Report - savegreen.in/m&tcom/login.php?online

Report Overview

Submitted URL
savegreen.in/m&tcom/login.php?online_id=8349179a3b10fcf699
IP
68.178.145.136
ASN
#26496 AS-26496-GO-DADDY-COM-LLC
Submitted
2023-03-20 15:54:32
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-26T05:10:41Z	4.5 kB	9.1 kB	142.250.74.163
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-26T05:15:01Z	676 B	447 B	216.239.34.36
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	2.7 kB	44 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-26T06:22:54Z	863 B	15 kB	216.58.207.202
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-25T22:19:37Z	2.5 kB	114 kB	142.250.74.35
www.savegreen.in	unknown	2015-10-28T12:20:21Z	2023-03-21T09:25:23Z	12 kB	796 kB	68.178.145.136
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-26T06:13:32Z	673 B	2.0 kB	142.250.74.66
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-25T18:49:55Z	652 B	641 B	216.58.207.227
www.google.com	7	2015-05-10T13:11:19Z	2023-03-25T21:05:45Z	653 B	641 B	142.250.74.164
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-26T06:32:39Z	608 B	595 B	64.233.165.157
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	52.32.229.246
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-26T06:13:06Z	373 B	21 kB	142.250.74.142
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	2.7 kB	7.1 kB	23.33.119.27
savegreen.in	unknown	2015-08-24T09:37:13Z	2023-03-20T09:13:07Z	389 B	562 B	68.178.145.136
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-26T05:35:01Z	382 B	63 kB	142.250.74.168
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-20 15:54:22	low	68.178.145.136	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-03-20 15:54:24	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-20	medium	www.savegreen.in/savegreen/error.html	Phishing
2023-03-20	medium	www.savegreen.in/savegreen/js/wow.js	Phishing
2023-03-20	medium	www.savegreen.in/savegreen/js/script.js	Phishing
2023-03-20	medium	www.savegreen.in/savegreen/js/bootstrap.min.js	Phishing
2023-03-20	medium	www.savegreen.in/savegreen/js/jquery.js	Phishing
2023-03-20	medium	www.savegreen.in/savegreen/images/icons/preloader.GIF	Phishing
2023-03-20	medium	www.savegreen.in/savegreen/fonts/flaticon.woff	Phishing
2023-03-20	medium	www.savegreen.in/savegreen/fonts/fontawesome-webfont.woff2?v=4.3.0	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	www.savegreen.in/savegreen/error.html	341 B	2023-03-07	2023-03-26
Pretty URL www.savegreen.in/savegreen/error.html IP 68.178.145.136 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:27 Last Seen2023-03-26 12:50:24 Times Seen9 Hash 15e9bd22f3337724075110641de08ab2 e48a55078fa6da9e34d0cb431f5a4d464e78fb24 8cdec35a52f0599f2a33b6729d61fabb84bbec9c655234b8fc6fce7525eb8f50 Loading...

	www.savegreen.in/savegreen/js/script.js	9.1 kB	2023-03-07	2023-03-26
Pretty URL www.savegreen.in/savegreen/js/script.js IP 68.178.145.136 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:27 Last Seen2023-03-26 12:32:26 Times Seen8 Hash 684e1de52bbbc178a9c72316fc589877 03b744e3f5513d4690f054015d71f070d7da1f3f 14c27abc660327aa41e6d3f32f0c23db2f5e04cdac74818c2ac1ffa2594791c3 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/863268103/?random=1679327663530&cv=11&fst=1679327663530&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.savegreen.in%2Fsavegreen%2Ferror.html&tiba=404%20-%20Page%20Not%20Found&auid=1151623522.1679327664&rfmt=3&fmt=4	2.5 kB	2023-03-26	2023-03-26
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/863268103/?random=1679327663530&cv=11&fst=1679327663530&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.savegreen.in%2Fsavegreen%2Ferror.html&tiba=404%20-%20Page%20Not%20Found&auid=1151623522.1679327664&rfmt=3&fmt=4 IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:56:14 Last Seen2023-03-26 11:56:14 Times Seen1 Hash 0a498fd17dd31d4c96a772758d0897dc 0b3a02cc39828e6dcd2ee941f66a2aa39cc85219 4279edc260366ceb511b450e7200e5bf4af3a69f4447ec673fc0a8c014bcbd32 Loading...

	www.savegreen.in/savegreen/error.html	82 B	2023-03-07	2024-01-02
Pretty URL www.savegreen.in/savegreen/error.html IP 68.178.145.136 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:27 Last Seen2024-01-02 10:55:09 Times Seen10 Hash f1b08a0a1ab90ba92e3685489a9b5e8b f1bc6fa0de812714330fb05c815c4d5f4bd6d4a0 d1195f13d04c68b6432eeb90f7fb2739d09a9f9b64dd95a9da8acb4a1e61af82 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KJQHCSV	166 kB	2023-03-26	2023-03-26
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KJQHCSV IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:56:14 Last Seen2023-03-26 11:56:14 Times Seen1 Hash 8a78f9e605356751b276d66aaea3dcf0 85c37d50f417c34afd7289d841a8b9467b18a918 d92307fc27095ab75c3014ae9591043c304e4d74d556464ef84fffb192195021 Loading...

	www.googletagmanager.com/gtag/js?id=G-SCEYWEJ21M&l=dataLayer&cx=c	222 kB	2023-03-26	2023-03-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-SCEYWEJ21M&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:56:14 Last Seen2023-03-26 11:56:14 Times Seen1 Hash aa3ceb7434d646889407ad46eb7cfe4d 6d08f593561e353bf91dd6c3a341f0157cacce4a 1ac62ab6c4d00adfd1b85f97bf39a120a55eede2173926eb2736e0f13d9ec5d9 Loading...

	www.savegreen.in/savegreen/js/wow.js	6.2 kB	2023-03-07	2023-03-26
Pretty URL www.savegreen.in/savegreen/js/wow.js IP 68.178.145.136 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:27 Last Seen2023-03-26 12:32:26 Times Seen8 Hash 8983b22d5a51ff3217efe3bd7c9bc4d0 da52d744876902668c72f104b319e73789671f8d 119f9c799b876aea4169c633c7113856dd1eb23b03338fe63f0ccd054b4d4235 Loading...

	www.savegreen.in/savegreen/js/bootstrap.min.js	36 kB	2023-03-07	2023-03-26
Pretty URL www.savegreen.in/savegreen/js/bootstrap.min.js IP 68.178.145.136 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:27 Last Seen2023-03-26 12:32:26 Times Seen8 Hash eddd12de510c20b9b5bb2415ae280fc5 1cfc496d8bb62a43af7f40a3e392f6fa6603c720 eee4dc332223a3a1294cc8832ef5b1a9a7add80d05b16bcb116a18f0fca05602 Loading...

	www.savegreen.in/savegreen/js/jquery.js	96 kB	2023-03-07	2024-04-18
Pretty URL www.savegreen.in/savegreen/js/jquery.js IP 68.178.145.136 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:14 Last Seen2024-04-18 02:03:18 Times Seen2804 Hash 13c0a5055cca7b2463b2f73701960b9e e6082a7b52db82604ac446d2e6a32cb5af263781 20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104 Loading...

		Size	First Seen	Last Seen
	#1 Write - 5531a5834816222280f20d1ef9e95f69	4 B	2023-03-12	2024-01-28
Pretty Observations First Seen2023-03-12 12:17:15 Last Seen2024-01-28 13:22:54 Times Seen21116 Hash 5531a5834816222280f20d1ef9e95f69 445cd2fd3273962bdf09425109a2d09f7170e837 d398b29d3dbbb9bf201d4c7e1c19ff9d43c15fd45a0cec46fbe9885ec3f6e97f Loading...

HTTP Transactions (69)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5615
Expires: Mon, 20 Mar 2023 17:27:56 GMT
Date: Mon, 20 Mar 2023 15:54:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15639
Expires: Mon, 20 Mar 2023 20:15:00 GMT
Date: Mon, 20 Mar 2023 15:54:21 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 20 Mar 2023 15:14:55 GMT
content-type: application/json
age: 2366
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10099
Expires: Mon, 20 Mar 2023 18:42:40 GMT
Date: Mon, 20 Mar 2023 15:54:21 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ISPPVeuxUPNhVBDwewN8QZEx/SlgXojYFXjAKGiDgX4FRP/USwrNkPDvn/+bY6oYjDh7qvDVUXI=
x-amz-request-id: CPQVKC5AA5T6SW63
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 20 Mar 2023 14:58:44 GMT
age: 3337
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

savegreen.in/m&tcom/login.php?online_id=8349179a3b10fcf699

68.178.145.136

301 Moved Permanently

282 B

URL HTTP/1.1
savegreen.in/m&tcom/login.php?online_id=8349179a3b10fcf699
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
282 B (282 bytes)
Hash
2289f7ad4fc1fce03ab1866ef7f66e38
4de1ef95c9fc6199ddd3632abf9bac180cdfbdca
e6572b05ac84ad4be0afb062d8cad152077dd1ecdfcf3e9b3b0a8fb2706cf46c

HTTP Headers

GET /m&tcom/login.php?online_id=8349179a3b10fcf699 HTTP/1.1
Host: savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 20 Mar 2023 15:54:21 GMT
Server: Apache
Location: https://www.savegreen.in/m&tcom/login.php?online_id=8349179a3b10fcf699
Content-Length: 282
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 20 Mar 2023 15:54:21 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 20 Mar 2023 15:17:21 GMT
age: 2220
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5654
Expires: Mon, 20 Mar 2023 17:28:36 GMT
Date: Mon, 20 Mar 2023 15:54:22 GMT
Connection: keep-alive

www.savegreen.in/m&tcom/login.php?online_id=8349179a3b10fcf699

68.178.145.136

302 Found

229 B

URL HTTP/2
www.savegreen.in/m&tcom/login.php?online_id=8349179a3b10fcf699
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
229 B (229 bytes)
Hash
c045c8a7d162f78f51d506786390e0ca
5cf60d790a5d8015afe041d2f6c5877bf6e491ed
6513f3aeb78537d03509eca719febe37077e0424513d4875e684f4182fdb1cb2

HTTP Headers

GET /m&tcom/login.php?online_id=8349179a3b10fcf699 HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
location: https://www.savegreen.in/savegreen/error.html
content-length: 229
content-type: text/html; charset=iso-8859-1
date: Mon, 20 Mar 2023 15:54:22 GMT
server: Apache
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.32.229.246

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.32.229.246:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Sce/dvKkCTRLmggEQuxRgg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4LSlOd/YSrEOPsVd/UWoC5lFADc=

www.savegreen.in/savegreen/error.html

68.178.145.136

200 OK

2.6 kB

URL HTTP/2
www.savegreen.in/savegreen/error.html
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (400)
Size
2.6 kB (2584 bytes)
Hash
7dd875a2b25a0a32b9c7a4646ab36f32
48e01bab8772065cd9115a9fe5204f04cc85f0eb
0c90562b110b5330f3dc3f725fdb825540b51b462457cad34c1527a4fd6ff23e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /savegreen/error.html HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:39:15 GMT
etag: "1e412ff-2404-5e787f249fafa-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2584
content-type: text/html
date: Mon, 20 Mar 2023 15:54:22 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1619e65eeac4c79d93deb418bb1b740
b1c592a47ab71569364b05c87362caef4dea7c67
7c83a70b21133bb49f5e0f8e9abd1fecb1a814b754d6d26e598e7e4589564c04

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:54:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-KJQHCSV

142.250.74.168

200 OK

62 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-KJQHCSV
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (6452)
Size
62 kB (62426 bytes)
Hash
3678ae0694a71a8ce99bc773bf296e06
ebed8f4a2214e56979f564ec32682845b229c782
b9ca861dc14c30fb9c02ce76c12aff4345644834136b07a6a980f8969ac3e5ec

HTTP Headers

GET /gtm.js?id=GTM-KJQHCSV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Mar 2023 15:54:22 GMT
expires: Mon, 20 Mar 2023 15:54:22 GMT
cache-control: private, max-age=900
last-modified: Mon, 20 Mar 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 62426
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/css/responsive.css

68.178.145.136

200 OK

1.9 kB

URL HTTP/2
www.savegreen.in/savegreen/css/responsive.css
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
ASCII text
Size
1.9 kB (1873 bytes)
Hash
df6b09791520094255444a158a0eae17
fea36ada956a517e463f135f19af1b81d507a5cf
03eee340c3c173733398d51df8c60d1b9e4223d33c315b4dcce6e36efc3cdd7d

HTTP Headers

GET /savegreen/css/responsive.css HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/error.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:34:46 GMT
etag: "1e40304-267e-5e787e24e038c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1873
content-type: text/css
date: Mon, 20 Mar 2023 15:54:22 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1619e65eeac4c79d93deb418bb1b740
b1c592a47ab71569364b05c87362caef4dea7c67
7c83a70b21133bb49f5e0f8e9abd1fecb1a814b754d6d26e598e7e4589564c04

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:54:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.savegreen.in/savegreen/images/logo-1.png

68.178.145.136

200 OK

14 kB

URL HTTP/2
www.savegreen.in/savegreen/images/logo-1.png
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
PNG image data, 270 x 59, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14227 bytes)
Hash
11ac62d7294a19cea63708b5da8060a0
bb07b9d418749c5387ae199384ab87b6b6fa505d
05186dcfb4978b236377f068521041f0cc3de6010a06ba93abda22253c287eab

HTTP Headers

GET /savegreen/images/logo-1.png HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/error.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:38:32 GMT
etag: "1e412ce-3793-5e787efbdf5b9"
accept-ranges: bytes
content-length: 14227
content-type: image/png
date: Mon, 20 Mar 2023 15:54:22 GMT
server: Apache
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/css/style.css

68.178.145.136

200 OK

11 kB

URL HTTP/2
www.savegreen.in/savegreen/css/style.css
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
ASCII text
Size
11 kB (11318 bytes)
Hash
c016636578474d15e4cc9c40d951f806
08cce1325ab3aef74f12facc3926fcd202da4540
b757995dbe34b65de1fddab4cf62106a5236c3ebd3edecd4b25d6484a8ced4b7

HTTP Headers

GET /savegreen/css/style.css HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/error.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:34:48 GMT
etag: "1e40306-14007-5e787e26be039-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11318
content-type: text/css
date: Mon, 20 Mar 2023 15:54:22 GMT
server: Apache
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/css/bootstrap.css

68.178.145.136

200 OK

19 kB

URL HTTP/2
www.savegreen.in/savegreen/css/bootstrap.css
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (43756)
Size
19 kB (19205 bytes)
Hash
f70263026200e4cf154f61e6c311d41e
0110bae95b780650ea2e5e681959cd716cc02199
fb4390d6a20a9fb0c380386106397554e40c95b969fa54e35243b1b74e070c31

HTTP Headers

GET /savegreen/css/bootstrap.css HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/error.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:34:42 GMT
etag: "1e402fe-1c9d7-5e787e2068a53-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 19205
content-type: text/css
date: Mon, 20 Mar 2023 15:54:22 GMT
server: Apache
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/js/wow.js

68.178.145.136

200 OK

2.2 kB

URL HTTP/2
www.savegreen.in/savegreen/js/wow.js
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (6217), with CRLF line terminators
Size
2.2 kB (2150 bytes)
Hash
e3760a7092dd7f637ffafa7aa63b6cdc
4c69252ba82c869f847ab1a93c8b1b1c31aa2148
b1e2df458b1f29034c723c2e448768238a7130940ef582225117fe2288722aae

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /savegreen/js/wow.js HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/error.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:38:46 GMT
etag: "1e412dd-184d-5e787f093b585-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2150
content-type: application/javascript
date: Mon, 20 Mar 2023 15:54:22 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.savegreen.in/savegreen/js/script.js

68.178.145.136

200 OK

2.7 kB

URL HTTP/2
www.savegreen.in/savegreen/js/script.js
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
ASCII text, with CRLF line terminators
Size
2.7 kB (2702 bytes)
Hash
685d4383c98c14ab5f87185e131eea3a
fb66f40272f0c8c63627bbeba2d3bfaca206f63e
1a466a2a89a71b78c3efa83094f84580a67ee3f90e2689b803ec2e1075e04fc9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /savegreen/js/script.js HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/error.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:38:44 GMT
etag: "1e412db-236b-5e787f0791ccc-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2702
content-type: application/javascript
date: Mon, 20 Mar 2023 15:54:22 GMT
server: Apache
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/js/bootstrap.min.js

68.178.145.136

200 OK

9.4 kB

URL HTTP/2
www.savegreen.in/savegreen/js/bootstrap.min.js
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (32025), with CRLF line terminators
Size
9.4 kB (9439 bytes)
Hash
0dfcdc18803b69bc87187fd84801f65d
08a3c9289ca62c629018ca80298b92c733a9ede6
32b6e37227e2ae4d50061d37812bd6f8c2822235152ef49e3cdff38db8ab9eda

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /savegreen/js/bootstrap.min.js HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/error.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:38:35 GMT
etag: "1e412d1-8bd3-5e787efe8a79f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 9439
content-type: application/javascript
date: Mon, 20 Mar 2023 15:54:22 GMT
server: Apache
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-SCEYWEJ21M&gtm=45je33f0&_p=800223339&cid=947654942.1679327664&ul=en-us&sr=1280x1024&_s=1&sid=1679327663&sct=1&seg=0&dl=https%3A%2F%2Fwww.savegreen.in%2Fsavegreen%2Ferror.html&dt=404%20-%20Page%20Not%20Found&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-SCEYWEJ21M&gtm=45je33f0&_p=800223339&cid=947654942.1679327664&ul=en-us&sr=1280x1024&_s=1&sid=1679327663&sct=1&seg=0&dl=https%3A%2F%2Fwww.savegreen.in%2Fsavegreen%2Ferror.html&dt=404%20-%20Page%20Not%20Found&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-SCEYWEJ21M&gtm=45je33f0&_p=800223339&cid=947654942.1679327664&ul=en-us&sr=1280x1024&_s=1&sid=1679327663&sct=1&seg=0&dl=https%3A%2F%2Fwww.savegreen.in%2Fsavegreen%2Ferror.html&dt=404%20-%20Page%20Not%20Found&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.savegreen.in
Connection: keep-alive
Referer: https://www.savegreen.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.savegreen.in
date: Mon, 20 Mar 2023 15:54:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/js/jquery.js

68.178.145.136

200 OK

33 kB

URL HTTP/2
www.savegreen.in/savegreen/js/jquery.js
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (32038), with CRLF line terminators
Size
33 kB (33289 bytes)
Hash
974102b326f151ad5d65a2b8dbab8de1
ade3c0b49411dad4d3749980ebca8db137ccdd3c
d0b818c4365e46d213ec8c91d8e68a85fa38ee3531810b45139c1d00ba9db8dd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /savegreen/js/jquery.js HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/error.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:38:39 GMT
etag: "1e412d5-176da-5e787f0237698-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 33289
content-type: application/javascript
date: Mon, 20 Mar 2023 15:54:22 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5177
Expires: Mon, 20 Mar 2023 17:20:40 GMT
Date: Mon, 20 Mar 2023 15:54:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5177
Expires: Mon, 20 Mar 2023 17:20:40 GMT
Date: Mon, 20 Mar 2023 15:54:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5177
Expires: Mon, 20 Mar 2023 17:20:40 GMT
Date: Mon, 20 Mar 2023 15:54:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5177
Expires: Mon, 20 Mar 2023 17:20:40 GMT
Date: Mon, 20 Mar 2023 15:54:23 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffb155f3-4b60-4d8c-879f-3b7bd1c5c129.jpeg

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffb155f3-4b60-4d8c-879f-3b7bd1c5c129.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5311 bytes)
Hash
07289211ce045b31693c7bb59c06f338
210abec1182bb94b9d0e48827ecb8023611c4489
808b7bfa4b75cfb91e003d6375802da7d2719de29d4f64776dea57992b7632c4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffb155f3-4b60-4d8c-879f-3b7bd1c5c129.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5311
x-amzn-requestid: 3e000f36-3e2a-4008-950b-2e9f83306e51
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_w3eFmtIAMF7EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e95-1b9e4cc8033920ea365de22f;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: BMPxweRO692tG89Nk-DTd66mRNA9UwvlKmflVkF6qbtjNRQjQubNiA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:03:37 GMT
age: 64246
etag: "210abec1182bb94b9d0e48827ecb8023611c4489"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1c8c491-aa6d-4268-a72a-1f4233962425.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7249 bytes)
Hash
4e5aa79770d71507827e79149031b5cf
338ee74f53fac2b19a90981bc4b02a3c3722a1fa
81df6f2312df6e488ae91c172ecf872d694497ffe80500f71eb97e6c06ff5f5f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1c8c491-aa6d-4268-a72a-1f4233962425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: dfaf4924-b8c3-4b6b-a079-7c3903fdf4fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDVjGJyIAMFS9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f56-6379351b215dc2d9638de9ea;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:32:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: XYA6F9VzUqxozJS4OsX-TKy81mOHUB7N6L7rkCaQJmXe5n-a_Zce-Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 50faaaa196a6b0875217ef7827f97d7c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:15:51 GMT
age: 63512
etag: "338ee74f53fac2b19a90981bc4b02a3c3722a1fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8195 bytes)
Hash
2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hZeMhs-Z5fNn0pvRUSkNcGau_K6EG9EQtDktbLUth0uEveafUgCxeQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:14:44 GMT
age: 63579
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,500,500italic,700,700italic

216.58.207.202

200 OK

13 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,500,500italic,700,700italic
IP
216.58.207.202:0
ASN
#15169 GOOGLE

File type
data
Size
13 kB (13352 bytes)
Hash
cf27fd82f81908c20b7c9653717c8858
3b9f225196b24039198d131033e9d6ccdf89a82c
96c15a4441192da69e6dca8d69b27d54ad342e3ece855eabcb40f183d1fae312

HTTP Headers

GET /css?family=Roboto:400,300,300italic,400italic,500,500italic,700,700italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 20 Mar 2023 15:54:23 GMT
date: Mon, 20 Mar 2023 15:54:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7695 bytes)
Hash
302595cc68fe8cf12121d0f652b3194d
e5532a3fed552246e8a63ea2ba75e174273a7b9f
6ca3599a9af06f51d4dc205d4ebd8f7f8b38c54864b6b478eac8c0d1adbc97c6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7695
x-amzn-requestid: 1009077b-14aa-42e5-86f1-de94b8b2aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDETIHf8oAMFxEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641780e0-07bbb0376f1c1941731e00ba;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 388_JExXl_vwNTUh_69QfjoGz-cNeQwwrp6kpAP1Hhv3VvtgeeXbrw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 21:55:31 GMT
age: 64732
etag: "e5532a3fed552246e8a63ea2ba75e174273a7b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10338 bytes)
Hash
78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: xfkObFQbeYQQjIJ4FWQ7xKbH5FPxBQ1vkTDCwWCM6IcAAu8H31BNhQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 07:04:48 GMT
age: 31775
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/css/flaticon.css

68.178.145.136

200 OK

1.7 kB

URL HTTP/2
www.savegreen.in/savegreen/css/flaticon.css
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
ASCII text
Size
1.7 kB (1689 bytes)
Hash
54fbad82031f3562140cda0a804d71c4
e72d5cead978f75002f8db4f76d4dd43eb6e94e6
271c8a689e7351717112aa8708dc0464792d7923a99e9dc5d5be3826203d607c

HTTP Headers

GET /savegreen/css/flaticon.css HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/css/style.css
Cookie: _gcl_au=1.1.1151623522.1679327664; _ga_SCEYWEJ21M=GS1.1.1679327663.1.0.1679327663.0.0.0; _ga=GA1.1.947654942.1679327664
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:34:42 GMT
etag: "1e402ff-2a30-5e787e21167a0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1689
content-type: text/css
date: Mon, 20 Mar 2023 15:54:23 GMT
server: Apache
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/css/owl.css

68.178.145.136

200 OK

1.4 kB

URL HTTP/2
www.savegreen.in/savegreen/css/owl.css
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
ASCII text
Size
1.4 kB (1355 bytes)
Hash
7ec931de77b99403145e47c9daa0ad97
759d42337511b7e53ecb9388060268955320c93c
3ec993d84a730090c7f2c7f8283526acf40ee57d0a24b77af83b444d8169f781

HTTP Headers

GET /savegreen/css/owl.css HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/css/style.css
Cookie: _gcl_au=1.1.1151623522.1679327664; _ga_SCEYWEJ21M=GS1.1.1679327663.1.0.1679327663.0.0.0; _ga=GA1.1.947654942.1679327664
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:34:46 GMT
etag: "1e40303-15f6-5e787e2430ae6-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1355
content-type: text/css
date: Mon, 20 Mar 2023 15:54:23 GMT
server: Apache
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/css/jquery.fancybox.css

68.178.145.136

200 OK

1.4 kB

URL HTTP/2
www.savegreen.in/savegreen/css/jquery.fancybox.css
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
ASCII text
Size
1.4 kB (1399 bytes)
Hash
b2625e9ac2bb5aa14f93e0198d50005d
9bd1b938f962cb790b3e69e3ce94a7497ba68e0e
ca7f528ec4fa8dfbbd49644e8302f1e60ad043bb91ad477f99882a9cc960c45b

HTTP Headers

GET /savegreen/css/jquery.fancybox.css HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/css/style.css
Cookie: _gcl_au=1.1.1151623522.1679327664; _ga_SCEYWEJ21M=GS1.1.1679327663.1.0.1679327663.0.0.0; _ga=GA1.1.947654942.1679327664
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:34:45 GMT
etag: "1e40302-134b-5e787e238d592-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1399
content-type: text/css
date: Mon, 20 Mar 2023 15:54:23 GMT
server: Apache
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/css/animate.css

68.178.145.136

200 OK

4.4 kB

URL HTTP/2
www.savegreen.in/savegreen/css/animate.css
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
ASCII text
Size
4.4 kB (4433 bytes)
Hash
56cf4c8f8d982190ce032834ac488941
0a5a47d558f2f75078229cad20c567c10e76bdb8
1444c1b685d57bf6470858c268a983b47acab1ec5db86e8769079f7890fe3e6e

HTTP Headers

GET /savegreen/css/animate.css HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/css/style.css
Cookie: _gcl_au=1.1.1151623522.1679327664; _ga_SCEYWEJ21M=GS1.1.1679327663.1.0.1679327663.0.0.0; _ga=GA1.1.947654942.1679327664
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:34:41 GMT
etag: "1e402fd-1207c-5e787e1f680c7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4433
content-type: text/css
date: Mon, 20 Mar 2023 15:54:23 GMT
server: Apache
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/css/font-awesome.css

68.178.145.136

200 OK

5.6 kB

URL HTTP/2
www.savegreen.in/savegreen/css/font-awesome.css
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
troff or preprocessor input, ASCII text, with very long lines (372)
Size
5.6 kB (5633 bytes)
Hash
d231b63a9931dd073cbd45f3599bef0e
eac3d52338c67d82f3f6da510a16d6b42ed646ea
6c1f72a30b50be1e19690d421e5399fe2e9c1b236f15eabf92a9914dbc3c6031

HTTP Headers

GET /savegreen/css/font-awesome.css HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/css/style.css
Cookie: _gcl_au=1.1.1151623522.1679327664; _ga_SCEYWEJ21M=GS1.1.1679327663.1.0.1679327663.0.0.0; _ga=GA1.1.947654942.1679327664
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:34:43 GMT
etag: "1e40300-6f78-5e787e21e67d1-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5633
content-type: text/css
date: Mon, 20 Mar 2023 15:54:23 GMT
server: Apache
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/css/hover.css

68.178.145.136

200 OK

8.5 kB

URL HTTP/2
www.savegreen.in/savegreen/css/hover.css
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
ASCII text
Size
8.5 kB (8516 bytes)
Hash
051a94209faec61ddbb428fac1874f82
16f9944118fade7325efffcba4855f7ca97747ef
1e01b513e4001e41703350e1490c8c0feb6ff56ebc446eef0d7e55e0345b7ff8

HTTP Headers

GET /savegreen/css/hover.css HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/css/style.css
Cookie: _gcl_au=1.1.1151623522.1679327664; _ga_SCEYWEJ21M=GS1.1.1679327663.1.0.1679327663.0.0.0; _ga=GA1.1.947654942.1679327664
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:34:44 GMT
etag: "1e40301-1f13c-5e787e22df844-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 8516
content-type: text/css
date: Mon, 20 Mar 2023 15:54:23 GMT
server: Apache
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/images/resource/error-image.png

68.178.145.136

200 OK

220 kB

URL HTTP/2
www.savegreen.in/savegreen/images/resource/error-image.png
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
PNG image data, 558 x 431, 8-bit/color RGBA, non-interlaced\012- data
Size
220 kB (219883 bytes)
Hash
a0996e34317709458375f2a80bb6dc0a
fc463f3dc0f565310651e1eea530ad44da9b664c
c3736645be78309912bcec9893c73355cc768fb50e64fd83de152be862159351

HTTP Headers

GET /savegreen/images/resource/error-image.png HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/error.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:36:53 GMT
etag: "1e40734-35aeb-5e787e9d4463b"
accept-ranges: bytes
content-length: 219883
content-type: image/png
date: Mon, 20 Mar 2023 15:54:22 GMT
server: Apache
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/images/background/footer-bg.jpg

68.178.145.136

200 OK

176 kB

URL HTTP/2
www.savegreen.in/savegreen/images/background/footer-bg.jpg
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1919x797, components 3\012- data
Size
176 kB (175853 bytes)
Hash
8dcac593734e7e69278c1d5c6d8f5a95
2d7bc36b8166a8598471d05194d7a1cc939c7ae7
6e93c27a7351ea204baf436bee5900ae2dc4828ba370d0b85103b89fc21b6e2b

HTTP Headers

GET /savegreen/images/background/footer-bg.jpg HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/error.html
Cookie: _gcl_au=1.1.1151623522.1679327664; _ga_SCEYWEJ21M=GS1.1.1679327663.1.0.1679327663.0.0.0; _ga=GA1.1.947654942.1679327664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:35:27 GMT
etag: "1e40458-2aeed-5e787e4b68e96"
accept-ranges: bytes
content-length: 175853
content-type: image/jpeg
date: Mon, 20 Mar 2023 15:54:23 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.savegreen.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 14:12:20 GMT
expires: Tue, 19 Mar 2024 14:12:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 6123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

142.250.74.35

200 OK

46 kB

URL HTTP/2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Size
46 kB (46524 bytes)
Hash
c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

HTTP Headers

GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.savegreen.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 17:34:01 GMT
expires: Fri, 15 Mar 2024 17:34:01 GMT
cache-control: public, max-age=31536000
age: 339622
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.savegreen.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 14:32:30 GMT
expires: Thu, 14 Mar 2024 14:32:30 GMT
cache-control: public, max-age=31536000
age: 436913
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.savegreen.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 07:51:59 GMT
expires: Thu, 14 Mar 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 460944
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.savegreen.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 14 Mar 2023 13:09:06 GMT
expires: Wed, 13 Mar 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 528317
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/images/icons/preloader.GIF

68.178.145.136

200 OK

24 kB

URL HTTP/2
www.savegreen.in/savegreen/images/icons/preloader.GIF
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
GIF image data, version 89a, 48 x 48\012- data
Size
24 kB (24312 bytes)
Hash
8733ef5b56912d3f439936fba2291b41
dda06722dea18b81968f2e8d909828820f554a1d
f98825bbe5876cc61b9dcfef9d7b90a92b62e8270cd372f90d67e2661ec15ade

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /savegreen/images/icons/preloader.GIF HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/css/style.css
Cookie: _gcl_au=1.1.1151623522.1679327664; _ga_SCEYWEJ21M=GS1.1.1679327663.1.0.1679327663.0.0.0; _ga=GA1.1.947654942.1679327664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:36:01 GMT
etag: "1e406fa-5ef8-5e787e6c2532d"
accept-ranges: bytes
content-length: 24312
content-type: image/gif
date: Mon, 20 Mar 2023 15:54:23 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.savegreen.in/savegreen/images/background/map-pattern.png

68.178.145.136

200 OK

162 kB

URL HTTP/2
www.savegreen.in/savegreen/images/background/map-pattern.png
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
PNG image data, 1391 x 693, 8-bit/color RGBA, non-interlaced\012- data
Size
162 kB (161764 bytes)
Hash
fe7dccdcc09169f8ee88294b14d4ef82
7e34ca1e1a661fa37e2dcf90f4cea6e5cdf6e1af
966eb1839c74bb2215036109b35796a211e231f2976a742e58cd47a79fc16bf8

HTTP Headers

GET /savegreen/images/background/map-pattern.png HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/css/style.css
Cookie: _gcl_au=1.1.1151623522.1679327664; _ga_SCEYWEJ21M=GS1.1.1679327663.1.0.1679327663.0.0.0; _ga=GA1.1.947654942.1679327664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:35:30 GMT
etag: "1e4045b-277e4-5e787e4e7a154"
accept-ranges: bytes
content-length: 161764
content-type: image/png
date: Mon, 20 Mar 2023 15:54:23 GMT
server: Apache
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/fonts/flaticon.woff

68.178.145.136

200 OK

30 kB

URL HTTP/2
www.savegreen.in/savegreen/fonts/flaticon.woff
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
Web Open Font Format, TrueType, length 30372, version 0.0\012- data
Size
30 kB (30372 bytes)
Hash
7c7a34065a9d9a74c8409793b8838847
7a7e365d9ca07196303c0ed0f0e00703eed1b353
a461659b2ef554fae4a9f6fc1b7537b54a70a302c350c653c99ce867923fef54

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /savegreen/fonts/flaticon.woff HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/css/flaticon.css
Cookie: _gcl_au=1.1.1151623522.1679327664; _ga_SCEYWEJ21M=GS1.1.1679327663.1.0.1679327663.0.0.0; _ga=GA1.1.947654942.1679327664
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:35:07 GMT
etag: "1e4031e-76a4-5e787e3894436"
accept-ranges: bytes
content-length: 30372
vary: Accept-Encoding,User-Agent
content-type: font/woff
date: Mon, 20 Mar 2023 15:54:23 GMT
server: Apache
X-Firefox-Spdy: h2

www.savegreen.in/savegreen/fonts/fontawesome-webfont.woff2?v=4.3.0

68.178.145.136

200 OK

57 kB

URL HTTP/2
www.savegreen.in/savegreen/fonts/fontawesome-webfont.woff2?v=4.3.0
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Size
57 kB (56780 bytes)
Hash
97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /savegreen/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/css/font-awesome.css
Cookie: _gcl_au=1.1.1151623522.1679327664; _ga_SCEYWEJ21M=GS1.1.1679327663.1.0.1679327663.0.0.0; _ga=GA1.1.947654942.1679327664
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:35:12 GMT
etag: "1e40329-ddcc-5e787e3d57c4d"
accept-ranges: bytes
content-length: 56780
vary: Accept-Encoding,User-Agent
content-type: font/woff2
date: Mon, 20 Mar 2023 15:54:23 GMT
server: Apache
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.142

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 20 Mar 2023 15:53:25 GMT
expires: Mon, 20 Mar 2023 17:53:25 GMT
cache-control: public, max-age=7200
age: 59
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e64fc6f9ae4228dd2fc48d61e1d8841
ae781abd01bae215d2ccc65fe308aaa4e3df6706
f8f424b8de4cb7cea5608432bbad1786f02cbc7e3c111f5d395288065f134fa0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/863268103/?random=1679327663530&cv=11&fst=1679327663530&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.savegreen.in%2Fsavegreen%2Ferror.html&tiba=404%20-%20Page%20Not%20Found&auid=1151623522.1679327664&rfmt=3&fmt=4

142.250.74.66

200 OK

1.2 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/863268103/?random=1679327663530&cv=11&fst=1679327663530&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.savegreen.in%2Fsavegreen%2Ferror.html&tiba=404%20-%20Page%20Not%20Found&auid=1151623522.1679327664&rfmt=3&fmt=4
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2521), with no line terminators
Size
1.2 kB (1199 bytes)
Hash
1287ef9ddd70193d6782b5ef2157c380
bbc36cba6a6aa419f45c78ff84e36e6f65704edb
e670a7c82eabd821f67aec479af1762feb4972c367910d59c91d2f95014bc168

HTTP Headers

GET /pagead/viewthroughconversion/863268103/?random=1679327663530&cv=11&fst=1679327663530&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.savegreen.in%2Fsavegreen%2Ferror.html&tiba=404%20-%20Page%20Not%20Found&auid=1151623522.1679327664&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 15:54:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 20-Mar-2023 16:09:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e64fc6f9ae4228dd2fc48d61e1d8841
ae781abd01bae215d2ccc65fe308aaa4e3df6706
f8f424b8de4cb7cea5608432bbad1786f02cbc7e3c111f5d395288065f134fa0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.savegreen.in/favicon.ico

68.178.145.136

200 OK

792 B

URL HTTP/2
www.savegreen.in/favicon.ico
IP
68.178.145.136:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
792 B (792 bytes)
Hash
48b61d1b3544fcc049eeadc61355ecc9
ac3ebf180ab61efa2f3ef1f000c46d5608e7a252
f4ca63ede1ba17c7a07314aedaf3ba6b3915b8e5543a80f7f409dfe9f664f9ec

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.savegreen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/savegreen/error.html
Cookie: _gcl_au=1.1.1151623522.1679327664; _ga_SCEYWEJ21M=GS1.1.1679327663.1.0.1679327663.0.0.0; _ga=GA1.1.947654942.1679327664
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 11:42:27 GMT
etag: "1e00c06-301-5e787fdc1c04d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 792
content-type: image/x-icon
date: Mon, 20 Mar 2023 15:54:24 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2eb57e50cf85e854f2979aae08edfbbd
c1d8f0aa625a907989b1eedd64dfaa8b59f73d14
e36ae9f68c31c5d9f1eb6a96b26f97b94b8d61f8a47aa1c576bc0f816e3a2e14

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e8fc65c8ed6ea66df6d6f044d7636fe2
da5b32e7c3fb8dddbd1466e4733cab6e35a66f8c
733e51b02cac5aca153e462118e12f623b0be034bb5488eb021c09a4b41744dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/863268103/?random=1679327663530&cv=11&fst=1679324400000&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.savegreen.in%2Fsavegreen%2Ferror.html&tiba=404%20-%20Page%20Not%20Found&fmt=3&is_vtc=1&random=2701314182&rmt_tld=1&ipr=y

216.58.207.227

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/863268103/?random=1679327663530&cv=11&fst=1679324400000&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.savegreen.in%2Fsavegreen%2Ferror.html&tiba=404%20-%20Page%20Not%20Found&fmt=3&is_vtc=1&random=2701314182&rmt_tld=1&ipr=y
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/863268103/?random=1679327663530&cv=11&fst=1679324400000&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.savegreen.in%2Fsavegreen%2Ferror.html&tiba=404%20-%20Page%20Not%20Found&fmt=3&is_vtc=1&random=2701314182&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 15:54:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/863268103/?random=1679327663530&cv=11&fst=1679324400000&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.savegreen.in%2Fsavegreen%2Ferror.html&tiba=404%20-%20Page%20Not%20Found&fmt=3&is_vtc=1&random=2701314182&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/863268103/?random=1679327663530&cv=11&fst=1679324400000&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.savegreen.in%2Fsavegreen%2Ferror.html&tiba=404%20-%20Page%20Not%20Found&fmt=3&is_vtc=1&random=2701314182&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/863268103/?random=1679327663530&cv=11&fst=1679324400000&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.savegreen.in%2Fsavegreen%2Ferror.html&tiba=404%20-%20Page%20Not%20Found&fmt=3&is_vtc=1&random=2701314182&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 20 Mar 2023 15:54:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2f656ecf7dfa2c439943f8adc7af7af3
7e1e963c5a29b4355c05a3824b9cab61c8c8e98b
a5eacea5ab24e16191f73cab5a4554ccc2a5150db6b578c478e078f28793c51b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-104887549-1&cid=947654942.1679327664&jid=2125462985&gjid=1689335403&_gid=522338826.1679327665&_u=YADAAEAAAAAAACAAI~&z=1250681656

64.233.165.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-104887549-1&cid=947654942.1679327664&jid=2125462985&gjid=1689335403&_gid=522338826.1679327665&_u=YADAAEAAAAAAACAAI~&z=1250681656
IP
64.233.165.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-104887549-1&cid=947654942.1679327664&jid=2125462985&gjid=1689335403&_gid=522338826.1679327665&_u=YADAAEAAAAAAACAAI~&z=1250681656 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.savegreen.in
Connection: keep-alive
Referer: https://www.savegreen.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.savegreen.in
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Mar 2023 15:54:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d2b91b87a3060a36d0002f6338924521
b216a0ae0e118f942207ae6c51a5309393fe79f4
835446923abce8bde27c74317de5388462f43f7cbf93293a15891a2a2554e406

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:54:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Raleway:800,700,600,500,400,400italic

216.58.207.202

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Raleway:800,700,600,500,400,400italic
IP
216.58.207.202:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Raleway:800,700,600,500,400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.savegreen.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 20 Mar 2023 15:54:23 GMT
date: Mon, 20 Mar 2023 15:54:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML