urlscan.io logo urlscan.io
SecurityTrails logo

app.goodays.co Open in urlscan Pro
2620:1ec:bdf::45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.goodays.co/ls/click?upn=1JaIxa0CjaL5Nwd7XRDVn8qQ9a-2FWlZd3gsaVnV3Be6e4mc7Ox02Rn3rZpe9tttRERhv0wVSuCMPHvyQyu...
Effective URL: https://app.goodays.co/pro/login/?next=/pro/settings/notifications
Submission: On September 14 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 2620:1ec:bdf::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is app.goodays.co. The Cisco Umbrella rank of the primary domain is 498838.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on August 23rd 2023. Valid for: 6 months.
This is the only time app.goodays.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 2620:1ec:bdf::45 8075 (MICROSOFT...)
6 13.107.213.45 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 99.86.8.175 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
18 6
3    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
links.goodays.co
app.goodays.co
6    13.107.213.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
critizr.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
6 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1907
44 KB
6 critizr.com
critizr.com — Cisco Umbrella Rank: 184100
171 KB
3 gstatic.com
fonts.gstatic.com
51 KB
3 goodays.co
links.goodays.co
app.goodays.co — Cisco Umbrella Rank: 498838
4 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
923 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 44
21 KB
18 6
Domain Requested by
6 cdn.segment.com app.goodays.co
cdn.segment.com
6 critizr.com app.goodays.co
critizr.com
3 fonts.gstatic.com fonts.googleapis.com
2 app.goodays.co 1 redirects
1 fonts.googleapis.com critizr.com
1 www.google-analytics.com app.goodays.co
1 links.goodays.co 1 redirects
18 7

This site contains no links.

Subject Issuer Validity Valid
app.goodays.co
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-08-23 -
2024-02-23		 6 months crt.sh
critizr.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-05-10 -
2023-11-10		 6 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-01-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.goodays.co/pro/login/?next=/pro/settings/notifications
Frame ID: 4AEB198B7ABAE571CE1DEB64428ACCB7
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Goodays Backoffice

Page URL History Show full URLs

  1. https://links.goodays.co/ls/click?upn=1JaIxa0CjaL5Nwd7XRDVn8qQ9a-2FWlZd3gsaVnV3Be6e4mc7Ox02Rn3rZpe9tt... HTTP 302
    https://app.goodays.co/pro/settings/notifications HTTP 302
    https://app.goodays.co/pro/login/?next=/pro/settings/notifications Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

18
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

292 kB
Transfer

722 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.goodays.co/ls/click?upn=1JaIxa0CjaL5Nwd7XRDVn8qQ9a-2FWlZd3gsaVnV3Be6e4mc7Ox02Rn3rZpe9tttRERhv0wVSuCMPHvyQyuuyQOw-3D-3DMRUm_M9xAgReA32vxALXgidOl8ElEl-2FzdgxwVoyfnmxeI7IIrpgOsdIlNDiLCxS7lwEqFNKQlwVRq0L1cTn1DZ0GIVKyo4q9XEdZ8Hp-2FhGi-2FiIN9s4X2X-2F14fRfNy8QMH-2FKdGnH06d6OAMTudspOu9nkgvDGRfa5HHuoEbP8LKH9rgU4dbQV-2F5oVzf-2BN-2FGjjGEOfFm0VbxU6ZRS4LpKQZdC-2FwhfxiMfiJ5nC3-2F5rzdP7r6Cy3JtvUTBF5-2Bh-2FGn6gRHWSTTuFWuBgrAf-2FtdCNlPZEJr9yKPc5LQUg1MaBib80O-2BaA-3D HTTP 302
    https://app.goodays.co/pro/settings/notifications HTTP 302
    https://app.goodays.co/pro/login/?next=/pro/settings/notifications Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.goodays.co/pro/login/
Redirect Chain
  • https://links.goodays.co/ls/click?upn=1JaIxa0CjaL5Nwd7XRDVn8qQ9a-2FWlZd3gsaVnV3Be6e4mc7Ox02Rn3rZpe9tttRERhv0wVSuCMPHvyQyuuyQOw-3D-3DMRUm_M9xAgReA32vxALXgidOl8ElEl-2FzdgxwVoyfnmxeI7IIrpgOsdIlNDiLCxS...
  • https://app.goodays.co/pro/settings/notifications
  • https://app.goodays.co/pro/login/?next=/pro/settings/notifications
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.goodays.co/pro/login/?next=/pro/settings/notifications
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
49313cec445621e1bf68346db4587464d6e4c700c8e1047ba14dbe9c8ed60eb9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-language
fr
content-length
3062
content-type
text/html; charset=utf-8
date
Thu, 14 Sep 2023 09:28:37 GMT
vary
Accept-Encoding, Origin, Accept-Language, Cookie
x-azure-ref
20230914T092837Z-zeqv4zrr395r7bvzemydzawxf800000006ag00000000v9aa
x-cache
CONFIG_NOCACHE
x-robots-tag
noindex, nofollow

Redirect headers

content-language
fr
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 14 Sep 2023 09:28:36 GMT
location
/pro/login/?next=/pro/settings/notifications
vary
Origin, Accept-Language, Cookie
x-azure-ref
20230914T092836Z-zeqv4zrr395r7bvzemydzawxf800000006ag00000000v97x
x-cache
CONFIG_NOCACHE
x-robots-tag
noindex, nofollow
landing.e31cd6bc80879645c4a1.min.css
critizr.com/media/backoffice/styles/ 		95 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://critizr.com/media/backoffice/styles/landing.e31cd6bc80879645c4a1.min.css
Requested by
Host: app.goodays.co
URL: https://app.goodays.co/pro/login/?next=/pro/settings/notifications
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
25c554a2f2541c956dd81efc9bfb0e3a2542ca77586e878065bb72e06c1fc692

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 14 Sep 2023 09:28:37 GMT
content-encoding
br
last-modified
Tue, 12 Sep 2023 13:01:14 GMT
vary
Accept-Encoding, Origin
x-azure-ref
20230914T092837Z-69wauh41hh2zp1kxsebv2b736c00000005ag000000000b0r
content-type
text/css
x-ms-request-id
68445470-a01e-005f-2ae1-e52b72000000
cache-control
public, max-age=172800
x-cache
TCP_HIT
x-ms-version
2009-09-19
goodays.svg
critizr.com/media/backoffice/images/landing/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://critizr.com/media/backoffice/images/landing/goodays.svg
Requested by
Host: app.goodays.co
URL: https://app.goodays.co/pro/login/?next=/pro/settings/notifications
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3a622d42cfd11a66dc546e1ae7badebf967b7a0157f473b7770407fcca1c5173

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 14 Sep 2023 09:28:37 GMT
last-modified
Wed, 13 Sep 2023 15:21:44 GMT
content-md5
cIAFK9BzSTvY790Wv8vzCA==
etag
0x8DBB46D237DED4A
vary
Origin
x-azure-ref
20230914T092837Z-69wauh41hh2zp1kxsebv2b736c00000005ag000000000b0s
content-type
image/svg+xml
x-ms-request-id
cfc0ca73-601e-007f-28ed-e6ba41000000
x-cache
CONFIG_NOCACHE
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
2589
critizr.svg
critizr.com/media/backoffice/images/landing/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://critizr.com/media/backoffice/images/landing/critizr.svg
Requested by
Host: app.goodays.co
URL: https://app.goodays.co/pro/login/?next=/pro/settings/notifications
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
94deeef1bfdc0714fc425a26957e7e544bce366f0c150822249ae4247197cab7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 14 Sep 2023 09:28:37 GMT
last-modified
Wed, 13 Sep 2023 15:21:41 GMT
content-md5
jHsMYUkh4HAEU1vCOuEKRg==
etag
0x8DBB46D2213C1D0
vary
Origin
x-azure-ref
20230914T092837Z-69wauh41hh2zp1kxsebv2b736c00000005ag000000000b1e
content-type
image/svg+xml
x-ms-request-id
cfc0cad3-601e-007f-7eed-e6ba41000000
x-cache
CONFIG_NOCACHE
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
1399
landing.bundle.5e81684ac2d02309cdb3.min.js
critizr.com/media/backoffice/scripts/ 		357 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://critizr.com/media/backoffice/scripts/landing.bundle.5e81684ac2d02309cdb3.min.js
Requested by
Host: app.goodays.co
URL: https://app.goodays.co/pro/login/?next=/pro/settings/notifications
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fc5b262df35c1dddfcaa13fb8ab69bb0cb6baa97e2203701eb58556b9ae84bdd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 14 Sep 2023 09:28:37 GMT
content-encoding
br
last-modified
Mon, 11 Sep 2023 17:02:53 GMT
vary
Accept-Encoding, Origin
x-azure-ref
20230914T092837Z-69wauh41hh2zp1kxsebv2b736c00000005ag000000000b10
content-type
application/javascript
x-ms-request-id
c935d71e-801e-005d-5b72-e57d76000000
cache-control
public, max-age=172800
x-cache
TCP_HIT
x-ms-version
2009-09-19
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: app.goodays.co
URL: https://app.goodays.co/pro/login/?next=/pro/settings/notifications
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 14 Sep 2023 07:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5934
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 14 Sep 2023 09:49:43 GMT
css
fonts.googleapis.com/ 		4 KB
923 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,700i,900
Requested by
Host: critizr.com
URL: https://critizr.com/media/backoffice/styles/landing.e31cd6bc80879645c4a1.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
799e4a434a687433ba4259e467852d1d586a11f6956c3cdf189fcce0d032e96f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://critizr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 09:28:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 09:28:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Sep 2023 09:28:37 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/ 		105 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/analytics.min.js
Requested by
Host: app.goodays.co
URL: https://app.goodays.co/pro/login/?next=/pro/settings/notifications
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64e46caf300945b2e71827963c2d1d2a1c1ba43259f9c98345b2f3dcb594bc51

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
phnpG0KnzZ2fw.vMh6YV.jIk2diLwESG
content-encoding
br
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
date
Thu, 14 Sep 2023 09:27:13 GMT
x-amz-cf-pop
FRA6-C1
age
85
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 07 Sep 2023 21:32:52 GMT
server
AmazonS3
etag
W/"b1915c4e5b1fb811bf105beecd7fe40f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
iCNiGhsPMgFuwnjKfjGE1fUdUmVE_Qd2Xfzi0BZjBMObTsx0JI6neg==
noise.png
critizr.com/media/backoffice/images/landing/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://critizr.com/media/backoffice/images/landing/noise.png
Requested by
Host: critizr.com
URL: https://critizr.com/media/backoffice/styles/landing.e31cd6bc80879645c4a1.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b0ed8f52140c9f6496f12e548c98c22b6d970600c8812b3533c791564505bd9c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://critizr.com/media/backoffice/styles/landing.e31cd6bc80879645c4a1.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 14 Sep 2023 09:28:37 GMT
last-modified
Wed, 13 Sep 2023 15:21:42 GMT
content-md5
PtDMcQD/+zQ8Op6xd6qRiA==
etag
0x8DBB46D224E9E7B
vary
Origin
x-azure-ref
20230914T092837Z-69wauh41hh2zp1kxsebv2b736c00000005ag000000000b1w
content-type
image/png
x-ms-request-id
cfc0cb37-601e-007f-5aed-e6ba41000000
x-cache
CONFIG_NOCACHE
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
5346
color-chevron-up-down-white.svg
critizr.com/media/backoffice/images/ 		224 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://critizr.com/media/backoffice/images/color-chevron-up-down-white.svg
Requested by
Host: critizr.com
URL: https://critizr.com/media/backoffice/styles/landing.e31cd6bc80879645c4a1.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
49af3954f047002449f5ff3842785906f91d1e457cfcc629c8fd22de19e0b474

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://critizr.com/media/backoffice/styles/landing.e31cd6bc80879645c4a1.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 14 Sep 2023 09:28:37 GMT
last-modified
Wed, 13 Sep 2023 15:21:45 GMT
content-md5
wlOh38TqL3FZAi8sys7Agg==
etag
0x8DBB46D23F1D23F
vary
Origin
x-azure-ref
20230914T092837Z-69wauh41hh2zp1kxsebv2b736c00000005ag000000000b1x
content-type
image/svg+xml
x-ms-request-id
b9303278-801e-0025-47ed-e6d767000000
x-cache
CONFIG_NOCACHE
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
224
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,700i,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.goodays.co
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 21:39:44 GMT
x-content-type-options
nosniff
age
560933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Sep 2024 21:39:44 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,700i,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.goodays.co
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 03:38:46 GMT
x-content-type-options
nosniff
age
20991
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 03:38:46 GMT
S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v24/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,700i,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.goodays.co
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 19:30:40 GMT
x-content-type-options
nosniff
age
482277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5472
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 19:30:40 GMT
settings
cdn.segment.com/v1/projects/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92dedbd252ce117d065ca05541538eadbea04df69ed759f4cc13f2f2fdbfa1b0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
iLdjrRy6lFh0qOa6av0aRb1mwolClW1c
content-encoding
br
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
date
Thu, 14 Sep 2023 08:56:37 GMT
x-amz-cf-pop
FRA6-C1
age
1921
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 31 Jul 2023 12:36:58 GMT
server
AmazonS3
etag
W/"fb01bbc597be94e2922e5200d752c45b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
XCAR1DD5saVTDEGdkn4tcpHoY_DDAenl1phETpvVDBSRbfaRDMCi3g==
ajs-destination.bundle.0f003b5e4b03680982b4.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 01:33:37 GMT
x-amz-version-id
_H9yZPSmslU0Ha7Pi0hl0RDILCgEno6Z
content-encoding
br
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
5644501
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 11 Jul 2023 00:08:20 GMT
server
AmazonS3
etag
W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
FEr44Usyndrk97hSibaCp-RzBJdHtaBIM0xgi6qiGeRbtRDN_fOSzQ==
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 00:10:37 GMT
x-amz-version-id
MniMHHUYFjJc54scO3EWeBryCREtRHVz
content-encoding
br
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
13943881
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 06 Apr 2023 00:06:35 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
cdO-qq9D0eKfhFIaDGopBhayTM82fMgjpYa5YQ4MOU2-3fJqpoORPw==
28329fafaddd9058cb0e.js
cdn.segment.com/next-integrations/actions/amplitude-plugins/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/amplitude-plugins/28329fafaddd9058cb0e.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/EzYjy9WRoCkaUBMBKazGBPfDVjUGTgIR/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e29f49ec8f5aa2f7a702b88dc920d0561f53ef5b343a1ee3caaeb4e7c2a40d02

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
bsk63QHqTyifMTIPq3Nph.ELcAhMryBK
content-encoding
gzip
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
date
Thu, 14 Sep 2023 05:10:33 GMT
x-amz-cf-pop
FRA6-C1
age
15485
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 30 Aug 2023 06:24:33 GMT
server
AmazonS3
etag
W/"d6a0181369a7321345db503f9bdca8f8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
HEhfgT9f3W_yVZVfhC39udd-GCh-pJdo2FDdiSJJP--8OuKu4iAWGg==
6e09382dbc5c9f46c410.js
cdn.segment.com/next-integrations/actions/actions-plugin/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/actions-plugin/6e09382dbc5c9f46c410.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/28329fafaddd9058cb0e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
823552efe5f12f761cbb67f2efbbc1e143616bcc5d08f0ce966af8dda4c910b1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.goodays.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 03:46:15 GMT
x-amz-version-id
x4Fo.dw1uybpXWOLetzjSnCeltTTm6FD
content-encoding
br
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
20543
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 13 Sep 2023 12:45:49 GMT
server
AmazonS3
etag
W/"3d442a8d72c9295195a8adfcbf5edecd"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
xlHr5KEdERio_4iS52fI5MdfreQho7qzbteCn68nvPa1y2-07hvabA==

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| analytics object| Critizr function| clearImmediate function| setImmediate function| ga object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackChunkDestination function| amplitude-pluginsDestination

3 Cookies

Domain/Path Name / Value
app.goodays.co/ Name: csrftoken
Value: rNNyIBzq0yuDPUMc6aFRVF6EPnu0zLKV8nroDmiQioPaTE2m9jeuRb5ijM2b9V0q
.goodays.co/ Name: _ga
Value: GA1.2.292263149.1694683718
.goodays.co/ Name: _gid
Value: GA1.2.1069542391.1694683718

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.goodays.co
cdn.segment.com
critizr.com
fonts.googleapis.com
fonts.gstatic.com
links.goodays.co
www.google-analytics.com
13.107.213.45
2620:1ec:bdf::45
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:830::200e
99.86.8.175
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
25c554a2f2541c956dd81efc9bfb0e3a2542ca77586e878065bb72e06c1fc692
3a622d42cfd11a66dc546e1ae7badebf967b7a0157f473b7770407fcca1c5173
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
49313cec445621e1bf68346db4587464d6e4c700c8e1047ba14dbe9c8ed60eb9
49af3954f047002449f5ff3842785906f91d1e457cfcc629c8fd22de19e0b474
64e46caf300945b2e71827963c2d1d2a1c1ba43259f9c98345b2f3dcb594bc51
799e4a434a687433ba4259e467852d1d586a11f6956c3cdf189fcce0d032e96f
823552efe5f12f761cbb67f2efbbc1e143616bcc5d08f0ce966af8dda4c910b1
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92dedbd252ce117d065ca05541538eadbea04df69ed759f4cc13f2f2fdbfa1b0
94deeef1bfdc0714fc425a26957e7e544bce366f0c150822249ae4247197cab7
b0ed8f52140c9f6496f12e548c98c22b6d970600c8812b3533c791564505bd9c
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e29f49ec8f5aa2f7a702b88dc920d0561f53ef5b343a1ee3caaeb4e7c2a40d02
fc5b262df35c1dddfcaa13fb8ab69bb0cb6baa97e2203701eb58556b9ae84bdd