urlscan.io logo urlscan.io
SecurityTrails logo

5507a700-b3fc-4dea-b91d-64023563b94e.filesusr.com Open in urlscan Pro
34.102.176.152  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://c.boxtype.co.uk/messages/63c34935-aabd-42e6-8f93-6d61462c7cd6/redirect?url=https%3A%2F%2F5507a700-b3fc-4dea-b91d...
Effective URL: https://5507a700-b3fc-4dea-b91d-64023563b94e.filesusr.com/ugd/e9d298_8ed3f3c34c474a88b4d72a68b56bd390.pdf
Submission: On September 28 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 3 domains to perform 1 HTTP transactions. The main IP is 34.102.176.152, located in United States and belongs to GOOGLE, US. The main domain is 5507a700-b3fc-4dea-b91d-64023563b94e.filesusr.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 28th 2020. Valid for: 6 months.
This is the only time 5507a700-b3fc-4dea-b91d-64023563b94e.filesusr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 107.21.11.91 14618 (AMAZON-AES)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 34.102.176.152 15169 (GOOGLE)
1 1
Apex Domain
Subdomains		 Transfer
1 filesusr.com
5507a700-b3fc-4dea-b91d-64023563b94e.filesusr.com
1 prospect.io
app.prospect.io
782 B
1 boxtype.co.uk
c.boxtype.co.uk
426 B
1 3
Domain Requested by
1 5507a700-b3fc-4dea-b91d-64023563b94e.filesusr.com
1 app.prospect.io 1 redirects
1 c.boxtype.co.uk 1 redirects
1 3

This site contains no links.

Subject Issuer Validity Valid
*.filesusr.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-28 -
2020-11-24		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://5507a700-b3fc-4dea-b91d-64023563b94e.filesusr.com/ugd/e9d298_8ed3f3c34c474a88b4d72a68b56bd390.pdf
Frame ID: 4EC794BF5D049D3BE14D540DF6F7A2EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i

Page Statistics

1
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

1
IPs

1
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request e9d298_8ed3f3c34c474a88b4d72a68b56bd390.pdf
5507a700-b3fc-4dea-b91d-64023563b94e.filesusr.com/ugd/
Redirect Chain
  • http://c.boxtype.co.uk/messages/63c34935-aabd-42e6-8f93-6d61462c7cd6/redirect?url=https%3A%2F%2F5507a700-b3fc-4dea-b91d-64023563b94e.filesusr.com%2Fugd%2Fe9d298_8ed3f3c34c474a88b4d72a68b56bd390.pdf...
  • https://app.prospect.io/messages/63c34935-aabd-42e6-8f93-6d61462c7cd6/redirect?url=https%3A%2F%2F5507a700-b3fc-4dea-b91d-64023563b94e.filesusr.com%2Fugd%2Fe9d298_8ed3f3c34c474a88b4d72a68b56bd390.pd...
  • https://5507a700-b3fc-4dea-b91d-64023563b94e.filesusr.com/ugd/e9d298_8ed3f3c34c474a88b4d72a68b56bd390.pdf
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5507a700-b3fc-4dea-b91d-64023563b94e.filesusr.com/ugd/e9d298_8ed3f3c34c474a88b4d72a68b56bd390.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

:method
GET
:authority
5507a700-b3fc-4dea-b91d-64023563b94e.filesusr.com
:scheme
https
:path
/ugd/e9d298_8ed3f3c34c474a88b4d72a68b56bd390.pdf
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
openresty/1.17.8.2
date
Mon, 28 Sep 2020 07:19:28 GMT
content-type
application/pdf
content-length
953950
x-guploader-uploadid
ABg5-Uyd0R-ARmBdPLRSnu9JOmlX1ZYH1YnlQ8pqhTl7n8lDf9J1jfh5yv_RKAzi0rrVRaz7AAj5LkinFJTOeUdpIDxe4OwDbg
expires
Mon, 28 Sep 2020 08:06:05 GMT
last-modified
Sun, 06 Sep 2020 16:37:43 GMT
etag
"5e32aca8d0a67d1afda2bb0f41dd793e"
x-goog-generation
1599410263265010
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
953950
x-goog-meta-origin
wmp-up
x-goog-hash
crc32c=9G/YAw== md5=XjKsqNCmfRr9orsPQd15Pg==
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
Content-Length
age
4908
timing-allow-origin
*
x-seen-by
gcp.us-central-1.media-router-58b7d5f54f-v7xdt
x-robots-tag
noindex, nofollow
via
1.1 google
cache-control
public, max-age=15552000, immutable
alt-svc
clear

Redirect headers

status
302
date
Mon, 28 Sep 2020 08:41:16 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d0ab6f410fe0c5c45fa85b24bb8f59d581601282475; expires=Wed, 28-Oct-20 08:41:15 GMT; path=/; domain=.prospect.io; HttpOnly; SameSite=Lax prospectio_f838dd71-32cf-47c3-80ba-afe2f1c7e0d2=63c34935-aabd-42e6-8f93-6d61462c7cd6; path=/; expires=Tue, 28 Sep 2021 08:41:16 GMT; secure; HttpOnly; SameSite=None
location
https://5507a700-b3fc-4dea-b91d-64023563b94e.filesusr.com/ugd/e9d298_8ed3f3c34c474a88b4d72a68b56bd390.pdf
cache-control
no-cache
x-request-id
cf849f42-add3-4296-ac12-adb336975714
x-runtime
0.047952
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
via
1.1 vegur
cf-cache-status
DYNAMIC
cf-request-id
0575789e420000d721a7067200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5d9c2a106ee0d721-FRA

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5507a700-b3fc-4dea-b91d-64023563b94e.filesusr.com
app.prospect.io
c.boxtype.co.uk
107.21.11.91
2606:4700:20::681a:a58
34.102.176.152