Report - transfer.sh/npjF9DWWiO/HelloWorld.exe

Report Overview

Visited public
2023-09-23 20:03:40
Tags
URL
transfer.sh/npjF9DWWiO/HelloWorld.exe
Finishing URL
transfer.sh/npjF9DWWiO/HelloWorld.exe
IP / ASN
144.76.136.153
#24940 Hetzner Online GmbH
Title
transfer.sh - Easy and fast file sharing from the command-line.

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
transfer.sh	404333	2013-05-08	2015-07-06 01:06:10	2023-09-23 07:35:01	5.8 kB	372 kB	144.76.136.153
camo.githubusercontent.com	23365	2014-02-06	2014-11-08 20:44:23	2023-09-23 12:09:52	605 B	8.6 kB	185.199.109.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-23 20:03:23	medium	Client IP	Internal IP	ET POLICY Observed DNS Query to File Transfer Service Domain (transfer .sh)
2023-09-23 20:03:23	low	Client IP	Internal IP	ET INFO Commonly Abused File Sharing Site Domain Observed (transfer .sh in DNS Lookup)
2023-09-23 20:03:23	medium	Client IP	Internal IP	ET POLICY Observed DNS Query to File Transfer Service Domain (transfer .sh)
2023-09-23 20:03:23	low	Client IP	Internal IP	ET INFO Commonly Abused File Sharing Site Domain Observed (transfer .sh in DNS Lookup)
2023-09-23 20:03:23	low	Client IP	144.76.136.153	ET INFO Commonly Abused File Sharing Site Domain Observed (transfer .sh in TLS SNI)
2023-09-23 20:03:31	high	54.37.238.86	Client IP	ET POLICY PE EXE or DLL Windows file download HTTP

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	transfer.sh/scripts/vendor/modernizr.js	ScriptElement	11 kB	2023-03-07	2025-05-06
Pretty URL transfer.sh/scripts/vendor/modernizr.js IP 144.76.136.153 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11 Last Seen2025-05-06 08:42 Times Seen463 Hash 1167e9d01ba4947354c13b262fb5933d bfd0268e4204c37d9fdd7df76b63f35582b25641 1a7c584616a7e60c85ab2cf672dfa659ed515205a5106b415be2ca4af06e937d Loading...

	transfer.sh/npjF9DWWiO/HelloWorld.exe	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL transfer.sh/npjF9DWWiO/HelloWorld.exe IP 144.76.136.153 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 00:34 Times Seen4649961 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	transfer.sh/npjF9DWWiO/HelloWorld.exe	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL transfer.sh/npjF9DWWiO/HelloWorld.exe IP 144.76.136.153 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 00:34 Times Seen4649961 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	transfer.sh/scripts/main.js	ScriptElement	146 kB	2023-06-16	2025-04-17
Pretty URL transfer.sh/scripts/main.js IP 144.76.136.153 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-16 19:20 Last Seen2025-04-17 19:11 Times Seen401 Hash c8a36bcd41c6e7d6beebc39dac78eefd ac815c949fc22b8d825500228d35533e0aab3295 f053fae005a8e0786278b7df85302e3de76f24c4f0cce69d52507c154e55a585 Loading...

HTTP Transactions (13)

	URL	IP	Response	Size
	transfer.sh/fonts/fonts.css?family=Source+Sans+Pro:100,200,300	144.76.136.153	200 OK	4.1 kB
URL GET HTTP/2 transfer.sh/fonts/fonts.css?family=Source+Sans+Pro:100,200,300 IP 144.76.136.153:443 ASN #24940 Hetzner Online GmbH Requested by https://transfer.sh/npjF9DWWiO/HelloWorld.exe Certificate IssuerLet's Encrypt Subjecttransfer.sh Fingerprint4B:77:1F:B2:FE:8E:4F:93:E4:34:20:28:F2:B6:7A:3A:FF:0F:D1:F6 ValidityMon, 14 Aug 2023 19:42:51 GMT - Sun, 12 Nov 2023 19:42:50 GMT File type ASCII text, with CRLF line terminators Size 4.1 kB (4059 bytes) Hash f837cf62966beb5c97b92f894f3c76f1 add1e6310cec9c04fc599d91e6328f61cfa9cb5b a4df9d99df6efc18c30549cdb22cb577f231fd25358e0e88c6077a8d71cdc05d HTTP Headers `GET /fonts/fonts.css?family=Source+Sans+Pro:100,200,300 HTTP/1.1 Host: transfer.sh User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://transfer.sh/npjF9DWWiO/HelloWorld.exe Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK accept-ranges: bytes content-type: text/css; charset=utf-8 last-modified: Fri, 22 Sep 2023 22:18:34 GMT server: Transfer.sh HTTP Server x-made-with: <3 by DutchCoders x-served-by: Proudly served by DutchCoders content-length: 4059 date: Sat, 23 Sep 2023 20:03:24 GMT X-Firefox-Spdy: h2`

	camo.githubusercontent.com/38ef81f8aca64bb9a64448d0d70f1308ef5341ab/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f6769746875622f726962626f6e732f666f726b6d655f72696768745f6461726b626c75655f3132313632312e706e67	185.199.109.133	200 OK	7.8 kB
URL GET HTTP/2 camo.githubusercontent.com/38ef81f8aca64bb9a64448d0d70f1308ef5341ab/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f6769746875622f726962626f6e732f666f726b6d655f72696768745f6461726b626c75655f3132313632312e706e67 IP 185.199.109.133:443 ASN #54113 FASTLY Requested by https://transfer.sh/npjF9DWWiO/HelloWorld.exe Certificate IssuerDigiCert Inc Subject.github.io FingerprintA1:46:14:C7:2A:1D:52:79:F6:AA:2B:B2:C5:0A:3B:D3:F5:02:06:75 ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 20 Mar 2024 23:59:59 GMT File type PNG image data, 149 x 149, 8-bit/color RGBA, non-interlaced\012- data Size 7.8 kB (7791 bytes) Hash 5b6b3233153feca50a94aa6c60873a5f 720f49170967eec73248aaf0e8f6325b21802f0d edad626528bbd55bca8926924a4697daddc1acc7bea62ea731d1e6673e9f749c HTTP Headers GET /38ef81f8aca64bb9a64448d0d70f1308ef5341ab/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f6769746875622f726962626f6e732f666f726b6d655f72696768745f6461726b626c75655f3132313632312e706e67 HTTP/1.1 Host: camo.githubusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://transfer.sh/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK cache-control: public, max-age=31536000 content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline' content-type: image/png last-modified: Fri, 19 Dec 2008 08:32:39 GMT server: github-camo (325d2008) strict-transport-security: max-age=31536000; includeSubDomains x-content-type-options: nosniff x-frame-options: deny x-xss-protection: 1; mode=block x-github-request-id: 270E:4076:147BC0:156E04:642B675A accept-ranges: bytes date: Sat, 23 Sep 2023 20:03:24 GMT via: 1.1 varnish age: 14933298 x-served-by: cache-bma1632-BMA x-cache: HIT x-cache-hits: 4 x-timer: S1695499404.257369,VS0,VE0 x-fastly-request-id: 02c1a1abaf673bb11620b5238853b12d7e6c0116 timing-allow-origin: https://github.com content-length: 7791 X-Firefox-Spdy: h2

	transfer.sh/fonts/fonts.css?family=Droid+Sans+Mono	144.76.136.153	200 OK	4.1 kB
URL GET HTTP/2 transfer.sh/fonts/fonts.css?family=Droid+Sans+Mono IP 144.76.136.153:443 ASN #24940 Hetzner Online GmbH Requested by https://transfer.sh/npjF9DWWiO/HelloWorld.exe Certificate IssuerLet's Encrypt Subjecttransfer.sh Fingerprint4B:77:1F:B2:FE:8E:4F:93:E4:34:20:28:F2:B6:7A:3A:FF:0F:D1:F6 ValidityMon, 14 Aug 2023 19:42:51 GMT - Sun, 12 Nov 2023 19:42:50 GMT File type ASCII text, with CRLF line terminators Size 4.1 kB (4059 bytes) Hash f837cf62966beb5c97b92f894f3c76f1 add1e6310cec9c04fc599d91e6328f61cfa9cb5b a4df9d99df6efc18c30549cdb22cb577f231fd25358e0e88c6077a8d71cdc05d HTTP Headers `GET /fonts/fonts.css?family=Droid+Sans+Mono HTTP/1.1 Host: transfer.sh User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://transfer.sh/npjF9DWWiO/HelloWorld.exe Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK accept-ranges: bytes content-type: text/css; charset=utf-8 last-modified: Fri, 22 Sep 2023 22:18:34 GMT server: Transfer.sh HTTP Server x-made-with: <3 by DutchCoders x-served-by: Proudly served by DutchCoders content-length: 4059 date: Sat, 23 Sep 2023 20:03:24 GMT X-Firefox-Spdy: h2`

	transfer.sh/scripts/vendor/modernizr.js	144.76.136.153	200 OK	11 kB
URL GET HTTP/2 transfer.sh/scripts/vendor/modernizr.js IP 144.76.136.153:443 ASN #24940 Hetzner Online GmbH Requested by https://transfer.sh/npjF9DWWiO/HelloWorld.exe Certificate IssuerLet's Encrypt Subjecttransfer.sh Fingerprint4B:77:1F:B2:FE:8E:4F:93:E4:34:20:28:F2:B6:7A:3A:FF:0F:D1:F6 ValidityMon, 14 Aug 2023 19:42:51 GMT - Sun, 12 Nov 2023 19:42:50 GMT File type HTML document, ASCII text, with very long lines (10785), with no line terminators Size 11 kB (10785 bytes) Hash 1167e9d01ba4947354c13b262fb5933d bfd0268e4204c37d9fdd7df76b63f35582b25641 1a7c584616a7e60c85ab2cf672dfa659ed515205a5106b415be2ca4af06e937d HTTP Headers `GET /scripts/vendor/modernizr.js HTTP/1.1 Host: transfer.sh User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://transfer.sh/npjF9DWWiO/HelloWorld.exe Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK accept-ranges: bytes content-type: text/javascript; charset=utf-8 last-modified: Fri, 22 Sep 2023 22:18:34 GMT server: Transfer.sh HTTP Server x-made-with: <3 by DutchCoders x-served-by: Proudly served by DutchCoders content-length: 10785 date: Sat, 23 Sep 2023 20:03:24 GMT X-Firefox-Spdy: h2`

	transfer.sh/images/Logo-orange.png	144.76.136.153	200 OK	9.1 kB
URL GET HTTP/2 transfer.sh/images/Logo-orange.png IP 144.76.136.153:443 ASN #24940 Hetzner Online GmbH Requested by https://transfer.sh/npjF9DWWiO/HelloWorld.exe Certificate IssuerLet's Encrypt Subjecttransfer.sh Fingerprint4B:77:1F:B2:FE:8E:4F:93:E4:34:20:28:F2:B6:7A:3A:FF:0F:D1:F6 ValidityMon, 14 Aug 2023 19:42:51 GMT - Sun, 12 Nov 2023 19:42:50 GMT File type PNG image data, 1000 x 126, 8-bit colormap, non-interlaced\012- data Size 9.1 kB (9074 bytes) Hash 20dddb5da8625839af8fb0d33080640d cf9b6ec17aa2c3ba2eaff4ec15ca421dab3ce768 5a54776361c8ea5bfd434f0199f43756320886db8e93a3fe3b6ac57bca82f1d8 HTTP Headers `GET /images/Logo-orange.png HTTP/1.1 Host: transfer.sh User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://transfer.sh/npjF9DWWiO/HelloWorld.exe Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK accept-ranges: bytes content-type: image/png last-modified: Fri, 22 Sep 2023 22:18:34 GMT server: Transfer.sh HTTP Server x-made-with: <3 by DutchCoders x-served-by: Proudly served by DutchCoders content-length: 9074 date: Sat, 23 Sep 2023 20:03:24 GMT X-Firefox-Spdy: h2`

	transfer.sh/styles/main.css	144.76.136.153	200 OK	134 kB
URL GET HTTP/2 transfer.sh/styles/main.css IP 144.76.136.153:443 ASN #24940 Hetzner Online GmbH Requested by https://transfer.sh/npjF9DWWiO/HelloWorld.exe Certificate IssuerLet's Encrypt Subjecttransfer.sh Fingerprint4B:77:1F:B2:FE:8E:4F:93:E4:34:20:28:F2:B6:7A:3A:FF:0F:D1:F6 ValidityMon, 14 Aug 2023 19:42:51 GMT - Sun, 12 Nov 2023 19:42:50 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 134 kB (134129 bytes) Hash c1ce729a03cef9bdf8d3d7d30636c18b fc84879c6bcbf49a11df1b7fd1b2371127d288a3 9900057aac9358709b9df007e829afc418f3fe8123a923badfbb4047569de395 HTTP Headers `GET /styles/main.css HTTP/1.1 Host: transfer.sh User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://transfer.sh/npjF9DWWiO/HelloWorld.exe Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK accept-ranges: bytes content-type: text/css; charset=utf-8 last-modified: Fri, 22 Sep 2023 22:18:34 GMT server: Transfer.sh HTTP Server x-made-with: <3 by DutchCoders x-served-by: Proudly served by DutchCoders content-length: 134129 date: Sat, 23 Sep 2023 20:03:24 GMT X-Firefox-Spdy: h2`

	transfer.sh/scripts/main.js	144.76.136.153	200 OK	146 kB
URL GET HTTP/2 transfer.sh/scripts/main.js IP 144.76.136.153:443 ASN #24940 Hetzner Online GmbH Requested by https://transfer.sh/npjF9DWWiO/HelloWorld.exe Certificate IssuerLet's Encrypt Subjecttransfer.sh Fingerprint4B:77:1F:B2:FE:8E:4F:93:E4:34:20:28:F2:B6:7A:3A:FF:0F:D1:F6 ValidityMon, 14 Aug 2023 19:42:51 GMT - Sun, 12 Nov 2023 19:42:50 GMT File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Size 146 kB (146294 bytes) Hash c8a36bcd41c6e7d6beebc39dac78eefd ac815c949fc22b8d825500228d35533e0aab3295 f053fae005a8e0786278b7df85302e3de76f24c4f0cce69d52507c154e55a585 HTTP Headers `GET /scripts/main.js HTTP/1.1 Host: transfer.sh User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://transfer.sh/npjF9DWWiO/HelloWorld.exe Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK accept-ranges: bytes content-type: text/javascript; charset=utf-8 last-modified: Fri, 22 Sep 2023 22:18:34 GMT server: Transfer.sh HTTP Server x-made-with: <3 by DutchCoders x-served-by: Proudly served by DutchCoders content-length: 146294 date: Sat, 23 Sep 2023 20:03:24 GMT X-Firefox-Spdy: h2`

	transfer.sh/fonts/source-sans-pro-300-normal-latin.woff2	144.76.136.153	200 OK	13 kB
URL GET HTTP/2 transfer.sh/fonts/source-sans-pro-300-normal-latin.woff2 IP 144.76.136.153:443 ASN #24940 Hetzner Online GmbH Requested by https://transfer.sh/npjF9DWWiO/HelloWorld.exe Certificate IssuerLet's Encrypt Subjecttransfer.sh Fingerprint4B:77:1F:B2:FE:8E:4F:93:E4:34:20:28:F2:B6:7A:3A:FF:0F:D1:F6 ValidityMon, 14 Aug 2023 19:42:51 GMT - Sun, 12 Nov 2023 19:42:50 GMT File type Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data Size 13 kB (12956 bytes) Hash 1c772d9d0531b187db80bcfc199c1786 c0c04fb334190e10dffed0dcc5c817c2a6041a15 122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade HTTP Headers GET /fonts/source-sans-pro-300-normal-latin.woff2 HTTP/1.1 Host: transfer.sh User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: https://transfer.sh/fonts/fonts.css?family=Droid+Sans+Mono Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK accept-ranges: bytes content-type: font/woff2 last-modified: Fri, 22 Sep 2023 22:18:34 GMT server: Transfer.sh HTTP Server x-made-with: <3 by DutchCoders x-served-by: Proudly served by DutchCoders content-length: 12956 date: Sat, 23 Sep 2023 20:03:24 GMT X-Firefox-Spdy: h2`

	transfer.sh/fonts/droid-sans-mono-400-normal-latin.woff2	144.76.136.153	200 OK	18 kB
URL GET HTTP/2 transfer.sh/fonts/droid-sans-mono-400-normal-latin.woff2 IP 144.76.136.153:443 ASN #24940 Hetzner Online GmbH Requested by https://transfer.sh/npjF9DWWiO/HelloWorld.exe Certificate IssuerLet's Encrypt Subjecttransfer.sh Fingerprint4B:77:1F:B2:FE:8E:4F:93:E4:34:20:28:F2:B6:7A:3A:FF:0F:D1:F6 ValidityMon, 14 Aug 2023 19:42:51 GMT - Sun, 12 Nov 2023 19:42:50 GMT File type Web Open Font Format (Version 2), TrueType, length 18400, version 1.0\012- data Size 18 kB (18400 bytes) Hash bca50bf4a4e3b8abac8f1665032dfe34 edcb128ece330477d413d42a7fdb081cfb95f39e 1a8e7108949ee83e8eeadd9cd0ed0f98bd8870f2afa75c26ccdc9e795fb58e30 HTTP Headers GET /fonts/droid-sans-mono-400-normal-latin.woff2 HTTP/1.1 Host: transfer.sh User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: https://transfer.sh/fonts/fonts.css?family=Droid+Sans+Mono Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK accept-ranges: bytes content-type: font/woff2 last-modified: Fri, 22 Sep 2023 22:18:34 GMT server: Transfer.sh HTTP Server x-made-with: <3 by DutchCoders x-served-by: Proudly served by DutchCoders content-length: 18400 date: Sat, 23 Sep 2023 20:03:24 GMT X-Firefox-Spdy: h2`

	transfer.sh/fonts/source-sans-pro-200-normal-latin.woff2	144.76.136.153	200 OK	13 kB
URL GET HTTP/2 transfer.sh/fonts/source-sans-pro-200-normal-latin.woff2 IP 144.76.136.153:443 ASN #24940 Hetzner Online GmbH Requested by https://transfer.sh/npjF9DWWiO/HelloWorld.exe Certificate IssuerLet's Encrypt Subjecttransfer.sh Fingerprint4B:77:1F:B2:FE:8E:4F:93:E4:34:20:28:F2:B6:7A:3A:FF:0F:D1:F6 ValidityMon, 14 Aug 2023 19:42:51 GMT - Sun, 12 Nov 2023 19:42:50 GMT File type Web Open Font Format (Version 2), TrueType, length 12680, version 1.0\012- data Size 13 kB (12680 bytes) Hash 7996b24caa1cfc66f4f15a949e974826 2523f1ff45314e977722ef1e477e34d0b2390a07 570fccbb23e47f3f48767d3b6199198988328bac118fd6933def8f5fb4478472 HTTP Headers GET /fonts/source-sans-pro-200-normal-latin.woff2 HTTP/1.1 Host: transfer.sh User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: https://transfer.sh/fonts/fonts.css?family=Droid+Sans+Mono Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK accept-ranges: bytes content-type: font/woff2 last-modified: Fri, 22 Sep 2023 22:18:34 GMT server: Transfer.sh HTTP Server x-made-with: <3 by DutchCoders x-served-by: Proudly served by DutchCoders content-length: 12680 date: Sat, 23 Sep 2023 20:03:24 GMT X-Firefox-Spdy: h2`

	transfer.sh/fonts/transfersh.woff	144.76.136.153	200 OK	3.1 kB
URL GET HTTP/2 transfer.sh/fonts/transfersh.woff IP 144.76.136.153:443 ASN #24940 Hetzner Online GmbH Requested by https://transfer.sh/npjF9DWWiO/HelloWorld.exe Certificate IssuerLet's Encrypt Subjecttransfer.sh Fingerprint4B:77:1F:B2:FE:8E:4F:93:E4:34:20:28:F2:B6:7A:3A:FF:0F:D1:F6 ValidityMon, 14 Aug 2023 19:42:51 GMT - Sun, 12 Nov 2023 19:42:50 GMT File type Web Open Font Format, CFF, length 3060, version 1.0\012- data Size 3.1 kB (3060 bytes) Hash cabfd85984a9595ec5217b87afe6b743 8fc07314540a7e281b4dd83661994b1886e230c2 da0a988fdcd19ac15c792e72f8f9807b55b1b6cc6db081ff4b6ca880b703713d HTTP Headers `GET /fonts/transfersh.woff HTTP/1.1 Host: transfer.sh User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: https://transfer.sh/styles/main.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK accept-ranges: bytes content-type: font/woff last-modified: Fri, 22 Sep 2023 22:18:34 GMT server: Transfer.sh HTTP Server x-made-with: <3 by DutchCoders x-served-by: Proudly served by DutchCoders content-length: 3060 date: Sat, 23 Sep 2023 20:03:24 GMT X-Firefox-Spdy: h2`

	transfer.sh/favicon.ico	144.76.136.153	200 OK	7.7 kB
URL GET HTTP/2 transfer.sh/favicon.ico IP 144.76.136.153:443 ASN #24940 Hetzner Online GmbH Requested by https://transfer.sh/npjF9DWWiO/HelloWorld.exe Certificate IssuerLet's Encrypt Subjecttransfer.sh Fingerprint4B:77:1F:B2:FE:8E:4F:93:E4:34:20:28:F2:B6:7A:3A:FF:0F:D1:F6 ValidityMon, 14 Aug 2023 19:42:51 GMT - Sun, 12 Nov 2023 19:42:50 GMT File type MS Windows icon resource - 1 icon, 75x75, 8 bits/pixel\012- data Size 7.7 kB (7686 bytes) Hash 3e6539d4bd26ce0b58dd275bcc5db0ea fe53e0eda7946bdc33f703fea4b52724f1a9283a e27519877e9a69cae23b28baeecf1be5df7802d4b02e498bf7862448abcdce7a HTTP Headers `GET /favicon.ico HTTP/1.1 Host: transfer.sh User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://transfer.sh/npjF9DWWiO/HelloWorld.exe Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK accept-ranges: bytes content-type: image/vnd.microsoft.icon last-modified: Fri, 22 Sep 2023 22:18:34 GMT server: Transfer.sh HTTP Server x-made-with: <3 by DutchCoders x-served-by: Proudly served by DutchCoders content-length: 7686 date: Sat, 23 Sep 2023 20:03:24 GMT X-Firefox-Spdy: h2`

	transfer.sh/npjF9DWWiO/HelloWorld.exe	144.76.136.153	200 OK	5.0 kB
URL User Request GET HTTP/2 transfer.sh/npjF9DWWiO/HelloWorld.exe IP 144.76.136.153:443 ASN #24940 Hetzner Online GmbH Certificate IssuerLet's Encrypt Subjecttransfer.sh Fingerprint4B:77:1F:B2:FE:8E:4F:93:E4:34:20:28:F2:B6:7A:3A:FF:0F:D1:F6 ValidityMon, 14 Aug 2023 19:42:51 GMT - Sun, 12 Nov 2023 19:42:50 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5215), with no line terminators Size 5.0 kB (4963 bytes) Hash 4746198ed3f67be0725969073920ad7e 5f87bb179b95731756e6b1014cb9d7b31b846652 0d225aa25682d25827c64d0fb3bfe4a1b19fe6c794041f3f0eb32708696355e5 HTTP Headers `GET /npjF9DWWiO/HelloWorld.exe HTTP/1.1 Host: transfer.sh User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: Transfer.sh HTTP Server vary: Range, Referer, X-Decrypt-Password x-made-with: <3 by DutchCoders x-served-by: Proudly served by DutchCoders content-type: text/html; charset=utf-8 date: Sat, 23 Sep 2023 20:03:23 GMT X-Firefox-Spdy: h2`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (13)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP