791564505bd9c
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e29f49ec8f5aa2f7a702b88dc920d0561f53ef5b343a1ee3caaeb4e7c2a40d02
e61d77c041d79a2ef3938d8d48ca3f8ebf41bb279670c4baf6fc3f725a95625e
fc5b262df35c1dddfcaa13fb8ab69bb0cb6baa97e2203701eb58556b9ae84bdd