epfo-login.pages.dev Open in urlscan Pro
172.66.44.106 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://epfo-login.pages.dev/
Submission: On October 30 via automatic, source certstream-suspicious (October 30th 2024, 10:54:40 am UTC) — Scanned from DE

Summary HTTP 18 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 172.66.44.106, located in United States and belongs to CLOUDFLARENET, US. The main domain is epfo-login.pages.dev.
TLS certificate: Issued by WE1 on October 30th 2024. Valid for: 3 months.

This is the only time epfo-login.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	172.66.44.106 172.66.44.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:2ad2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	172.67.166.76 172.67.166.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
18	7

6 172.66.44.106 (United States)

ASN13335 (CLOUDFLARENET, US)

epfo-login.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:2ad2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.digivill.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.166.76 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.digivill.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	pages.dev epfo-login.pages.dev	168 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	197 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245 ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383	19 KB
3	digivill.in static.digivill.in analytics.digivill.in	6 KB
18	4

	Domain	Requested by
6	epfo-login.pages.dev	epfo-login.pages.dev
5	pagead2.googlesyndication.com	epfo-login.pages.dev pagead2.googlesyndication.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	analytics.digivill.in	epfo-login.pages.dev analytics.digivill.in
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	static.digivill.in
18	6

This site contains links to these domains. Also see Links.

Domain
www.epfindia.gov.in
registration.shramsuvidha.gov.in
unifiedportal-mem.epfindia.gov.in
epfoportals.epfindia.gov.in
jeevanpramaan.gov.in
epfigms.gov.in
www.iciciprulife.com
pib.gov.in

Subject Issuer	Validity	Valid
epfo-login.pages.dev WE1	`2024-10-30` - `2025-01-28`	3 months	crt.sh
static.digivill.in WE1	`2024-10-25` - `2025-01-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
digivill.in Cloudflare Inc ECC CA-3	`2024-01-29` - `2024-12-31`	a year	crt.sh
adtrafficquality.google WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://epfo-login.pages.dev/
Frame ID: BECA7B5573D401088025FD86F6741729
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241024/r20190131/zrt_lookup_fy2021.html
Frame ID: A9732C4341C2311A8C199C98EF18A1C7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2858506899053135&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730285676&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fepfo-login.pages.dev%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aifgd=1&aipaq=1&itsi=-1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730285676168&bpp=2&bdt=118&idt=84&shv=r20241024&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4971286079930&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95332587%2C95344187%2C95345280%2C95335247%2C95345788&oid=2&pvsid=1640662722578474&tmod=2119884527&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=101
Frame ID: 647D92FBB4F544AAAC7BB1FD8DA2C02C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2858506899053135&output=html&h=280&slotname=7999008314&adk=1824374805&adf=843565979&pi=t.ma~as.7999008314&w=336&abgtt=6&lmt=1730285676&format=336x280&url=https%3A%2F%2Fepfo-login.pages.dev%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730285676171&bpp=1&bdt=121&idt=121&shv=r20241024&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4971286079930&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95332587%2C95344187%2C95345280%2C95335247%2C95345788&oid=2&pvsid=1640662722578474&tmod=2119884527&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=144
Frame ID: DD70FDCEE61F7961C1D5C3AB0D5D2412
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: AF87E8C33C7E46ED3B3BEE7D717026BD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EPFO Login - Employee & Employer Login, Passbook & EPF Withdrawal

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

18
Requests

94 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

7
IPs

2
Countries

391 kB
Transfer

827 kB
Size

0
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://www.epfindia.gov.in/site_en/AboutEPFO.php
Title: The Employees' Provident Fund Organization (EPFO)

Search URL Search Domain Scan URL

URL: https://www.epfindia.gov.in/site_docs/PDFs/Downloads_PDFs/EDLI_1976.pdf
Title: Employees' Deposit Linked Insurance (EDLI)

Search URL Search Domain Scan URL

URL: https://www.epfindia.gov.in/site_en/For_Employers.php
Title: For Employers

Search URL Search Domain Scan URL

URL: https://registration.shramsuvidha.gov.in/user/login
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.epfindia.gov.in/site_en/For_Employees.php
Title: For Employees

Search URL Search Domain Scan URL

URL: https://unifiedportal-mem.epfindia.gov.in/memberinterface/
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.epfindia.gov.in/site_en/International_workers.php
Title: For International Workers

Search URL Search Domain Scan URL

URL: https://epfoportals.epfindia.gov.in/iwu/
Title: Log In

Search URL Search Domain Scan URL

URL: https://jeevanpramaan.gov.in/locator
Title: For Pensioners

Search URL Search Domain Scan URL

URL: https://jeevanpramaan.gov.in/ppouser/login
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.epfindia.gov.in/site_docs/PDFs/Downloads_PDFs/Form19.pdf
Title: Form 19

Search URL Search Domain Scan URL

URL: https://www.epfindia.gov.in/site_docs/PDFs/Downloads_PDFs/Form31.pdf
Title: Form 31

Search URL Search Domain Scan URL

URL: https://www.epfindia.gov.in/site_docs/PDFs/Downloads_PDFs/Form10C.pdf
Title: Form 10C

Search URL Search Domain Scan URL

URL: https://www.epfindia.gov.in/site_docs/PDFs/Downloads_PDFs/Form10D.pdf
Title: Form 10D

Search URL Search Domain Scan URL

URL: https://www.epfindia.gov.in/site_docs/PDFs/Downloads_PDFs/Form20.pdf
Title: Form 20

Search URL Search Domain Scan URL

URL: https://www.epfindia.gov.in/site_docs/PDFs/Downloads_PDFs/Form5IF.pdf
Title: Form 5(IF)

Search URL Search Domain Scan URL

URL: https://epfigms.gov.in/
Title: https://epfigms.gov.in/

Search URL Search Domain Scan URL

URL: https://epfigms.gov.in/Grievance/GrievanceMaster
Title: Register Grievance

Search URL Search Domain Scan URL

URL: https://www.iciciprulife.com/insurance-library/income-tax/what-is-section-80c-of-income-tax-act.html
Title: tax deductions under Section 80C of the Income Tax Act

Search URL Search Domain Scan URL

URL: https://www.epfindia.gov.in/site_docs/PDFs/Downloads_PDFs/Form10C_Instructions_Eng.pdf
Title: The Employees' Pension Scheme (EPS)

Search URL Search Domain Scan URL

URL: https://pib.gov.in/PressReleaseIframePage.aspx?PRID=2029381
Title: benefiting over 7 lakh EPS members

Search URL Search Domain Scan URL

URL: https://www.epfindia.gov.in/site_docs/PDFs/UAN_PDFs/UAN_ForMembers/User_Manual_Ver1.1_UAN_MemberPortal.pdf
Title: The Universal Account Number (UAN)

Search URL Search Domain Scan URL

URL: https://www.epfindia.gov.in/site_en/FAQ.php
Title: Frequently Asked Questions Related to EPF Scheme

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
epfo-login.pages.dev/ 34 KB
9 KB 62ms
36ms Document
text/html 172.66.44.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://epfo-login.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8835210930135857f6cdfd2e4a725f86c6a059e202021b2efc11f68ade5f8286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-ray: 8daade43191bdc56-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 30 Oct 2024 10:54:36 GMT
link: <https://static.digivill.in/css/yojana.min.css>; rel="preload"; as=style, <//static.digivill.in>; rel="preconnect", <https://analytics.digivill.in>; rel="preconnect"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5rkQ4bYyFWn1P6XM827VzWxnsbTCZg%2Bzivycak1C9AvDCXYEEMGO9hEi4nqqbpbTPGcjp4ko%2FoGoKxifqOlPScQD5a6KyPhFO%2BVmtFrC1A%2Fm0kehqC5Ea0Ye%2F97%2BHejqXmSOTJCmrg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=6822&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4149&recv_bytes=4445&delivery_rate=85880&cwnd=12000&unsent_bytes=0&cid=2c916c5799432c9c&ts=39&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: all
x-xss-protection: 1; mode=block

GET
H2 200 yojana.min.css
static.digivill.in/css/ 10 KB
4 KB 53ms
16ms Stylesheet
text/css 2606:4700:3034::6815:2ad2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.digivill.in/css/yojana.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2ad2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

057701289a26e8087a2401ddfa578b75a56583487f63c8a093b6385a4fa008ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag: noindex
content-encoding: gzip
cf-cache-status: HIT
etag: W/"ad4a204becb6a895711525e6c5c16728"
age: 23446
x-permitted-cross-domain-policies: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EQZdVX%2F4q2lDP8pgFxECg8tPO10%2FOsordMq3vrkVNQG2u6i68u4rFJDoZLy4TAnG37mszWwjiCvfbnCN2QO8XcxnxRIWOSGLcV4RRYPi6mYddhxHXynl3udUdqjsRuie3EkR2sA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6458&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3973&recv_bytes=2212&delivery_rate=591787&cwnd=253&unsent_bytes=0&cid=a63ea977f615e6e5&ts=21&x=0"
date: Wed, 30 Oct 2024 10:54:36 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
cf-ray: 8daade439b21d25c-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
52 KB 43ms
25ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2858506899053135

Requested by

Host: epfo-login.pages.dev
URL: https://epfo-login.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

fd630b111b09c32774db454290055543747a96c717b18ba8018e2f740a24e1a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://epfo-login.pages.dev
Referer

Response headers

content-encoding: br
etag: 12237117581123627375
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 10:54:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 30 Oct 2024 10:54:36 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53377
x-xss-protection: 0
server: cafe

GET
H3 200 script.js Show response
analytics.digivill.in/js/ 1 KB
1 KB 63ms
28ms Script
application/javascript 172.67.166.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.digivill.in/js/script.js

Requested by

Host: epfo-login.pages.dev
URL: https://epfo-login.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.166.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
age: 23111
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NyrFP3YUYSrb1Op3Txt7Io7q06LC8KGEAA0iahsd78SfArl6XerKy5INwSdO%2FBqHO5IMhjnFeV8cK4XqsfT3D8zgGu4SQbCfuSB1Q0xg%2FyyUrmyXZcxxteldPvKfONH6nHf%2B3K%2FefWg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15832&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4003&recv_bytes=4217&delivery_rate=172384&cwnd=12000&unsent_bytes=0&cid=a5d080ef6eb56db0&ts=33&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 30 Oct 2024 10:54:36 GMT
content-type: application/javascript
last-modified: Wed, 30 Oct 2024 04:29:25 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=31536000, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8daade43be56153f-CDG
access-control-allow-origin: *
server: cloudflare

GET
H3 200 logo.png
epfo-login.pages.dev/ 0
8 KB 49ms
49ms Other
image/png 172.66.44.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://epfo-login.pages.dev/logo.png

Requested by

Host: epfo-login.pages.dev
URL: https://epfo-login.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

etag: "315639203a3ebfb0f891ab41f0a84639"
x-permitted-cross-domain-policies: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j38hRnN898Q9hhm17QeTX3P89EHno5CboMwIlA3NFldEs2TqMtUPYX%2FZv7y4Fko7UcaBvwxcoOf1vtUZzgpTFj%2BB0fmtRnVuz8ld8JinU0iNGgKdVgPDB%2Bk8DMefv8phLI8vDgDm0g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6804&sent=21&recv=15&lost=0&retrans=0&sent_bytes=14107&recv_bytes=5040&delivery_rate=374031&cwnd=12000&unsent_bytes=0&cid=2c916c5799432c9c&ts=113&x=1", cfHdrFlush;dur=0
date: Wed, 30 Oct 2024 10:54:36 GMT
content-type: image/png
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
cf-ray: 8daade437a09dc56-FRA
access-control-allow-origin: *
content-length: 7781
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 EPFO-Login.webp
epfo-login.pages.dev/content/images/2024/10/ 72 KB
73 KB 55ms
54ms Image
image/webp 172.66.44.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://epfo-login.pages.dev/content/images/2024/10/EPFO-Login.webp

Requested by

Host: epfo-login.pages.dev
URL: https://epfo-login.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8686efa2b1d06ffc1d9413101ce52ecf53ea700c72c4510f5ecaf153d2e6f144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

etag: "89f48e4db198a7667f6f3415bcffcd7d"
x-permitted-cross-domain-policies: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iBz7NHuto9ffOuzyNBOs6MgT8vbCTQeK%2FBUWuOPTuz7X4HPAyDWzZHY9XMSfXJHAdHMacE4h8QpAYCBEDM7dRNs7sA8xNvjcV%2Fpv80n3Y1OgRdkOwLiIWQD%2F%2FWwoyaYB8eQmTPrvlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6757&sent=40&recv=22&lost=0&retrans=0&sent_bytes=34788&recv_bytes=6230&delivery_rate=181668&cwnd=12000&unsent_bytes=0&cid=2c916c5799432c9c&ts=183&x=1", cfHdrFlush;dur=4
date: Wed, 30 Oct 2024 10:54:36 GMT
content-type: image/webp
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
cf-ray: 8daade43eb16dc56-FRA
access-control-allow-origin: *
content-length: 73890
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 EPF-Passbook.webp
epfo-login.pages.dev/content/images/2024/10/ 47 KB
47 KB 69ms
69ms Image
image/webp 172.66.44.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://epfo-login.pages.dev/content/images/2024/10/EPF-Passbook.webp

Requested by

Host: epfo-login.pages.dev
URL: https://epfo-login.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e83e5ee9e4ffcf1a81e687861e0188b177686e18099151eda0a2b78945cf6778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

etag: "af4dbbb6bfa4ad15ae16703b22e9105f"
x-permitted-cross-domain-policies: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Um6akmBR5pn7auYMu1M8m3HLAyGAg%2FA5TanXV686hXTJAw7prxiGth5zIUVDB%2B22kUDfQ0kxSkKff1%2FBOUPAv9%2FsXR2FoRNYMspmAn3oW%2FxVhnko7KrpNikYlpygX5jiQlnwx9Zvew%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6757&sent=40&recv=22&lost=0&retrans=0&sent_bytes=34788&recv_bytes=6230&delivery_rate=181668&cwnd=12000&unsent_bytes=0&cid=2c916c5799432c9c&ts=177&x=1", cfHdrFlush;dur=10
date: Wed, 30 Oct 2024 10:54:36 GMT
content-type: image/webp
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
cf-ray: 8daade43eb1bdc56-FRA
access-control-allow-origin: *
content-length: 47636
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 Member-KYC.webp
epfo-login.pages.dev/content/images/2024/10/ 30 KB
31 KB 45ms
44ms Image
image/webp 172.66.44.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://epfo-login.pages.dev/content/images/2024/10/Member-KYC.webp

Requested by

Host: epfo-login.pages.dev
URL: https://epfo-login.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bec0dd7f060a030e5b5d0d5a6a8d426c9e1c309d9411cfcc831d89fa07e630a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

etag: "abf52553a3ffb9db2943c96d73134180"
x-permitted-cross-domain-policies: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BkLwD%2B%2BxXM6kBaWxiLomCJ%2BK6KQypX0IsO1eSYsAdJGjNBqXDBVjz9wPHyT87GmNIEoUySEgjQeo2dzsaDuaR8%2F5rg8Z7CPmWbSwme%2BlwT22b51eegSesKpXD2GSUyfs%2BOnzoP%2B8Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6757&sent=30&recv=22&lost=0&retrans=0&sent_bytes=22788&recv_bytes=6230&delivery_rate=181668&cwnd=12000&unsent_bytes=0&cid=2c916c5799432c9c&ts=174&x=1", cfHdrFlush;dur=0
date: Wed, 30 Oct 2024 10:54:36 GMT
content-type: image/webp
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
cf-ray: 8daade43eb1cdc56-FRA
access-control-allow-origin: *
content-length: 30570
x-xss-protection: 1; mode=block
server: cloudflare

POST
H3 202 event Show response
analytics.digivill.in/api/ 2 B
774 B 182ms
162ms XHR
text/plain 172.67.166.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.digivill.in/api/event

Requested by

Host: analytics.digivill.in
URL: https://analytics.digivill.in/js/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.166.76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

x-request-id: GAM1p7RG2sdAaMEMylWC
access-control-expose-headers
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wzfZZz02sY4dslQWaKVWat%2FOBXRsLh7Wfm3yIz0DRRDWzbdb%2BnDBUYx2sDbIbTJYVkILKtCEKSo%2BVsTM6pz%2FtUUrUIM%2FTN4u2w8t9R1wiK1kJR7nWl7nyQWfGZrCrCDJnGxfkU5oNjg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16353&sent=11&recv=10&lost=0&retrans=0&sent_bytes=2689&recv_bytes=4385&delivery_rate=676&cwnd=12000&unsent_bytes=0&cid=6c301796be3e75eb&ts=165&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 30 Oct 2024 10:54:36 GMT
content-type: text/plain; charset=utf-8
priority: u=1,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=0, private, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-plausible-dropped: 1
cf-ray: 8daade440accf18f-CDG
access-control-allow-origin: *
content-length: 2
server: cloudflare

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/ 435 KB
145 KB 54ms
53ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2858506899053135&plah=epfo-login.pages.dev

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2858506899053135

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

920710ff714a0505e49b095d6a998c10d1d70c999339740213cef04d91c9ccd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 7573082923993155134
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 10:54:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 30 Oct 2024 10:54:36 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 148313
x-xss-protection: 0
server: cafe

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241024/r20190131/ Frame A973 0
0 19ms
6ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20241024/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2858506899053135&plah=epfo-login.pages.dev

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 63099
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Oct 2024 17:22:57 GMT
etag: 13108003645644964576
expires: Tue, 12 Nov 2024 17:22:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 647D 0
0 58ms
57ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2858506899053135&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730285676&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fepfo-login.pages.dev%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aifgd=1&aipaq=1&itsi=-1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730285676168&bpp=2&bdt=118&idt=84&shv=r20241024&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4971286079930&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95332587%2C95344187%2C95345280%2C95335247%2C95345788&oid=2&pvsid=1640662722578474&tmod=2119884527&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=101

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 10:54:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame DD70 0
0 67ms
66ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2858506899053135&output=html&h=280&slotname=7999008314&adk=1824374805&adf=843565979&pi=t.ma~as.7999008314&w=336&abgtt=6&lmt=1730285676&format=336x280&url=https%3A%2F%2Fepfo-login.pages.dev%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730285676171&bpp=1&bdt=121&idt=121&shv=r20241024&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4971286079930&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95332587%2C95344187%2C95345280%2C95335247%2C95345788&oid=2&pvsid=1640662722578474&tmod=2119884527&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=144

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 10:54:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 16 KB
12 KB 56ms
25ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241024&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ac3ed0d72e1913364604a55eac31e0089e908c2241a665574f958010ae579685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12739
date: Wed, 30 Oct 2024 10:54:36 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 logo.png
epfo-login.pages.dev/ 8 KB
0 0ms
0ms Other
image/png 172.66.44.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://epfo-login.pages.dev/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3543b78480eed68754c1140b8db809f23ece461c06c212d89d6aa70c24e7bb6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

etag: "315639203a3ebfb0f891ab41f0a84639"
x-permitted-cross-domain-policies: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j38hRnN898Q9hhm17QeTX3P89EHno5CboMwIlA3NFldEs2TqMtUPYX%2FZv7y4Fko7UcaBvwxcoOf1vtUZzgpTFj%2BB0fmtRnVuz8ld8JinU0iNGgKdVgPDB%2Bk8DMefv8phLI8vDgDm0g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6804&sent=21&recv=15&lost=0&retrans=0&sent_bytes=14107&recv_bytes=5040&delivery_rate=374031&cwnd=12000&unsent_bytes=0&cid=2c916c5799432c9c&ts=113&x=1", cfHdrFlush;dur=0
date: Wed, 30 Oct 2024 10:54:36 GMT
content-type: image/png
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
cf-ray: 8daade437a09dc56-FRA
access-control-allow-origin: *
content-length: 7781
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 63ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 10:54:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 10:54:36 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame AF87 0
0 26ms
7ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 10:12:43 GMT
expires: Wed, 30 Oct 2024 11:02:43 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241024&jk=1640662722578474&bg=!JySlJGvNAAZ-RxQpXkc7ADQBe5WfOGxhG19PPES8kjitinRL-PSpjoLju06Uugi7_KxPuGEerDzX3_QjoD-_y1gbVsS3AgAAAC9SAAAAAWgBB34ANo61IeedF_H76rMsj1-QvtaYYva-uhzVKgCoYIVxWVWLrg7l_eBmF0hlYT64iExTGQQWq9dKjpkCl4mgyPFpTGC9LPONAK4LPnf_k8P14IUEJmH7Z0pPjXSdze6PHGp9goR3sK6KkSvZo3d_0MRpsxQS68yaFdTdNtB53MSalgTUxr1p-35rop6zOgA5Nlrj4H7fqqwI7y2cfalHYlSyhrf7_pQcH0xiNyRNVA4o1MxtJ4pK2VbVA_aZvbwRNVeF9jXDtb0MLzJZi8gUlFGsnZH4kKNk19DKOivCoC082IDCfpb97Wa6Mchjwx6zijA4CHdiRZc_GsxZLq3oyoMIAe7je8uRRXdiWRVj7DcF4-zZ4m_pmp42dfa70l4L8OkwbnYW4MoWwgusQdnYdOYIsdrppH8QvFnHCkHY82zeMpAv_TC_On66ii6ikwumOwY1b4fi4YPKU0L12OtWVhlwq66iaie2_8kFQbr_n_iUNzRDVNvnUOQDwMXCc9Vn2fEBtr5C0EdYTbC7VrWsLjXyUYbb7YE0cO10Y82D2m00beyfwCE3JdIm_NQE183loDED35sWAztiK1cyNgolyKwhOsB03d0_HjBZcdtpNWTAtPx3GaOlZ1dHHa-s2jdA5_rgrSTtom4pGexB9ua3-vddykZkULdj9gD4rUv1S_Mcc5AWL-rIW3KNAtnkN63W8T4O2ZNTilV74ci4THQ-89tAzdoTcTL1B1gEYuhcqq-DsIxLTUbiXrhVDu_nx5lh6lINp5ywpOR8Qpt4BKbiFsL4nCb6wdSJkQfRKfbyg-DjARFCI4LRu7bleNChgjJKn9McTJm_muunUD4uDhKnX0uDmCeUUpxVXmnniVJ1JZu9nhOE-B8_cbU_-a97WAUwWtmC2ymwZY1DBzMUySqkav39jVSDojw5RydHyoxGEf4BJhaHNveFL3bjw9X4525BLhM6eg

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.digivill.in
ep1.adtrafficquality.google
ep2.adtrafficquality.google
epfo-login.pages.dev
pagead2.googlesyndication.com
static.digivill.in
ep1.adtrafficquality.google
142.250.185.98
172.66.44.106
172.67.166.76
216.58.206.34
2606:4700:3034::6815:2ad2
2a00:1450:4001:806::2001
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
057701289a26e8087a2401ddfa578b75a56583487f63c8a093b6385a4fa008ab
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3543b78480eed68754c1140b8db809f23ece461c06c212d89d6aa70c24e7bb6d
3bec0dd7f060a030e5b5d0d5a6a8d426c9e1c309d9411cfcc831d89fa07e630a
8686efa2b1d06ffc1d9413101ce52ecf53ea700c72c4510f5ecaf153d2e6f144
8835210930135857f6cdfd2e4a725f86c6a059e202021b2efc11f68ade5f8286
920710ff714a0505e49b095d6a998c10d1d70c999339740213cef04d91c9ccd8
ac3ed0d72e1913364604a55eac31e0089e908c2241a665574f958010ae579685
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83e5ee9e4ffcf1a81e687861e0188b177686e18099151eda0a2b78945cf6778
fd630b111b09c32774db454290055543747a96c717b18ba8018e2f740a24e1a3
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

epfo-login.pages.dev Open in urlscan Pro 172.66.44.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

94 %HTTPS

33 %IPv6

4 Domains

6 Subdomains

7 IPs

2 Countries

391 kBTransfer

827 kBSize

0 Cookies

23 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

epfo-login.pages.dev Open in urlscan Pro
172.66.44.106 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

94 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

7
IPs

2
Countries

391 kB
Transfer

827 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions