| rosvom-trk.ko1s.in/ga/click/2-84177650-6946-18099-35474-37382-7ae86445d8-276478a238/ | 104.21.17.146 | 301 Moved Permanently | 0 B |
URL HTTP/1.1rosvom-trk.ko1s.in/ga/click/2-84177650-6946-18099-35474-37382-7ae86445d8-276478a238/ IP104.21.17.146:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /ga/click/2-84177650-6946-18099-35474-37382-7ae86445d8-276478a238/ HTTP/1.1
Host: rosvom-trk.ko1s.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 19 Jan 2023 22:26:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 19 Jan 2023 23:26:55 GMT
Location: https://rosvom-trk.ko1s.in/ga/click/2-84177650-6946-18099-35474-37382-7ae86445d8-276478a238/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypf%2BQNkRImfqkJdsZnQPAFUp6S0qcrkdygtGjRwVoMS348JuX6bl7SExFxEMG6oqt2CWuoOjJfNmpB2wZ8EJ8pyfgaJfWtt0194BzJhkSy9YKmm25VFT5x1126RmdCKt75t7gNk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78c2feaa0ed5b518-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashb36ef73c20dffb6bc10194bbd2d0dcfa a67a4023dc8b4944debaeb92f3ba0f1402c079a6 05a7a4d832cf9e593ca44efea309edcbd80734583bada15fda3e740612eff991
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05A7A4D832CF9E593CA44EFEA309EDCBD80734583BADA15FDA3E740612EFF991"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10194
Expires: Fri, 20 Jan 2023 01:16:49 GMT
Date: Thu, 19 Jan 2023 22:26:55 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash648bf42163c5d645d8a33cd0a9afebd0 9b9ac85435c4e90647e8379bca54c689058a8929 060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20969
Expires: Fri, 20 Jan 2023 04:16:24 GMT
Date: Thu, 19 Jan 2023 22:26:55 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 19 Jan 2023 21:34:34 GMT
content-type: application/json
age: 3142
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash7afaa97fbfa9baa1485c892eac8e114d 8c17c707c218e28ac14197ce8e5eef873207a732 59db16baacb452453dbf44fc2a24f25ab09c4dbaec3a9271fda84230d8f11925
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59DB16BAACB452453DBF44FC2A24F25AB09C4DBAEC3A9271FDA84230D8F11925"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4867
Expires: Thu, 19 Jan 2023 23:48:03 GMT
Date: Thu, 19 Jan 2023 22:26:56 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HfSch4MDkn3nDouWEolD39g0RceXbgeKf6C42qJlDfzxwI6Q/aaz3ZA2a3+mh+g+3JIH7yrHK4BAU1mTPP2wkQ==
x-amz-request-id: E62CA91QXEFHAX5S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 19 Jan 2023 21:46:04 GMT
age: 2452
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 344 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash11272141e667faccda464c0e16fcee70 1bb6917b3e44ac7cb5e30e2bdc329d0a93cc4bf8 e5bca6b2a9edec35c47b1bb401396a26723ecee5a4cefb88936583f4699401fe
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E5BCA6B2A9EDEC35C47B1BB401396A26723ECEE5A4CEFB88936583F4699401FE"
Last-Modified: Wed, 18 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Fri, 20 Jan 2023 04:26:23 GMT
Date: Thu, 19 Jan 2023 22:26:56 GMT
Connection: keep-alive
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 22:26:56 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 19 Jan 2023 22:17:27 GMT
age: 569
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 344 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash11272141e667faccda464c0e16fcee70 1bb6917b3e44ac7cb5e30e2bdc329d0a93cc4bf8 e5bca6b2a9edec35c47b1bb401396a26723ecee5a4cefb88936583f4699401fe
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E5BCA6B2A9EDEC35C47B1BB401396A26723ECEE5A4CEFB88936583F4699401FE"
Last-Modified: Wed, 18 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Fri, 20 Jan 2023 04:26:23 GMT
Date: Thu, 19 Jan 2023 22:26:56 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashdce4a8be753d4a93db03ffca50421c43 068040a8f69777484e545c0053ad54f273710797 7e6dddef8a4a5502c9715f8c20dcb75e132ecc875f13459a967c9e235e9ce3e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2535
Cache-Control: max-age=127324
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:26:56 GMT
Etag: "63c90825-1d7"
Expires: Sat, 21 Jan 2023 09:49:00 GMT
Last-Modified: Thu, 19 Jan 2023 09:06:45 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/s/gts1p5/h4y8q6CsrNs | 216.58.211.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/h4y8q6CsrNs IP216.58.211.3:0
Hashb8f0a180e5cc5797e2827f72e7056641 1cf9cfc8809f07ac98679d387b1c3b12ec3ff05b 9bea53c0860e38ae0cf0650142baad475b1a07433464e8ead7579592971f6491
POST /s/gts1p5/h4y8q6CsrNs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:26:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| push.services.mozilla.com/ | 35.165.237.81 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.165.237.81:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I80YNggvPaPUFYRuSqJq+w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0k5Rst8FsYjFuE7kau/0SVa5jpQ=
|
|
| ocsp.pki.goog/s/gts1p5/h4y8q6CsrNs | 216.58.211.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/h4y8q6CsrNs IP216.58.211.3:0
Hashb8f0a180e5cc5797e2827f72e7056641 1cf9cfc8809f07ac98679d387b1c3b12ec3ff05b 9bea53c0860e38ae0cf0650142baad475b1a07433464e8ead7579592971f6491
POST /s/gts1p5/h4y8q6CsrNs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:26:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashfc1e5035d8e7061c3b628636c963fae3 674d85be486f4b1998477f0772c9a5820cbe748c f743feb932fe99c5607d353d360a23e0b9d166d51fe05b94002ee76b74214c2e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5440
Cache-Control: max-age=165519
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:26:58 GMT
Etag: "63c99201-117"
Expires: Sat, 21 Jan 2023 20:25:37 GMT
Last-Modified: Thu, 19 Jan 2023 18:54:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hasha435563e4adb6d7d64a8600e6250bf45 a8f5a99620153938ec4cfba0423d6d06c66bb7fe 9e5c713c50dca08152c55041574e3e4003213133a8c78494ff18d1d1808589fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:26:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js | 104.18.18.183 | 200 OK | 696 B |
URL HTTP/2cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js IP104.18.18.183:0
File typeASCII text, with very long lines (1337), with no line terminators Hash3eb4ebbd84300308a46c51d9cd003dd6 6df26f199d57528753a6594e33f48ffb3035b478 86e51e001c8bca636589fc2fc2363bdea0775df09d50cfc2e155e06ee5d8f9c5
GET /sdk/1.1/wonderpush-loader.min.js HTTP/1.1
Host: cdn.by.wonderpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:26:58 GMT
content-type: application/javascript
content-length: 696
last-modified: Tue, 17 Jan 2023 16:23:59 GMT
cache-control: public,max-age=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET
access-control-max-age: 86400
etag: "3eb4ebbd84300308a46c51d9cd003dd6ed6e"
x-cache: Miss from cloudfront
via: 1.1 a52c33748955378f279062b7fc7ef91e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: 3MHOVLcmz7axT6qMCuNKmP6H-wPBX5F3nU3u6I9kDctv9Cfg3rHPxA==
cf-cache-status: HIT
age: 21741
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78c2feba1847b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js | 216.58.207.202 | 200 OK | 31 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP216.58.207.202:0
File typeASCII text, with very long lines (65451) Hash903bc7a7e510f87aa5d0201eb59a0832 ac9aa4dd94cde1bcba9037e94087138b127e41fc 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 00:07:51 GMT
expires: Tue, 16 Jan 2024 00:07:51 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 339547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashfc1e5035d8e7061c3b628636c963fae3 674d85be486f4b1998477f0772c9a5820cbe748c f743feb932fe99c5607d353d360a23e0b9d166d51fe05b94002ee76b74214c2e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5440
Cache-Control: max-age=165519
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:26:58 GMT
Etag: "63c99201-117"
Expires: Sat, 21 Jan 2023 20:25:37 GMT
Last-Modified: Thu, 19 Jan 2023 18:54:57 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hasha435563e4adb6d7d64a8600e6250bf45 a8f5a99620153938ec4cfba0423d6d06c66bb7fe 9e5c713c50dca08152c55041574e3e4003213133a8c78494ff18d1d1808589fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:26:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash7db9f11a1c6ab0117ed3dd1d36e3aecc 61a4de77803ce4ad730c21dd88b5b55a196f26d6 b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9176
Expires: Fri, 20 Jan 2023 00:59:54 GMT
Date: Thu, 19 Jan 2023 22:26:58 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash7db9f11a1c6ab0117ed3dd1d36e3aecc 61a4de77803ce4ad730c21dd88b5b55a196f26d6 b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9176
Expires: Fri, 20 Jan 2023 00:59:54 GMT
Date: Thu, 19 Jan 2023 22:26:58 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash7db9f11a1c6ab0117ed3dd1d36e3aecc 61a4de77803ce4ad730c21dd88b5b55a196f26d6 b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9176
Expires: Fri, 20 Jan 2023 00:59:54 GMT
Date: Thu, 19 Jan 2023 22:26:58 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash7db9f11a1c6ab0117ed3dd1d36e3aecc 61a4de77803ce4ad730c21dd88b5b55a196f26d6 b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9176
Expires: Fri, 20 Jan 2023 00:59:54 GMT
Date: Thu, 19 Jan 2023 22:26:58 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F698f24eb-f312-4a20-b261-be41dd92564c.jpeg | 34.120.237.76 | 200 OK | 6.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F698f24eb-f312-4a20-b261-be41dd92564c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashffb6957f05eb26875b60b795a1a0e818 44c2febdf59c4f08401e7c3edd0837dd4b1a8886 0fdb841fbf2f336f58cc4b63d271c8cdd3fba345de4c774651826ea24e3628b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F698f24eb-f312-4a20-b261-be41dd92564c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6399
x-amzn-requestid: e4b80b20-8aad-47aa-9059-7f7729f901bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7UZ1ExQoAMFXKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79aa5-66622b6c3e8fd210011618c5;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:07:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vft6w7_C0wITMZHJIKtgk1N4jnzneplWHUZhPz_JyHmSI9kcEMK-SA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 07:25:58 GMT
age: 54060
etag: "44c2febdf59c4f08401e7c3edd0837dd4b1a8886"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69ec4951-e455-45b6-b3db-95b5ac8a4e52.webp | 34.120.237.76 | 200 OK | 7.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69ec4951-e455-45b6-b3db-95b5ac8a4e52.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash268917e31bd0a91c3eb034ab2f418fa2 f55a434f6cd25183862105ac4a37fa42808624ea 636932b142ba88141285ab52b8374984adafdc16051d150e9ee7723e7433c70d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69ec4951-e455-45b6-b3db-95b5ac8a4e52.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7864
x-amzn-requestid: b50528d7-6bb6-45c9-bc9c-1ce6a7755b27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmNMEZjoAMF1lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b721-398dbc4a60ff6a0a69f29147;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PSCy7qVBFY-oOC8Lb6A3j9g7ejIe0D4g6vgp83CyBYRdtyk9YQalVw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:04:16 GMT
etag: "f55a434f6cd25183862105ac4a37fa42808624ea"
content-type: image/jpeg
age: 1362
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39a35445-bc58-42fe-a967-b38a36fdd046.jpeg | 34.120.237.76 | 200 OK | 6.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39a35445-bc58-42fe-a967-b38a36fdd046.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha97cab18b1edfc6020ede86813e24b16 61f5d22d3697f56e862fa18b21ba971a8fafc856 adc06b60d43a1074da12325a4fb27365773ea08db9d51b1e0756b2b2a05a6400
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39a35445-bc58-42fe-a967-b38a36fdd046.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6385
x-amzn-requestid: 09416be4-aaa4-4f3b-b92e-3063e89c5bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmxZHpeoAMFlxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b808-3042764028f39b352c239328;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DbkhEhVNfkCoNSLLwlyIPT1-gjFurxzlZlH5SL4TkRtsddLixZ5ZZQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 21:47:10 GMT
age: 2388
etag: "61f5d22d3697f56e862fa18b21ba971a8fafc856"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d12cb7-b021-47eb-a0b0-ff949f96b6de.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d12cb7-b021-47eb-a0b0-ff949f96b6de.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash86ca07c03adbaa31374225110924b188 b1bd67630aea727a624f00b8cfd660d3b0848de1 471e3db64c9a6ec7ae4a76ea1a0835bd90dc55b389e3fe2f90c18c4dd2dbec27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d12cb7-b021-47eb-a0b0-ff949f96b6de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10359
x-amzn-requestid: 4d5dedb2-c1a3-4433-a754-28e16385d9fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmw1EbzoAMFqww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b805-1520bf0a4fa4717e786a666f;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:37:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3h-LbrkCb1JFLLy-KKOJCf3MqVFXjgJDOf_EqMwxEsb6_a5O7j9vrw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:01:54 GMT
etag: "b1bd67630aea727a624f00b8cfd660d3b0848de1"
content-type: image/jpeg
age: 1504
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9369b744-9dfc-4ac2-9ce0-a77f2ec05285.jpeg | 34.120.237.76 | 200 OK | 8.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9369b744-9dfc-4ac2-9ce0-a77f2ec05285.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7cea3a2fd9e8c981ece73b75feccf858 37d407635bcb25d297429c10c3e33d58cc82e178 32063a5a3d74bc88752b89b7cd3387169e71e81d97ec0c2041c53c03c60f62a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9369b744-9dfc-4ac2-9ce0-a77f2ec05285.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8230
x-amzn-requestid: 6ab1dccd-6dc5-485a-af2d-ac53f13c78bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmRvGMJIAMFkdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b73e-586593f974e499e94995c289;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LvLtJnSXSnrBdTUWvpvsX6Vu33POniybQnepJx06DqWLk2KwnC52AQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:01:14 GMT
age: 1544
etag: "37d407635bcb25d297429c10c3e33d58cc82e178"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b68e9e4-1990-4061-af46-b82abe4506ac.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b68e9e4-1990-4061-af46-b82abe4506ac.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash94079233f2d67e98580bfd64b2894ae4 89961b28d9aee3e387e4aaa57275c5dca1dca8f2 8161291ac6d3bd7f025a6d7528130576ddd4fac33c41a7b914a6b5b0ad139c28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b68e9e4-1990-4061-af46-b82abe4506ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9774
x-amzn-requestid: 8a16e99c-052a-4f25-8832-f7e04606e581
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAogLHHvIAMFr-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9bacd-10b727ae4904494371326a16;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:49:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xvgnwnHWo3YW8tYseOKI_Af1GZnLEuwIiapYgscmXKcjYiqkpbN6zQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:04:16 GMT
etag: "89961b28d9aee3e387e4aaa57275c5dca1dca8f2"
content-type: image/jpeg
age: 1362
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash9cdd7528161b1138230783aee6040265 5a3afd803df354dee8b511483f86f233aff7872f be09cd025c284af1fc397cf168733a001b6a7063e842a70550b958c6d4f95edc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE09CD025C284AF1FC397CF168733A001B6A7063E842A70550B958C6D4F95EDC"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13232
Expires: Fri, 20 Jan 2023 02:07:30 GMT
Date: Thu, 19 Jan 2023 22:26:58 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash71782a45435b25b03ca409cbffbda6f5 990930a67d61de2bb6da0b3baf3544a099db9bfe 0b0df0eb2bf2a36103f6fc62052f3ea2b90f85762029ac30f6810e0c7807c28e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B0DF0EB2BF2A36103F6FC62052F3EA2B90F85762029AC30F6810E0C7807C28E"
Last-Modified: Wed, 18 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7980
Expires: Fri, 20 Jan 2023 00:39:58 GMT
Date: Thu, 19 Jan 2023 22:26:58 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash9cdd7528161b1138230783aee6040265 5a3afd803df354dee8b511483f86f233aff7872f be09cd025c284af1fc397cf168733a001b6a7063e842a70550b958c6d4f95edc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE09CD025C284AF1FC397CF168733A001B6A7063E842A70550B958C6D4F95EDC"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10830
Expires: Fri, 20 Jan 2023 01:27:28 GMT
Date: Thu, 19 Jan 2023 22:26:58 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash71782a45435b25b03ca409cbffbda6f5 990930a67d61de2bb6da0b3baf3544a099db9bfe 0b0df0eb2bf2a36103f6fc62052f3ea2b90f85762029ac30f6810e0c7807c28e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B0DF0EB2BF2A36103F6FC62052F3EA2B90F85762029AC30F6810E0C7807C28E"
Last-Modified: Wed, 18 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18280
Expires: Fri, 20 Jan 2023 03:31:38 GMT
Date: Thu, 19 Jan 2023 22:26:58 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash71782a45435b25b03ca409cbffbda6f5 990930a67d61de2bb6da0b3baf3544a099db9bfe 0b0df0eb2bf2a36103f6fc62052f3ea2b90f85762029ac30f6810e0c7807c28e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B0DF0EB2BF2A36103F6FC62052F3EA2B90F85762029AC30F6810E0C7807C28E"
Last-Modified: Wed, 18 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 20 Jan 2023 04:26:58 GMT
Date: Thu, 19 Jan 2023 22:26:58 GMT
Connection: keep-alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/css/translate.css | 97.107.133.178 | 200 OK | 655 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/css/translate.css IP97.107.133.178:0
Hash64836db20736f1e7995b43489b4bf0ac a0db33db05acb39dd01d9f19f5eed634682b0ead d4d21bac4b13cac53c0b921c3aa69d1e010a32ad3ccb7498821aa6e763e71c87
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/css/translate.css HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:26 GMT
ETag: "28f-5deb63a3c5580"
Accept-Ranges: bytes
Content-Length: 655
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/css/style.css | 97.107.133.178 | 200 OK | 21 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/css/style.css IP97.107.133.178:0
Hash5bfd2245d7f170adde20137ba98ce022 7b81e6803067d57102a45007f0de027b4a49307a f6eb66822c1b670b9a92100c2c818fb9748718b148adea7e2b90a0149e7555f2
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/css/style.css HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 13:28:30 GMT
ETag: "52f4-5edfb07fabb80"
Accept-Ranges: bytes
Content-Length: 21236
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/css/translateelement.css | 97.107.133.178 | 200 OK | 19 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/css/translateelement.css IP97.107.133.178:0
File typeASCII text, with very long lines (18670) Hash15ab5dfc566a9a19f6e89a72b7819e43 064aac1e8bc5a26c5986e40659bc328157ec3b53 5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/css/translateelement.css HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:28 GMT
ETag: "4924-5deb63a5ada00"
Accept-Ranges: bytes
Content-Length: 18724
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/js/interactive.js | 97.107.133.178 | 200 OK | 45 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/js/interactive.js IP97.107.133.178:0
File typeUnicode text, UTF-8 text, with CRLF line terminators Hashacf4559f3f91eda60139e1c3d5eefdd9 ae0434de9a8f8fb0f5ccd7e4a1ee46e26587ab62 c67f4eb232627e2138f6f362ef0d27952f867490800b96b785c99d6d1419a5db
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/js/interactive.js HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 13:10:55 GMT
ETag: "ae3d-5edfac918b5c0"
Accept-Ranges: bytes
Content-Length: 44605
Content-Type: application/javascript
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/translate_24dp.png | 97.107.133.178 | 200 OK | 825 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/translate_24dp.png IP97.107.133.178:0
File typePNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Hash55ff382a8b09329e3230a1797eb8f5fd 026ae089006a674da7dcc9bf6b986c5d59e75478 1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/translate_24dp.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:06:10 GMT
ETag: "339-5deb63cdbb880"
Accept-Ranges: bytes
Content-Length: 825
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray3.gif | 97.107.133.178 | 200 OK | 234 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray3.gif IP97.107.133.178:0
File typeGIF image data, version 89a, 16 x 16\012- data Hash9ce99ec458daf212f9812a90f3fadd13 9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1 b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray3.gif HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:51 GMT
ETag: "ea-5deb63bb9cdc0"
Accept-Ranges: bytes
Content-Length: 234
Content-Type: image/gif
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/100icon.webp | 97.107.133.178 | 200 OK | 2.6 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/100icon.webp IP97.107.133.178:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashf498ff3f0c4999b89101beb12b8f4334 e5e5a62ad30841ca6b5ef7c7c497753061828810 39e36ab1506dc09f89dcdf80755deefc17a35b9e71263b32dc2c1828a14a6adb
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/100icon.webp HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 10:02:24 GMT
ETag: "a32-5edf826e88c00"
Accept-Ranges: bytes
Content-Length: 2610
Content-Type: image/webp
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/cart.png | 97.107.133.178 | 200 OK | 1.6 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/cart.png IP97.107.133.178:0
File typePNG image data, 97 x 48, 8-bit/color RGBA, non-interlaced\012- data Hashbe8947305fc8816f346c2e8f8a75c674 5d7f604bbe1ffb73e264a636b1113e5baf772e49 932a5b0d4ea874522bc8d529dcfbb9f37f840443e02d7a33415833a975d20bcc
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/cart.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 07:35:10 GMT
ETag: "62c-5edf6185c6780"
Accept-Ranges: bytes
Content-Length: 1580
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/certifi.png | 97.107.133.178 | 200 OK | 3.9 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/certifi.png IP97.107.133.178:0
File typePNG image data, 228 x 42, 8-bit/color RGBA, non-interlaced\012- data Hash9022c3516aad47159731fd7e843a5897 ae03072621611dca2f191d1744508c48a80a0c69 bc512eadb571d6cd4a7c608703be5499db6cf50f8ad996d66e2128069f253a35
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/certifi.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 10:26:20 GMT
ETag: "f3d-5edf87c802b00"
Accept-Ranges: bytes
Content-Length: 3901
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/win_min.png | 97.107.133.178 | 200 OK | 128 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/win_min.png IP97.107.133.178:0
File typePNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data Hash0bb86caf792dd7d24731c18cd37bb68e dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25 2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/win_min.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:06:13 GMT
ETag: "80-5deb63d097f40"
Accept-Ranges: bytes
Content-Length: 128
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/win_cls.png | 97.107.133.178 | 200 OK | 293 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/win_cls.png IP97.107.133.178:0
File typePNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data Hash9eb68d2ce05c151bda542a7a6356e22c baeeefe4a7ac657c10a5f081841015de1bcf90dd 2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/win_cls.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:06:12 GMT
ETag: "125-5deb63cfa3d00"
Accept-Ranges: bytes
Content-Length: 293
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/beep.mp3 | 97.107.133.178 | 206 Partial Content | 16 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/beep.mp3 IP97.107.133.178:0
File typeAudio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data Hashd6040c63cafad92b0c2933569de365c0 6e0782bf850c89a1211cc1ec2ab10373520c834c e8ef8e78f08ac34193423319b86566a442440ec663d09f26911e9fa10c4c9db7
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/beep.mp3 HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:34 GMT
ETag: "3e3c-5deb63ab66780"
Accept-Ranges: bytes
Content-Length: 15932
Content-Range: bytes 0-15931/15932
Content-Type: audio/mpeg
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_gray1.png | 97.107.133.178 | 200 OK | 364 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_gray1.png IP97.107.133.178:0
File typePNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data Hashe144c3378090087c8ce129a30cb6cb4e 59da5466551de941d0215e45c54aa2ceaf436be1 b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_gray1.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:46 GMT
ETag: "16c-5deb63b6d8280"
Accept-Ranges: bytes
Content-Length: 364
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_gray2.png | 97.107.133.178 | 200 OK | 349 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_gray2.png IP97.107.133.178:0
File typePNG image data, 13 x 13, 8-bit/color RGB, non-interlaced\012- data Hash7454c652e0733d92de6c920c2d646ae0 34a5bd8c7401f95e346895b0e5ccffbf0e9ad638 44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_gray2.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:47 GMT
ETag: "15d-5deb63b7cc4c0"
Accept-Ranges: bytes
Content-Length: 349
Content-Type: image/png
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/pc_green.png | 97.107.133.178 | 200 OK | 13 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/pc_green.png IP97.107.133.178:0
File typePNG image data, 120 x 97, 8-bit/color RGBA, non-interlaced\012- data Hashb3a43c72ed2264b9ad7283b4fcabc9d4 7f0bd4126bc9723cee50911fda908eb8ed85e8bf 3363faaf5f03a983bec735a8e0041c5c3f7b87c7855b80edc6cbfc597a527429
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/pc_green.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 11:17:04 GMT
ETag: "3399-5edf931efec00"
Accept-Ranges: bytes
Content-Length: 13209
Content-Type: image/png
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/bg.png | 97.107.133.178 | 200 OK | 362 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/bg.png IP97.107.133.178:0
File typePNG image data, 1350 x 586, 8-bit/color RGB, non-interlaced\012- data Size362 kB (362207 bytes) Hash1bbd5f2535757d9cd4cca02e0fda13d7 b668ba508f7b6c859b85848f3b372e4ca817737f 1551731f7cafce0a9b4246a6db5fdccdf56704d266e9ccd56676fb6570c4f8ad
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/bg.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 10:35:14 GMT
ETag: "586df-5edf89c545c80"
Accept-Ranges: bytes
Content-Length: 362207
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl1.png | 97.107.133.178 | 200 OK | 6.0 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl1.png IP97.107.133.178:0
File typePNG image data, 80 x 65, 8-bit/color RGBA, non-interlaced\012- data Hash1ba78c9484ac8c36583f8c5963b74f05 20335a5474578f3a9cab8d1052526f3ac88a7ded 6d8e43b02e0ddce97f5439e6a6401a9b709d88172229d0880fad5ddd788c95fc
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl1.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 11:34:32 GMT
ETag: "1753-5edf970672200"
Accept-Ranges: bytes
Content-Length: 5971
Content-Type: image/png
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl2.png | 97.107.133.178 | 200 OK | 9.6 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl2.png IP97.107.133.178:0
File typePNG image data, 65 x 80, 8-bit/color RGBA, non-interlaced\012- data Hash7a71359c816c3ff8536126cf4ff49167 1ba9c5ac0bc69f0dc70f30e4f93ca988c2d73ed0 e1afc64bded5ccc18187539f64460b288cdd181aeca3e07e4a2b85dcf5f7ce86
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl2.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 11:25:27 GMT
ETag: "2590-5edf94feb17c0"
Accept-Ranges: bytes
Content-Length: 9616
Content-Type: image/png
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/bg.webp | 97.107.133.178 | 200 OK | 284 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/bg.webp IP97.107.133.178:0
File typeRIFF (little-endian) data, Web/P image\012- data Size284 kB (284510 bytes) Hash7e841327d779a5baf27449a093589f83 69880cb82514a97db24a68e33b1e6155dae35352 b564a4e17e9bbe274076e43282cc8ae2881b2788cfbc251c02c786d00623e9c2
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/bg.webp HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 10:33:47 GMT
ETag: "4575e-5edf89724d8c0"
Accept-Ranges: bytes
Content-Length: 284510
Content-Type: image/webp
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl3.png | 97.107.133.178 | 200 OK | 9.3 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl3.png IP97.107.133.178:0
File typePNG image data, 78 x 68, 8-bit/color RGBA, non-interlaced\012- data Hashf2d9f17e875b7acf29b8f31aa4575096 d20b7c059c2a5f128c8b84ce9d3e24a7e18ef2e7 1e43d9d36503388bb05a293d8a33ea966fc851f2fdad8dff8ede0d035ede3e87
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_bl3.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 11:21:26 GMT
ETag: "243b-5edf9418db980"
Accept-Ranges: bytes
Content-Length: 9275
Content-Type: image/png
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/mc-i.png | 97.107.133.178 | 200 OK | 3.1 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/mc-i.png IP97.107.133.178:0
File typePNG image data, 78 x 68, 8-bit/color RGBA, non-interlaced\012- data Hash633714b1295770c99485455816c43be2 e26c3b7d793f48444e2f82bc3ea4a29128d96d8e a7cfd2ee032844ad28cc18372b050d644921d60b888ba70fc364e2ad4bdf0425
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/mc-i.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 11:37:22 GMT
ETag: "c35-5edf97a892080"
Accept-Ranges: bytes
Content-Length: 3125
Content-Type: image/png
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray1.gif | 97.107.133.178 | 200 OK | 69 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray1.gif IP97.107.133.178:0
File typeGIF image data, version 89a, 16 x 16\012- data Hash3ae573d079dcd1d2da4086f2c0c72c45 e7c9dabec81379373476ed23168dcecb9b8c56aa 9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray1.gif HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:49 GMT
ETag: "45-5deb63b9b4940"
Accept-Ranges: bytes
Content-Length: 69
Content-Type: image/gif
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray2.gif | 97.107.133.178 | 200 OK | 377 B |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray2.gif IP97.107.133.178:0
File typeGIF image data, version 89a, 16 x 16\012- data Hashc10bdec858cb0cf9e6cc5865d5925746 697c095ed5509e5a5af0c5ebf2380662aeffc531 b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ico_tray2.gif HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Wed, 11 May 2022 06:05:49 GMT
ETag: "179-5deb63b9b4940"
Accept-Ranges: bytes
Content-Length: 377
Content-Type: image/gif
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/cross.png | 97.107.133.178 | 200 OK | 2.3 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/cross.png IP97.107.133.178:0
File typePNG image data, 29 x 29, 8-bit/color RGBA, non-interlaced\012- data Hashcd2742194d7f7f607463ff4be3f65679 a7f618ca9d0e2e6068ca9947bc3fa345bd6fda69 290e51ccfcc19b30c2462630151348b63159d3249e5d1914a889d95b252f92e5
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/cross.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 11:04:42 GMT
ETag: "8ce-5edf905b5e680"
Accept-Ranges: bytes
Content-Length: 2254
Content-Type: image/png
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ring.png | 97.107.133.178 | 200 OK | 2.2 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ring.png IP97.107.133.178:0
File typePNG image data, 30 x 29, 8-bit/color RGBA, non-interlaced\012- data Hash362a46dd22ed5f992e906fa1b2a6ba9c 27bde287218c4ff11ce60ced37182da024f3383c 7ab1abfffc69499079b7cec130ba9a807f59db9a60d9ef16928227f060bec60d
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/ring.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:26:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 11:02:36 GMT
ETag: "8a2-5edf8fe334b00"
Accept-Ranges: bytes
Content-Length: 2210
Content-Type: image/png
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash2710e6694429ed2cf5082b6e48eb6ebe fd6e63ac90e1d86f37e5f46c98c7592a86106217 928ff655e10cf8a01515e4ca9ad5c7128044617acd61fbd46b613b4861aa5379
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:26:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/images/branding/product/2x/translate_24dp.png | 142.250.74.35 | 200 OK | 1.8 kB |
URL HTTP/2www.gstatic.com/images/branding/product/2x/translate_24dp.png IP142.250.74.35:0
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data Hashc69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://roadssign.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 16:07:41 GMT
expires: Tue, 16 Jan 2024 16:07:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 281958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash2710e6694429ed2cf5082b6e48eb6ebe fd6e63ac90e1d86f37e5f46c98c7592a86106217 928ff655e10cf8a01515e4ca9ad5c7128044617acd61fbd46b613b4861aa5379
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 22:26:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/logo.png | 97.107.133.178 | 200 OK | 47 kB |
URL HTTP/1.1roadssign.com/eml/CA-McAfee-newdesign-NOV22-eml-avi/img/logo.png IP97.107.133.178:0
File typePNG image data, 200 x 53, 8-bit/color RGBA, non-interlaced\012- data Hash030039fab2b746ba4604138a69688750 4e6ee383dba86880f61bf90f475003185879337d 03af4bee2c3393ad45418df0152046bcc95acd68064a98296677e032afba4952
Analyzer | Verdict | Alert | urlquery | fraud | Fraud - Fake AntiVirus / Security software |
GET /eml/CA-McAfee-newdesign-NOV22-eml-avi/img/logo.png HTTP/1.1
Host: roadssign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gol.bd4e.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 22:27:00 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 21 Nov 2022 07:33:26 GMT
ETag: "b5f3-5edf612297d80"
Accept-Ranges: bytes
Content-Length: 46579
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| rosvom-trk.ko1s.in/ga/click/2-84177650-6946-18099-35474-37382-7ae86445d8-276478a238/ | 104.21.17.146 | 302 Found | 0 B |
URL HTTP/2rosvom-trk.ko1s.in/ga/click/2-84177650-6946-18099-35474-37382-7ae86445d8-276478a238/ IP104.21.17.146:0
GET /ga/click/2-84177650-6946-18099-35474-37382-7ae86445d8-276478a238/ HTTP/1.1
Host: rosvom-trk.ko1s.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 19 Jan 2023 22:26:56 GMT
content-type: text/html; charset=utf-8
location: https://gol.bd4e.in/hiTS_Aj?pU9_Nb=Z3xyj2xhpZVoaoKnlWh1emBxqMGwjGtrfZiTZX1zkWZjaKZgY35wkWthh4Y/cindy.clark%40rbc.com&s3=&s4=
status: 302 Found
x-rack-cache: miss
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-request-id: 545edfaee6fed0b89423982a50798daa
x-ua-compatible: IE=Edge,chrome=1
x-runtime: 0.049413
expires: Mon, 01 Jan 1990 00:00:00 GMT
x-powered-by: Phusion Passenger 6.0.4
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Klwelc%2FJjujEQop7PmuVR5GDKsyGNh9lacxn8MYpaeCmPvf2qlxl6y%2Bb7vvICb2UM9NMml2IMQe7k5ysmVmsNSfajY%2BxKlvx68L0RIn%2BtgBhv31qprUY4kSGLQWvjzOfxddyZo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2fead0b270b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gol.bd4e.in/hiTS_Aj?pU9_Nb=Z3xyj2xhpZVoaoKnlWh1emBxqMGwjGtrfZiTZX1zkWZjaKZgY35wkWthh4Y/cindy.clark%40rbc.com&s3=&s4= | 188.114.96.1 | 200 OK | 0 B |
URL HTTP/2gol.bd4e.in/hiTS_Aj?pU9_Nb=Z3xyj2xhpZVoaoKnlWh1emBxqMGwjGtrfZiTZX1zkWZjaKZgY35wkWthh4Y/cindy.clark%40rbc.com&s3=&s4= IP188.114.96.1:0
GET /hiTS_Aj?pU9_Nb=Z3xyj2xhpZVoaoKnlWh1emBxqMGwjGtrfZiTZX1zkWZjaKZgY35wkWthh4Y/cindy.clark%40rbc.com&s3=&s4= HTTP/1.1
Host: gol.bd4e.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 19 Jan 2023 22:26:58 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8Bl461OTXxuSlNgX%2FXDiZxdndYzqwTXHm8HGa3Q6bGhljKBNOCFvyd%2BLK6HJPW8g6HELvOAqBaS%2BmN5QwVaGO%2Fhkjnj7qJr2vtv%2FixsV%2Fmjb%2FWfzX%2BXEgaUlYoKow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78c2feb21de6b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|