| s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 | 54.83.101.48 | 200 OK | 2.8 kB |
URL User Request GET HTTP/2s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 IP54.83.101.48:443
CertificateIssuerLet's Encrypt Subject*.edoctransfer.com Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (314), with CRLF, LF line terminators Hashaf03d463357e1aaa0abeaf489982084f 5e20383554762edfb1e8d1637b262fad8c2c2f82 f3b48b98f4bbbb7afacbee6334a741a531c3d4dd0667acad539d8fcffbd4aeb2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Google | OpenPhish | phishing | Google Inc. |
GET /107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: http://landing.phishme.com
cache-control: no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: W/"f3b48b98f4bbbb7afacbee6334a741a5-gzip"
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: Apache
set-cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb; path=/; HttpOnly
status: 200 OK
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen, noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 787dd787-aefc-469c-9796-d061fc06ed5c
x-runtime: 0.045881
x-xss-protection: 1; mode=block
content-length: 2810
X-Firefox-Spdy: h2
|
|
| s.edoctransfer.com/system/content_files/uploads/26b/ad3/4b-/original/content-data-entry-boilerplate.min.css | 54.83.101.48 | 200 OK | 3.3 kB |
URL GET HTTP/2s.edoctransfer.com/system/content_files/uploads/26b/ad3/4b-/original/content-data-entry-boilerplate.min.css IP54.83.101.48:443
Requested byhttps://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 CertificateIssuerLet's Encrypt Subject*.edoctransfer.com Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT
File typeASCII text, with very long lines (18290), with no line terminators Hashcde1906f54d9ea8c69be1488fad61743 bc35ba9b37e3e293ef57036210f5a71ac0e7001b 51829c6361406bbe6bbc441e575d760fb1ee39891a7729878b7d3304d4c1399c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Google |
GET /system/content_files/uploads/26b/ad3/4b-/original/content-data-entry-boilerplate.min.css HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-encoding: gzip
content-type: text/css
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "4772-5dfc2cb005780-gzip"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Tue, 24 May 2022 14:30:06 GMT
server: Apache
vary: Accept-Encoding
x-download-options: noopen
content-length: 3341
X-Firefox-Spdy: h2
|
|
| s.edoctransfer.com/system/content_files/uploads/ebf/645/b2-/original/google-landing-styles.css | 54.83.101.48 | 200 OK | 1.7 kB |
URL GET HTTP/2s.edoctransfer.com/system/content_files/uploads/ebf/645/b2-/original/google-landing-styles.css IP54.83.101.48:443
Requested byhttps://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 CertificateIssuerLet's Encrypt Subject*.edoctransfer.com Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT
Hash8b9bb6e63352aae173f9745728d3dfef f24f4eca03885b07531093e1881de275dbe188a8 f3950399539e973776f35e7de8bbbdfce97c3abc04f7540e5a1b00e99c60d299
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Google |
GET /system/content_files/uploads/ebf/645/b2-/original/google-landing-styles.css HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-encoding: gzip
content-type: text/css
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "166f-609930ac83780-gzip"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Tue, 07 Nov 2023 17:10:06 GMT
server: Apache
vary: Accept-Encoding
x-download-options: noopen
content-length: 1650
X-Firefox-Spdy: h2
|
|
| s.edoctransfer.com/system/content_images/uploads/467/f6c/c5-/original/error-icon-red.png | 54.83.101.48 | 200 OK | 432 B |
URL GET HTTP/2s.edoctransfer.com/system/content_images/uploads/467/f6c/c5-/original/error-icon-red.png IP54.83.101.48:443
Requested byhttps://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 CertificateIssuerLet's Encrypt Subject*.edoctransfer.com Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT
File typePNG image data, 20 x 21, 8-bit/color RGBA, non-interlaced Hash7b4d8b0e01b708b992024d55f2861e0d e7114c2c0e68ff95ace0fd7d7a722cdb38407b98 10f568950e3e99ea5d5ef4ab7d0c08bc2c9b1cf62e7a5d767e2227ecce2a1343
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Google |
GET /system/content_images/uploads/467/f6c/c5-/original/error-icon-red.png HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-type: image/png
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "1b0-5fe9f935aa640"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Wed, 21 Jun 2023 08:30:09 GMT
server: Apache
x-download-options: noopen
content-length: 432
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-126808791-4 | 142.250.74.168 | 200 OK | 74 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-126808791-4 IP142.250.74.168:443
Requested byhttps://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash99b512655402e2a87d2dfb8776fe32bd eb4e2480800780a692ae9cdf4b588cb5f514a246 2563d723a07d9a36f134894b309a4f376ffc1793bf6032173e2968e829129420
GET /gtag/js?id=UA-126808791-4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 18:05:45 GMT
expires: Tue, 16 Apr 2024 18:05:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73549
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| s.edoctransfer.com/system/content_images/uploads/681/235/99-/original/user-icon-grey.png | 54.83.101.48 | 200 OK | 460 B |
URL GET HTTP/2s.edoctransfer.com/system/content_images/uploads/681/235/99-/original/user-icon-grey.png IP54.83.101.48:443
Requested byhttps://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 CertificateIssuerLet's Encrypt Subject*.edoctransfer.com Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT
File typePNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced Hash1529e55c8eea07a47df274938c798dc8 bf8427d0fac980aadd0a111fcddb6412fbcf5ddc 118b17a5c8752bb05843e47c7175ca28b2ae6598cb672d1ff8128581334a8010
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Google |
GET /system/content_images/uploads/681/235/99-/original/user-icon-grey.png HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-type: image/png
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "1cc-5fe9f9369e880"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Wed, 21 Jun 2023 08:30:10 GMT
server: Apache
x-download-options: noopen
content-length: 460
X-Firefox-Spdy: h2
|
|
| s.edoctransfer.com/system/content_images/uploads/ad1/eb2/33-/original/google-logo.png | 54.83.101.48 | 200 OK | 57 kB |
URL GET HTTP/2s.edoctransfer.com/system/content_images/uploads/ad1/eb2/33-/original/google-logo.png IP54.83.101.48:443
Requested byhttps://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 CertificateIssuerLet's Encrypt Subject*.edoctransfer.com Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT
File typePNG image data, 800 x 264, 8-bit/color RGBA, non-interlaced Hashe22d6119fcfcaeea73849c3d5030e322 16d2a58464d9cf2b450baca871ef23e8ede6d3f4 627f1e0ebd79c4e01024265d14af515961a8533e04d98a0f4f86e1d66e20d83f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Google |
GET /system/content_images/uploads/ad1/eb2/33-/original/google-logo.png HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-type: image/png
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "dd43-6097838af4500"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Mon, 06 Nov 2023 09:10:12 GMT
server: Apache
x-download-options: noopen
content-length: 56643
X-Firefox-Spdy: h2
|
|
| s.edoctransfer.com/system/content_files/uploads/8f2/ed2/42-/original/static-education-l10n.min.js | 54.83.101.48 | 200 OK | 2.0 kB |
URL GET HTTP/2s.edoctransfer.com/system/content_files/uploads/8f2/ed2/42-/original/static-education-l10n.min.js IP54.83.101.48:443
Requested byhttps://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 CertificateIssuerLet's Encrypt Subject*.edoctransfer.com Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT
File typeJavaScript source, ASCII text, with very long lines (6328), with no line terminators Hash91fcc38fe563880842e269d2b7647b8b dc5d692fa7dc75b8a4bbcf0732d0978b3890e0c0 648d18f8adcfba7d26b20c51328a2d13dcabb8465d673073cefe45735c80bda3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Google |
GET /system/content_files/uploads/8f2/ed2/42-/original/static-education-l10n.min.js HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-encoding: gzip
content-type: application/javascript
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "18b8-5df59999f7180-gzip"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Thu, 19 May 2022 09:00:06 GMT
server: Apache
vary: Accept-Encoding
x-download-options: noopen
content-length: 1960
X-Firefox-Spdy: h2
|
|
| s.edoctransfer.com/system/content_files/uploads/5b8/ee7/1e-/original/jquery-latest.min.js | 54.83.101.48 | 200 OK | 31 kB |
URL GET HTTP/2s.edoctransfer.com/system/content_files/uploads/5b8/ee7/1e-/original/jquery-latest.min.js IP54.83.101.48:443
Requested byhttps://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 CertificateIssuerLet's Encrypt Subject*.edoctransfer.com Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Google |
GET /system/content_files/uploads/5b8/ee7/1e-/original/jquery-latest.min.js HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-encoding: gzip
content-type: application/javascript
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "15851-587fdd810ab40-gzip"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Fri, 03 May 2019 16:00:05 GMT
server: Apache
vary: Accept-Encoding
x-download-options: noopen
content-length: 30677
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;700&display=swap | 216.58.207.234 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;700&display=swap IP216.58.207.234:443
Requested byhttps://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hashd699de7b98a9afc7db449b2d9bca6533 2e41f2b6e7bc96ed864edaf8a098fe02811bfceb 6bcdcffbd10a774066cccc2b49adc8034184bf0ab6c869162225160ee201b948
GET /css2?family=Inter:wght@100;200;300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.edoctransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 18:05:45 GMT
date: Tue, 16 Apr 2024 18:05:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| s.edoctransfer.com/system/content_files/uploads/dae/552/5f-/original/content-data-entry-boilerplate.js | 54.83.101.48 | 200 OK | 18 kB |
URL GET HTTP/2s.edoctransfer.com/system/content_files/uploads/dae/552/5f-/original/content-data-entry-boilerplate.js IP54.83.101.48:443
Requested byhttps://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 CertificateIssuerLet's Encrypt Subject*.edoctransfer.com Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash2e1aa7374d39fa64778859b1a8cbfbfe e0d91c61c4dd9ae3ca8fb085c53ae15b9eca7968 ec180d2bc1f49cde05d2dd6db4270f5cba1b7011a4b351c3c796bed587ef55b6
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Google |
GET /system/content_files/uploads/dae/552/5f-/original/content-data-entry-boilerplate.js HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-encoding: gzip
content-type: application/javascript
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "150e9-5de403f6dffc0-gzip"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Thu, 05 May 2022 09:20:07 GMT
server: Apache
vary: Accept-Encoding
x-download-options: noopen
content-length: 17552
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-JPRZ9JVKLJ&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 89 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-JPRZ9JVKLJ&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash800b7da7d72b286d939d18e634e37136 28c3015c69a4c54aa9b41bc5aac102eb5a3fbd8b af236a3f92ffe99777bde57b437ea65442f04ed8940f08f2038067df42abb3ea
GET /gtag/js?id=G-JPRZ9JVKLJ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 18:05:45 GMT
expires: Tue, 16 Apr 2024 18:05:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88747
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://s.edoctransfer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 36074
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 142.250.74.163 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP142.250.74.163:443
Requested byhttps://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://s.edoctransfer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:18:14 GMT
expires: Wed, 16 Apr 2025 00:18:14 GMT
cache-control: public, max-age=31536000
age: 64052
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| s.edoctransfer.com/system/content_images/uploads/d01/f25/f3-/original/google-favicon.png | 54.83.101.48 | 200 OK | 4.2 kB |
URL GET HTTP/2s.edoctransfer.com/system/content_images/uploads/d01/f25/f3-/original/google-favicon.png IP54.83.101.48:443
Requested byhttps://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 CertificateIssuerLet's Encrypt Subject*.edoctransfer.com Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash60f263c57bd740ec50a647f810859d84 775217018cd2dd8f7c1e06a88c7bf901b5481a9d f1de4abc89f238f322f5ea6a02ea5cf53b313b145f673dccd97f1b3bd32ee039
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Google |
GET /system/content_images/uploads/d01/f25/f3-/original/google-favicon.png HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-type: image/png
date: Tue, 16 Apr 2024 18:05:46 GMT
etag: "1076-6097ea5d51b40"
expires: Tue, 16 Apr 2024 18:05:46 GMT
last-modified: Mon, 06 Nov 2023 16:50:13 GMT
server: Apache
x-download-options: noopen
content-length: 4214
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&display=swap | 216.58.207.234 | 200 OK | 18 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&display=swap IP216.58.207.234:443
Requested byhttps://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1572) Hashd2dd1deb9963732cbe8fac1d9d411236 c0cbc113b02c64dda61a6aed2532aa8243cd7c03 3797b52b6841f7f9ff3b749dde37e768c622bd2fcd0b32c0dd94409652f85e25
GET /css2?family=Open+Sans:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.edoctransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 18:05:45 GMT
date: Tue, 16 Apr 2024 18:05:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|