Report - s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58

Report Overview

Submitted URL
s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
IP
100.24.100.138
ASN
#14618 AMAZON-AES
Submitted
2024-04-16 18:06:10
Access
public
Website Title
Sign in - Google Accounts
Final URL
s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Tags
google
urlquery detections
Phishing - Google

Detections

urlquery
11
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
s.edoctransfer.com	unknown	2009-03-25	2022-06-09	2023-10-15	6.0 kB	124 kB	54.83.101.48
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-16	883 B	164 kB	142.250.74.168
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-16	932 B	20 kB	216.58.207.234
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-16	1.1 kB	97 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58	Google Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58	0 B	2023-03-07	2024-04-29
Pretty URL s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 IP 54.83.101.48 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-29 23:56:49 Times Seen37193137 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58	0 B	2023-03-07	2024-04-29
Pretty URL s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 IP 54.83.101.48 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-29 23:56:49 Times Seen37193137 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=UA-126808791-4	204 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=UA-126808791-4 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 20:06:11 Last Seen2024-04-16 20:06:12 Times Seen2 Hash 99b512655402e2a87d2dfb8776fe32bd eb4e2480800780a692ae9cdf4b588cb5f514a246 2563d723a07d9a36f134894b309a4f376ffc1793bf6032173e2968e829129420 Loading...

	s.edoctransfer.com/system/content_files/uploads/5b8/ee7/1e-/original/jquery-latest.min.js	88 kB	2023-03-07	2024-04-29
Pretty URL s.edoctransfer.com/system/content_files/uploads/5b8/ee7/1e-/original/jquery-latest.min.js IP 54.83.101.48 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-29 23:51:25 Times Seen96105 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-29
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-29 23:56:02 Times Seen342759 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	s.edoctransfer.com/system/content_files/uploads/dae/552/5f-/original/content-data-entry-boilerplate.js	86 kB	2023-03-08	2024-04-24
Pretty URL s.edoctransfer.com/system/content_files/uploads/dae/552/5f-/original/content-data-entry-boilerplate.js IP 54.83.101.48 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:38:21 Last Seen2024-04-24 17:38:02 Times Seen447 Hash 2e1aa7374d39fa64778859b1a8cbfbfe e0d91c61c4dd9ae3ca8fb085c53ae15b9eca7968 ec180d2bc1f49cde05d2dd6db4270f5cba1b7011a4b351c3c796bed587ef55b6 Loading...

	s.edoctransfer.com/system/content_files/uploads/8f2/ed2/42-/original/static-education-l10n.min.js	6.3 kB	2023-03-08	2024-04-24
Pretty URL s.edoctransfer.com/system/content_files/uploads/8f2/ed2/42-/original/static-education-l10n.min.js IP 54.83.101.48 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:38:21 Last Seen2024-04-24 17:38:02 Times Seen451 Hash 91fcc38fe563880842e269d2b7647b8b dc5d692fa7dc75b8a4bbcf0732d0978b3890e0c0 648d18f8adcfba7d26b20c51328a2d13dcabb8465d673073cefe45735c80bda3 Loading...

	www.googletagmanager.com/gtag/js?id=G-JPRZ9JVKLJ&l=dataLayer&cx=c	251 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=G-JPRZ9JVKLJ&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 20:06:11 Last Seen2024-04-16 20:06:12 Times Seen2 Hash 800b7da7d72b286d939d18e634e37136 28c3015c69a4c54aa9b41bc5aac102eb5a3fbd8b af236a3f92ffe99777bde57b437ea65442f04ed8940f08f2038067df42abb3ea Loading...

	s.edoctransfer.com/107519/4929dd/sandbox%20eval%20code	147 B	2023-04-11	2024-04-29
Pretty URL s.edoctransfer.com/107519/4929dd/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-29 23:56:02 Times Seen343260 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58	0 B	2023-03-07	2024-04-29
Pretty URL s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 IP 54.83.101.48 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-29 23:56:49 Times Seen37193137 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (16)

URL IP Response Size

s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58

54.83.101.48

200 OK

2.8 kB

URL User Request GET HTTP/2
s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
IP
54.83.101.48:443
ASN
#14618 AMAZON-AES

Certificate
IssuerLet's Encrypt
Subject*.edoctransfer.com
Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB
ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (314), with CRLF, LF line terminators
Size
2.8 kB (2810 bytes)
Hash
af03d463357e1aaa0abeaf489982084f
5e20383554762edfb1e8d1637b262fad8c2c2f82
f3b48b98f4bbbb7afacbee6334a741a531c3d4dd0667acad539d8fcffbd4aeb2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google
OpenPhish	phishing	Google Inc.

HTTP Headers

GET /107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58 HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: http://landing.phishme.com
cache-control: no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: W/"f3b48b98f4bbbb7afacbee6334a741a5-gzip"
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: Apache
set-cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb; path=/; HttpOnly
status: 200 OK
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen, noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 787dd787-aefc-469c-9796-d061fc06ed5c
x-runtime: 0.045881
x-xss-protection: 1; mode=block
content-length: 2810
X-Firefox-Spdy: h2

s.edoctransfer.com/system/content_files/uploads/26b/ad3/4b-/original/content-data-entry-boilerplate.min.css

54.83.101.48

200 OK

3.3 kB

URL GET HTTP/2
s.edoctransfer.com/system/content_files/uploads/26b/ad3/4b-/original/content-data-entry-boilerplate.min.css
IP
54.83.101.48:443
ASN
#14618 AMAZON-AES

Requested by
https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Certificate
IssuerLet's Encrypt
Subject*.edoctransfer.com
Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB
ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT

File type
ASCII text, with very long lines (18290), with no line terminators
Size
3.3 kB (3341 bytes)
Hash
cde1906f54d9ea8c69be1488fad61743
bc35ba9b37e3e293ef57036210f5a71ac0e7001b
51829c6361406bbe6bbc441e575d760fb1ee39891a7729878b7d3304d4c1399c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google

HTTP Headers

GET /system/content_files/uploads/26b/ad3/4b-/original/content-data-entry-boilerplate.min.css HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-encoding: gzip
content-type: text/css
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "4772-5dfc2cb005780-gzip"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Tue, 24 May 2022 14:30:06 GMT
server: Apache
vary: Accept-Encoding
x-download-options: noopen
content-length: 3341
X-Firefox-Spdy: h2

s.edoctransfer.com/system/content_files/uploads/ebf/645/b2-/original/google-landing-styles.css

54.83.101.48

200 OK

1.7 kB

URL GET HTTP/2
s.edoctransfer.com/system/content_files/uploads/ebf/645/b2-/original/google-landing-styles.css
IP
54.83.101.48:443
ASN
#14618 AMAZON-AES

Requested by
https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Certificate
IssuerLet's Encrypt
Subject*.edoctransfer.com
Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB
ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT

File type
ASCII text
Size
1.7 kB (1650 bytes)
Hash
8b9bb6e63352aae173f9745728d3dfef
f24f4eca03885b07531093e1881de275dbe188a8
f3950399539e973776f35e7de8bbbdfce97c3abc04f7540e5a1b00e99c60d299

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google

HTTP Headers

GET /system/content_files/uploads/ebf/645/b2-/original/google-landing-styles.css HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-encoding: gzip
content-type: text/css
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "166f-609930ac83780-gzip"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Tue, 07 Nov 2023 17:10:06 GMT
server: Apache
vary: Accept-Encoding
x-download-options: noopen
content-length: 1650
X-Firefox-Spdy: h2

s.edoctransfer.com/system/content_images/uploads/467/f6c/c5-/original/error-icon-red.png

54.83.101.48

200 OK

432 B

URL GET HTTP/2
s.edoctransfer.com/system/content_images/uploads/467/f6c/c5-/original/error-icon-red.png
IP
54.83.101.48:443
ASN
#14618 AMAZON-AES

Requested by
https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Certificate
IssuerLet's Encrypt
Subject*.edoctransfer.com
Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB
ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT

File type
PNG image data, 20 x 21, 8-bit/color RGBA, non-interlaced
Size
432 B (432 bytes)
Hash
7b4d8b0e01b708b992024d55f2861e0d
e7114c2c0e68ff95ace0fd7d7a722cdb38407b98
10f568950e3e99ea5d5ef4ab7d0c08bc2c9b1cf62e7a5d767e2227ecce2a1343

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google

HTTP Headers

GET /system/content_images/uploads/467/f6c/c5-/original/error-icon-red.png HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-type: image/png
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "1b0-5fe9f935aa640"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Wed, 21 Jun 2023 08:30:09 GMT
server: Apache
x-download-options: noopen
content-length: 432
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-126808791-4

142.250.74.168

200 OK

74 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-126808791-4
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
74 kB (73549 bytes)
Hash
99b512655402e2a87d2dfb8776fe32bd
eb4e2480800780a692ae9cdf4b588cb5f514a246
2563d723a07d9a36f134894b309a4f376ffc1793bf6032173e2968e829129420

HTTP Headers

GET /gtag/js?id=UA-126808791-4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 18:05:45 GMT
expires: Tue, 16 Apr 2024 18:05:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73549
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s.edoctransfer.com/system/content_images/uploads/681/235/99-/original/user-icon-grey.png

54.83.101.48

200 OK

460 B

URL GET HTTP/2
s.edoctransfer.com/system/content_images/uploads/681/235/99-/original/user-icon-grey.png
IP
54.83.101.48:443
ASN
#14618 AMAZON-AES

Requested by
https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Certificate
IssuerLet's Encrypt
Subject*.edoctransfer.com
Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB
ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
460 B (460 bytes)
Hash
1529e55c8eea07a47df274938c798dc8
bf8427d0fac980aadd0a111fcddb6412fbcf5ddc
118b17a5c8752bb05843e47c7175ca28b2ae6598cb672d1ff8128581334a8010

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google

HTTP Headers

GET /system/content_images/uploads/681/235/99-/original/user-icon-grey.png HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-type: image/png
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "1cc-5fe9f9369e880"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Wed, 21 Jun 2023 08:30:10 GMT
server: Apache
x-download-options: noopen
content-length: 460
X-Firefox-Spdy: h2

s.edoctransfer.com/system/content_images/uploads/ad1/eb2/33-/original/google-logo.png

54.83.101.48

200 OK

57 kB

URL GET HTTP/2
s.edoctransfer.com/system/content_images/uploads/ad1/eb2/33-/original/google-logo.png
IP
54.83.101.48:443
ASN
#14618 AMAZON-AES

Requested by
https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Certificate
IssuerLet's Encrypt
Subject*.edoctransfer.com
Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB
ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT

File type
PNG image data, 800 x 264, 8-bit/color RGBA, non-interlaced
Size
57 kB (56643 bytes)
Hash
e22d6119fcfcaeea73849c3d5030e322
16d2a58464d9cf2b450baca871ef23e8ede6d3f4
627f1e0ebd79c4e01024265d14af515961a8533e04d98a0f4f86e1d66e20d83f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google

HTTP Headers

GET /system/content_images/uploads/ad1/eb2/33-/original/google-logo.png HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-type: image/png
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "dd43-6097838af4500"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Mon, 06 Nov 2023 09:10:12 GMT
server: Apache
x-download-options: noopen
content-length: 56643
X-Firefox-Spdy: h2

s.edoctransfer.com/system/content_files/uploads/8f2/ed2/42-/original/static-education-l10n.min.js

54.83.101.48

200 OK

2.0 kB

URL GET HTTP/2
s.edoctransfer.com/system/content_files/uploads/8f2/ed2/42-/original/static-education-l10n.min.js
IP
54.83.101.48:443
ASN
#14618 AMAZON-AES

Requested by
https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Certificate
IssuerLet's Encrypt
Subject*.edoctransfer.com
Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB
ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT

File type
JavaScript source, ASCII text, with very long lines (6328), with no line terminators
Size
2.0 kB (1960 bytes)
Hash
91fcc38fe563880842e269d2b7647b8b
dc5d692fa7dc75b8a4bbcf0732d0978b3890e0c0
648d18f8adcfba7d26b20c51328a2d13dcabb8465d673073cefe45735c80bda3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google

HTTP Headers

GET /system/content_files/uploads/8f2/ed2/42-/original/static-education-l10n.min.js HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-encoding: gzip
content-type: application/javascript
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "18b8-5df59999f7180-gzip"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Thu, 19 May 2022 09:00:06 GMT
server: Apache
vary: Accept-Encoding
x-download-options: noopen
content-length: 1960
X-Firefox-Spdy: h2

s.edoctransfer.com/system/content_files/uploads/5b8/ee7/1e-/original/jquery-latest.min.js

54.83.101.48

200 OK

31 kB

URL GET HTTP/2
s.edoctransfer.com/system/content_files/uploads/5b8/ee7/1e-/original/jquery-latest.min.js
IP
54.83.101.48:443
ASN
#14618 AMAZON-AES

Requested by
https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Certificate
IssuerLet's Encrypt
Subject*.edoctransfer.com
Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB
ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30677 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google

HTTP Headers

GET /system/content_files/uploads/5b8/ee7/1e-/original/jquery-latest.min.js HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-encoding: gzip
content-type: application/javascript
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "15851-587fdd810ab40-gzip"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Fri, 03 May 2019 16:00:05 GMT
server: Apache
vary: Accept-Encoding
x-download-options: noopen
content-length: 30677
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;700&display=swap

216.58.207.234

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;700&display=swap
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1230 bytes)
Hash
d699de7b98a9afc7db449b2d9bca6533
2e41f2b6e7bc96ed864edaf8a098fe02811bfceb
6bcdcffbd10a774066cccc2b49adc8034184bf0ab6c869162225160ee201b948

HTTP Headers

GET /css2?family=Inter:wght@100;200;300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.edoctransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 18:05:45 GMT
date: Tue, 16 Apr 2024 18:05:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s.edoctransfer.com/system/content_files/uploads/dae/552/5f-/original/content-data-entry-boilerplate.js

54.83.101.48

200 OK

18 kB

URL GET HTTP/2
s.edoctransfer.com/system/content_files/uploads/dae/552/5f-/original/content-data-entry-boilerplate.js
IP
54.83.101.48:443
ASN
#14618 AMAZON-AES

Requested by
https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Certificate
IssuerLet's Encrypt
Subject*.edoctransfer.com
Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB
ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
18 kB (17552 bytes)
Hash
2e1aa7374d39fa64778859b1a8cbfbfe
e0d91c61c4dd9ae3ca8fb085c53ae15b9eca7968
ec180d2bc1f49cde05d2dd6db4270f5cba1b7011a4b351c3c796bed587ef55b6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google

HTTP Headers

GET /system/content_files/uploads/dae/552/5f-/original/content-data-entry-boilerplate.js HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-encoding: gzip
content-type: application/javascript
date: Tue, 16 Apr 2024 18:05:45 GMT
etag: "150e9-5de403f6dffc0-gzip"
expires: Tue, 16 Apr 2024 18:05:45 GMT
last-modified: Thu, 05 May 2022 09:20:07 GMT
server: Apache
vary: Accept-Encoding
x-download-options: noopen
content-length: 17552
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-JPRZ9JVKLJ&l=dataLayer&cx=c

142.250.74.168

200 OK

89 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-JPRZ9JVKLJ&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
89 kB (88747 bytes)
Hash
800b7da7d72b286d939d18e634e37136
28c3015c69a4c54aa9b41bc5aac102eb5a3fbd8b
af236a3f92ffe99777bde57b437ea65442f04ed8940f08f2038067df42abb3ea

HTTP Headers

GET /gtag/js?id=G-JPRZ9JVKLJ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 18:05:45 GMT
expires: Tue, 16 Apr 2024 18:05:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88747
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://s.edoctransfer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 36074
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.163

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://s.edoctransfer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:18:14 GMT
expires: Wed, 16 Apr 2025 00:18:14 GMT
cache-control: public, max-age=31536000
age: 64052
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s.edoctransfer.com/system/content_images/uploads/d01/f25/f3-/original/google-favicon.png

54.83.101.48

200 OK

4.2 kB

URL GET HTTP/2
s.edoctransfer.com/system/content_images/uploads/d01/f25/f3-/original/google-favicon.png
IP
54.83.101.48:443
ASN
#14618 AMAZON-AES

Requested by
https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Certificate
IssuerLet's Encrypt
Subject*.edoctransfer.com
Fingerprint95:C3:38:B0:8C:A2:3C:56:F2:BF:27:74:87:E6:6D:3B:3B:F9:73:DB
ValiditySun, 18 Feb 2024 11:33:47 GMT - Sat, 18 May 2024 11:33:46 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
4.2 kB (4214 bytes)
Hash
60f263c57bd740ec50a647f810859d84
775217018cd2dd8f7c1e06a88c7bf901b5481a9d
f1de4abc89f238f322f5ea6a02ea5cf53b313b145f673dccd97f1b3bd32ee039

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google

HTTP Headers

GET /system/content_images/uploads/d01/f25/f3-/original/google-favicon.png HTTP/1.1
Host: s.edoctransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
DNT: 1
Connection: keep-alive
Cookie: _phishme.com_session_id=98c294ffad5d6b0359878ddf04c02bfb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: http://landing.phishme.com
cache-control: max-age=0
content-type: image/png
date: Tue, 16 Apr 2024 18:05:46 GMT
etag: "1076-6097ea5d51b40"
expires: Tue, 16 Apr 2024 18:05:46 GMT
last-modified: Mon, 06 Nov 2023 16:50:13 GMT
server: Apache
x-download-options: noopen
content-length: 4214
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&display=swap

216.58.207.234

200 OK

18 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&display=swap
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://s.edoctransfer.com/107519/4929dd/23faf432-7e64-441c-b7a0-f62d31000a58
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (1572)
Size
18 kB (17451 bytes)
Hash
d2dd1deb9963732cbe8fac1d9d411236
c0cbc113b02c64dda61a6aed2532aa8243cd7c03
3797b52b6841f7f9ff3b749dde37e768c622bd2fcd0b32c0dd94409652f85e25

HTTP Headers

GET /css2?family=Open+Sans:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.edoctransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 18:05:45 GMT
date: Tue, 16 Apr 2024 18:05:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML