Report - 2025-local.click/

Report Overview

Visited public
2025-07-08 12:22:24
Tags
google
Submit Tags
URL
2025-local.click/
Finishing URL
2025-local.click/
IP / ASN
109.120.137.161
#215730 H2nexus Ltd
Title
Sign in - Google Accounts
Phishing - Google

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
2025-local.click	unknown	2025-06-30	2025-07-08	2025-07-08	2.2 kB	50 kB	109.120.137.161
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-07-02	2.2 kB	156 kB	142.250.178.99
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-07-02	930 B	40 kB	142.250.178.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2025-07-07	medium	2025-local.click/	Google Inc.

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	2025-local.click/js/main.js	ScriptElement	17 kB	2025-07-08	2025-07-08
Pretty URL 2025-local.click/js/main.js IP 109.120.137.161 ASN #215730 H2nexus Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-08 12:22 Last Seen2025-07-08 12:22 Times Seen1 Hash 46f0336ab67de48752a608e0fe2e6aef eea4ef9483f5eea4cebf80b442beb5c4cfe2f6a5 10182d723d5833aa603d8ccce6721003e35b70380417a8c18b61461a5b74b7fa Loading...

	2025-local.click/	ScriptElement	440 B	2025-07-08	2025-07-08
Pretty URL 2025-local.click/ IP 109.120.137.161 ASN #215730 H2nexus Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-08 12:22 Last Seen2025-07-08 12:22 Times Seen1 Hash 76357ab0c925569d6460508be980c7d5 045087bc5341c855ba1484a6a843b9dfbef2a7f5 7d302ace14c6086860c25515109e38837d11b3d2aecc8bf5eff4d3058960aec4 Loading...

HTTP Transactions (11)

URL IP Response Size

GET 2025-local.click/js/main.js

109.120.137.161

200 OK

17 kB

URL GET
2025-local.click/js/main.js
IP
109.120.137.161:443
ASN
#215730 H2nexus Ltd

Requested by
https://2025-local.click/
Certificate
IssuerLet's Encrypt
Subject2025-local.click
Fingerprint9E:9E:CA:85:A5:0B:F1:BB:26:98:81:3D:3E:AF:09:B4:E5:DD:79:15
ValidityTue, 01 Jul 2025 10:06:33 GMT - Mon, 29 Sep 2025 10:06:32 GMT

File type
Unicode text, UTF-8 text, with very long lines (491)
Size
17 kB (17243 bytes)
Hash
46f0336ab67de48752a608e0fe2e6aef
eea4ef9483f5eea4cebf80b442beb5c4cfe2f6a5
10182d723d5833aa603d8ccce6721003e35b70380417a8c18b61461a5b74b7fa

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google
OpenPhish	phishing	Google Inc.

HTTP Headers

GET /js/main.js HTTP/1.1
Host: 2025-local.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2025-local.click/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 08 Jul 2025 12:22:04 GMT
Content-Type: application/javascript
Last-Modified: Tue, 08 Jul 2025 06:15:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"686cb76a-435b"
Expires: Wed, 08 Jul 2026 12:22:04 GMT
Cache-Control: max-age=31536000, public, immutable
Content-Encoding: gzip

GET fonts.gstatic.com/s/googlesans/v64/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

142.250.178.99

200 OK

36 kB

URL GET
fonts.gstatic.com/s/googlesans/v64/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://2025-local.click/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint31:00:3B:00:14:9F:47:29:F3:46:E5:7C:57:30:CC:88:CC:DB:A8:07
ValidityTue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 36216, version 1.0
Size
36 kB (36216 bytes)
Hash
7c702451150c376ff54a34249bceb819
3ab4dc2f57c0fd141456c1cbe24f112adf3710e2
77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583

HTTP Headers

GET /s/googlesans/v64/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2025-local.click
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 36216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Jul 2025 00:25:09 GMT
expires: Sat, 04 Jul 2026 00:25:09 GMT
cache-control: public, max-age=31536000
age: 388616
last-modified: Thu, 29 May 2025 22:08:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.178.99

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://2025-local.click/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint31:00:3B:00:14:9F:47:29:F3:46:E5:7C:57:30:CC:88:CC:DB:A8:07
ValidityTue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2025-local.click
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Jul 2025 08:13:08 GMT
expires: Sat, 04 Jul 2026 08:13:08 GMT
cache-control: public, max-age=31536000
age: 360537
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/googlesans/v64/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

142.250.178.99

200 OK

36 kB

URL GET
fonts.gstatic.com/s/googlesans/v64/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://2025-local.click/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint31:00:3B:00:14:9F:47:29:F3:46:E5:7C:57:30:CC:88:CC:DB:A8:07
ValidityTue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 36216, version 1.0
Size
36 kB (36216 bytes)
Hash
7c702451150c376ff54a34249bceb819
3ab4dc2f57c0fd141456c1cbe24f112adf3710e2
77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583

HTTP Headers

GET /s/googlesans/v64/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2025-local.click
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 36216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Jul 2025 00:25:09 GMT
expires: Sat, 04 Jul 2026 00:25:09 GMT
cache-control: public, max-age=31536000
age: 388616
last-modified: Thu, 29 May 2025 22:08:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.178.99

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://2025-local.click/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint31:00:3B:00:14:9F:47:29:F3:46:E5:7C:57:30:CC:88:CC:DB:A8:07
ValidityTue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2025-local.click
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Jul 2025 08:13:08 GMT
expires: Sat, 04 Jul 2026 08:13:08 GMT
cache-control: public, max-age=31536000
age: 360537
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET 2025-local.click/favicon.ico

109.120.137.161

404 Not Found

146 B

URL GET
2025-local.click/favicon.ico
IP
109.120.137.161:443
ASN
#215730 H2nexus Ltd

Requested by
https://2025-local.click/
Certificate
IssuerLet's Encrypt
Subject2025-local.click
Fingerprint9E:9E:CA:85:A5:0B:F1:BB:26:98:81:3D:3E:AF:09:B4:E5:DD:79:15
ValidityTue, 01 Jul 2025 10:06:33 GMT - Mon, 29 Sep 2025 10:06:32 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google
OpenPhish	phishing	Google Inc.

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 2025-local.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2025-local.click/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 08 Jul 2025 12:22:05 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

GET fonts.googleapis.com/css2?family=Google+Sans:wght@400;500&family=Roboto:wght@300;400;500&display=swap

142.250.178.106

200 OK

38 kB

URL GET
fonts.googleapis.com/css2?family=Google+Sans:wght@400;500&family=Roboto:wght@300;400;500&display=swap
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://2025-local.click/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintB7:F0:7E:3A:46:13:9F:42:76:6A:5D:6E:85:25:78:85:99:EE:67:71
ValidityTue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT

File type
ASCII text, with very long lines (1572)
Size
38 kB (38326 bytes)
Hash
79f2e8d6b46455bc94d9a3bc6c320d8f
a203bd9c9905b931bae5d6369bccc58e19f49206
c69373c83d5edab0f6e26676bcb391a093d71526bd5739027adadc19f291e788

HTTP Headers

GET /css2?family=Google+Sans:wght@400;500&family=Roboto:wght@300;400;500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2025-local.click/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 08 Jul 2025 12:22:04 GMT
date: Tue, 08 Jul 2025 12:22:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET 2025-local.click/css/styles.css

109.120.137.161

200 OK

13 kB

URL GET
2025-local.click/css/styles.css
IP
109.120.137.161:443
ASN
#215730 H2nexus Ltd

Requested by
https://2025-local.click/
Certificate
IssuerLet's Encrypt
Subject2025-local.click
Fingerprint9E:9E:CA:85:A5:0B:F1:BB:26:98:81:3D:3E:AF:09:B4:E5:DD:79:15
ValidityTue, 01 Jul 2025 10:06:33 GMT - Mon, 29 Sep 2025 10:06:32 GMT

File type
Unicode text, UTF-8 text
Size
13 kB (12724 bytes)
Hash
79c2b94a762eb51049866548c606c28f
74a195c6437087c593d24a73c22b6d6bfefc6c06
59cd80638f99a5ee5634720d5ae30bf48879fc9f03d8ffcb18a2a48329a03709

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google
OpenPhish	phishing	Google Inc.

HTTP Headers

GET /css/styles.css HTTP/1.1
Host: 2025-local.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2025-local.click/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 08 Jul 2025 12:22:04 GMT
Content-Type: text/css
Last-Modified: Tue, 08 Jul 2025 06:15:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"686cb76a-31b4"
Expires: Wed, 08 Jul 2026 12:22:04 GMT
Cache-Control: max-age=31536000, public, immutable
Content-Encoding: gzip

GET 2025-local.click/css/loader.css

109.120.137.161

200 OK

4.6 kB

URL GET
2025-local.click/css/loader.css
IP
109.120.137.161:443
ASN
#215730 H2nexus Ltd

Requested by
https://2025-local.click/
Certificate
IssuerLet's Encrypt
Subject2025-local.click
Fingerprint9E:9E:CA:85:A5:0B:F1:BB:26:98:81:3D:3E:AF:09:B4:E5:DD:79:15
ValidityTue, 01 Jul 2025 10:06:33 GMT - Mon, 29 Sep 2025 10:06:32 GMT

File type
ASCII text
Size
4.6 kB (4573 bytes)
Hash
c8e34594e4e0e01b59c407417a19b5a5
0f198f76bad0516c52e55bea62fed9d885d3170e
e91ff1e5b5eef9a782ad9738d3729f0a1de7094cbfee9046153d986b4f3f4385

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google
OpenPhish	phishing	Google Inc.

HTTP Headers

GET /css/loader.css HTTP/1.1
Host: 2025-local.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2025-local.click/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 08 Jul 2025 12:22:04 GMT
Content-Type: text/css
Last-Modified: Tue, 08 Jul 2025 06:15:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"686cb76a-11dd"
Expires: Wed, 08 Jul 2026 12:22:04 GMT
Cache-Control: max-age=31536000, public, immutable
Content-Encoding: gzip

GET fonts.googleapis.com/icon?family=Material+Icons

142.250.178.106

200 OK

565 B

URL GET
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://2025-local.click/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintB7:F0:7E:3A:46:13:9F:42:76:6A:5D:6E:85:25:78:85:99:EE:67:71
ValidityTue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT

File type
ASCII text
Size
565 B (565 bytes)
Hash
736c83e15fc300de505f6ce9762a9396
31c0f11ada78e92970ff42d990116d77c169c6d7
c31266310101d0b1607937a7baf07f1601b7637bd2373176696488a07d7b4302

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2025-local.click/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 08 Jul 2025 12:22:04 GMT
date: Tue, 08 Jul 2025 12:22:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET 2025-local.click/

109.120.137.161

200 OK

14 kB

URL User Request GET
2025-local.click/
IP
109.120.137.161:443
ASN
#215730 H2nexus Ltd

Certificate
IssuerLet's Encrypt
Subject2025-local.click
Fingerprint9E:9E:CA:85:A5:0B:F1:BB:26:98:81:3D:3E:AF:09:B4:E5:DD:79:15
ValidityTue, 01 Jul 2025 10:06:33 GMT - Mon, 29 Sep 2025 10:06:32 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (549)
Size
14 kB (13545 bytes)
Hash
be3b7e97d755a432faef02d87871dd33
47c70ff04cf8755664cd548c06f440250695304a
dca492aaf134b3b6191f8b0eea199bbdb523cca9a09bf02d9cf67f3a1a53e0ac

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Google
OpenPhish	phishing	Google Inc.

HTTP Headers

GET / HTTP/1.1
Host: 2025-local.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 08 Jul 2025 12:22:03 GMT
Content-Type: text/html
Last-Modified: Tue, 08 Jul 2025 06:27:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"686cba3b-34e9"
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Content-Encoding: gzip

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (11)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size