urlscan.io logo urlscan.io
SecurityTrails logo

google.open.pdf.ep-stock.com Open in urlscan Pro
85.17.175.148  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://google.open.pdf.ep-stock.com/
Effective URL: http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
Submission: On May 17 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 85.17.175.148, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is google.open.pdf.ep-stock.com.
This is the only time google.open.pdf.ep-stock.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

IP Address AS Autonomous System
2 3 85.17.175.148 60781 (LEASEWEB-...)
1 172.217.22.3 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 8
3    85.17.175.148 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: host011.traiddns.net
google.open.pdf.ep-stock.com
1    172.217.22.3 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f3.1e100.net
www.gstatic.com
1    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ssl.gstatic.com
3    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ssl.gstatic.com
2    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
accounts.youtube.com
1    2a00:1450:4001:818::2005 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
mail.google.com
Domain Requested by
4 ssl.gstatic.com google.open.pdf.ep-stock.com
3 google.open.pdf.ep-stock.com 2 redirects
2 fonts.gstatic.com google.open.pdf.ep-stock.com
1 mail.google.com
1 accounts.youtube.com google.open.pdf.ep-stock.com
1 www.gstatic.com google.open.pdf.ep-stock.com
10 6

This site contains links to these domains. Also see Links.

Domain
accounts.google.com
support.google.com
www.google.com
Subject Issuer Validity Valid
*.google.com
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh
mail.google.com
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
Frame ID: 9FADFC5D916A332F703B2A6BBADFC61C
Requests: 10 HTTP requests in this frame

Frame: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=634529416&timestamp=1558108993611
Frame ID: E1FF58FFC5D8B3DC5C85D479AB0385CF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://google.open.pdf.ep-stock.com/ HTTP 302
    http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406 HTTP 301
    http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

10
Requests

60 %
HTTPS

71 %
IPv6

4
Domains

6
Subdomains

8
IPs

3
Countries

194 kB
Transfer

192 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://google.open.pdf.ep-stock.com/ HTTP 302
    http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406 HTTP 301
    http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
Redirect Chain
  • http://google.open.pdf.ep-stock.com/
  • http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406
  • http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
153 KB
154 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
Protocol
HTTP/1.1
Server
85.17.175.148 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
host011.traiddns.net
Software
Apache / PHP/5.4.45
Resource Hash
10ed3ae683be17a14a2bc9d2e6ef7b20b491cfb505261b10f68a05665b6a7e23

Request headers

Host
google.open.pdf.ep-stock.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 16:03:13 GMT
Server
Apache
X-Powered-By
PHP/5.4.45
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html

Redirect headers

Date
Fri, 17 May 2019 16:03:13 GMT
Server
Apache
Location
http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
Content-Length
277
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
arrow_back_grey600_24dp.png
www.gstatic.com/images/icons/material/system/1x/ 		115 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/1x/arrow_back_grey600_24dp.png
Requested by
Host: google.open.pdf.ep-stock.com
URL: http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.3 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f3.1e100.net
Software
sffe /
Resource Hash
21c7180c568bf115a0784629a8e5575103007f66ab2b964ab1d7f3290f5ab370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 12 Apr 2019 12:26:20 GMT
x-content-type-options
nosniff
last-modified
Fri, 29 Jul 2016 16:45:00 GMT
server
sffe
age
3037013
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
115
x-xss-protection
0
expires
Sat, 11 Apr 2020 12:26:20 GMT
universal_language_settings-21.png
ssl.gstatic.com/images/icons/ui/common/ 		199 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png
Requested by
Host: google.open.pdf.ep-stock.com
URL: http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
59404af2d92c53ad1ee9e21b252c07c77dcba810b248a79d6ae989b1ff63c7d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 09 Mar 2019 22:50:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 21 Apr 2016 03:17:22 GMT
Server
sffe
Age
5937154
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Length
199
X-XSS-Protection
1; mode=block
Expires
Sun, 08 Mar 2020 22:50:44 GMT
googlelogo_color_112x36dp.png
ssl.gstatic.com/images/branding/googlelogo/1x/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png
Requested by
Host: google.open.pdf.ep-stock.com
URL: http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9ecd5e18216a965021f794cc1fd255767f8437ce1dd6c6c2ff4ceea7ccc0073d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 21:19:26 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
6029027
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2449
x-xss-protection
1; mode=block
expires
Sat, 07 Mar 2020 21:19:26 GMT
avatar_2x.png
ssl.gstatic.com/accounts/ui/ 		626 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/accounts/ui/avatar_2x.png
Requested by
Host: google.open.pdf.ep-stock.com
URL: http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc6d6dcda827a694dce8bfa9a1ab41113b629ef1cc11f886866af9194c81d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 22:09:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
5939620
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
626
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 22:09:33 GMT
truncated
/ 		284 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc6e1e44fce24fcda33dfd0e0a05a77004b3cd1d81018e9616d6e4145145d0b9

Request headers

Referer
http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
wlogostrip_230x17_1x.png
ssl.gstatic.com/accounts/ui/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png
Requested by
Host: google.open.pdf.ep-stock.com
URL: http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
05cdc120325f04f53e3ec7dbba877500d94db5a47e38fb6a2cc96fa3d1d7664c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 04:52:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
6001829
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
4285
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 04:52:44 GMT
DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v13/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: google.open.pdf.ep-stock.com
URL: http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
Origin
http://google.open.pdf.ep-stock.com

Response headers

Date
Fri, 08 Mar 2019 22:46:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 Apr 2015 23:46:44 GMT
Server
sffe
Age
6023823
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
16152
X-XSS-Protection
1; mode=block
Expires
Sat, 07 Mar 2020 22:46:10 GMT
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: google.open.pdf.ep-stock.com
URL: http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
Origin
http://google.open.pdf.ep-stock.com

Response headers

Date
Sat, 09 Mar 2019 02:24:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 Apr 2015 23:46:39 GMT
Server
sffe
Age
6010710
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
15572
X-XSS-Protection
1; mode=block
Expires
Sun, 08 Mar 2020 02:24:43 GMT
CheckConnection
accounts.youtube.com/accounts/ Frame E1FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=634529416&timestamp=1558108993611
Requested by
Host: google.open.pdf.ep-stock.com
URL: http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-57R03e7ot33xq8vhxuuYaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self' script-src 'nonce-57R03e7ot33xq8vhxuuYaw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;frame-ancestors https://accounts.google.com
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.youtube.com
:scheme
https
:path
/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=634529416&timestamp=1558108993611
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 17 May 2019 16:03:13 GMT
content-security-policy
script-src 'report-sample' 'nonce-57R03e7ot33xq8vhxuuYaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self' script-src 'nonce-57R03e7ot33xq8vhxuuYaw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;frame-ancestors https://accounts.google.com
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cleardot.gif
mail.google.com/mail/images/ 		43 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.google.com/mail/images/cleardot.gif?t=1558108993697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2005 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://google.open.pdf.ep-stock.com/76c3204316c2d68acf989bb016ddb406/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 16:03:18 GMT
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/gif; charset=UTF-8
status
200
cache-control
public, max-age=31536000
alt-svc
clear
x-xss-protection
1; mode=block
expires
Sat, 16 May 2020 16:03:18 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

396 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| gaia_attachEvent object| G function| Gb function| Ga object| Gc function| Gf function| Gg function| Gh function| Gd function| Ge function| Gi function| Gj function| Gl function| Gk object| Gm object| Gn function| Go function| Gp object| Gq object| Gr object| Gs object| Gt function| Gu function| Gv function| Gw function| Gx function| G_checkConnectionMain function| G_setPostMessageSupportFlag object| __CHECK_CONNECTION_CONFIG object| botguard function| gaia_parseFragment function| gaia_prefillEmail object| gaia object| hashParams function| gaia_scrollToElement object| BrowserSupport_ boolean| is_browser_supported number| start_time function| SetGmailCookie function| lg function| StripParam number| fixed function| FixForm function| el string| ONE_PX function| LogRoundtripTime function| GetRoundtripTimeFunction function| MaybePingUser object| passwd_elem function| OnLoad string| google_conversion_type number| google_conversion_id string| google_conversion_language string| google_conversion_format string| google_conversion_color function| LoadConversionScript object| PS_aa object| PS_a function| PS_b function| PS_ba function| PS_ca function| PS_c function| PS_d function| PS_da function| PS_e function| PS_f function| PS_g string| PS_ea number| PS_fa function| PS_ga function| PS_ha function| PS_h function| PS_ia function| PS_i function| PS_j function| PS_ja function| PS_ka function| PS_la function| PS_ma function| PS_ua object| PS_oa object| PS_pa object| PS_qa object| PS_ra object| PS_sa object| PS_ta object| PS_na function| PS_wa function| PS_va function| PS_xa function| PS_ya function| PS_za function| PS_Aa function| PS_k function| PS_l function| PS_Ba function| PS_Ca function| PS_Da function| PS_Fa function| PS_Ea function| PS_Ga function| PS_Ha function| PS_Ia function| PS_Ka function| PS_La function| PS_Ma function| PS_Na function| PS_m function| PS_n function| PS_Oa function| PS_Pa function| PS_Ra function| PS_Sa function| PS_Ta function| PS_Ua object| PS_Va function| PS_Wa function| PS_Xa string| PS_o object| PS_Ya string| PS_Za function| PS_ function| PS__a function| PS_0a boolean| PS_p boolean| PS_q boolean| PS_1a boolean| PS_r boolean| PS_s boolean| PS_2a function| PS_3a string| PS_4a string| PS_5a object| PS_6a undefined| PS_7a string| PS_8a object| PS_Qa function| PS_t object| PS_9a undefined| PS_u boolean| PS_$a boolean| PS_ab boolean| PS_bb function| PS_v function| PS_cb object| PS_db string| PS_eb function| PS_fb number| PS_gb function| PS_hb function| PS_ib function| PS_jb function| PS_lb function| PS_mb function| PS_nb function| PS_kb string| PS_ob object| PS_pb number| PS_qb function| PS_rb function| PS_ub function| PS_wb function| PS_zb function| PS_Ab function| PS_w function| PS_xb function| PS_Cb function| PS_Bb function| PS_yb function| PS_vb string| PS_Db function| PS_sb function| PS_Eb function| PS_Fb function| PS_x function| PS_Jb function| PS_Gb function| PS_Hb function| PS_Ib function| PS_y function| PS_z function| PS_tb function| PS_Lb function| PS_Kb function| PS_A function| PS_Ob function| PS_Nb function| PS_Mb function| PS_Pb function| PS_B function| PS_Qb function| PS_Rb function| PS_Sb function| PS_Tb function| PS_Ub function| PS_C boolean| PS_Vb boolean| PS_Wb boolean| PS_Xb boolean| PS_Yb boolean| PS_Zb boolean| PS__b boolean| PS_0b function| PS_1b object| PS_2b function| PS_D function| PS_4b object| PS_3b function| PS_5b function| PS_E object| PS_6b object| PS_7b object| PS_8b function| PS_F function| PS_$b object| PS_ac function| PS_cc object| PS_9b function| PS_bc function| PS_G function| PS_ec object| PS_dc function| PS_fc function| PS_H function| PS_I object| PS_hc object| PS_ic object| PS_jc function| PS_lc function| PS_mc object| PS_gc function| PS_J function| PS_kc function| PS_nc function| PS_oc boolean| PS_pc object| PS_qc function| PS_rc function| PS_K function| PS_sc function| PS_M function| PS_L function| PS_uc object| PS_tc function| PS_N function| PS_vc function| PS_wc function| PS_xc function| PS_yc function| PS_zc function| PS_Ac object| PS_Bc function| PS_Cc function| PS_O function| PS_Dc function| PS_P function| PS_Q function| PS_R object| PS_Ec function| PS_S function| PS_Fc function| PS_Gc function| PS_Hc object| PS_Ic function| PS_Jc function| PS_Kc function| PS_Lc function| PS_Mc function| PS_Nc function| PS_Oc number| PS_Pc function| PS_Qc function| PS_Rc object| PS_Sc object| PS_Tc object| PS_Uc function| PS_Vc object| PS_Wc object| PS_Xc function| PS_Yc function| PS_T object| PS_Zc function| PS__c function| PS_0c function| PS_1c object| PS_2c function| PS_3c function| PS_4c function| PS_U object| PS_5c object| PS_6c object| PS_7c object| PS_8c object| PS_9c function| PS_ad function| PS_$c function| PS_dd function| PS_Ja function| PS_bd function| PS_fd function| PS_gd function| PS_ed function| PS_cd function| PS_hd function| PS_id function| PS_V function| PS_jd function| PS_kd function| PS_W object| PS_md function| PS_ld function| PS_nd function| PS_od function| PS_pd function| PS_qd function| PS_X function| PS_rd object| PS_sd function| PS_td string| PS_ud function| PS_vd function| PS_wd function| PS_xd function| PS_yd function| PS_zd function| PS_Ad function| PS_Bd function| PS_Cd function| PS_Z function| PS_Dd function| PS_Kd object| PS_Ed object| PS_Gd object| PS_Fd object| PS_Jd object| PS_Hd function| PS_Y function| PS__ function| PS_Ld function| PS_0 function| PS_Id function| PS_Md function| PS_Nd function| PS_Od function| PS_4 function| PS_Rd boolean| PS_1 function| PS_Sd function| PS_2 function| PS_Ud function| PS_Xd function| PS_Qd function| PS_3 function| PS_Wd function| PS_Vd object| PS_Td number| PS_Pd function| PS_Yd object| PS_Zd function| PS_5 function| PS__d function| PS_7 object| PS_0d object| PS_8 string| PS_1d object| PS_2d function| PS_3d function| PS_4d function| PS_7d function| PS_9 function| PS_be function| PS_$ function| PS_ce function| PS_ae function| PS_$d function| PS_5d function| PS_9d function| PS_8d function| PS_6d function| PS_6 object| closure_memoize_cache_ object| closure_lm_801174 object| passwordSeparationPage function| gaia_onLoginSubmit object| f function| g function| h function| k function| m object| n function| p function| q function| r

0 Cookies