accounts-mail.space
Open in
urlscan Pro
115.126.39.107
Malicious Activity!
Public Scan
Submission: On April 03 via automatic, source openphish
Summary
This is the only time accounts-mail.space was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 115.126.39.107 115.126.39.107 | 38186 (FTG-AS-AP...) (FTG-AS-AP Forewin Telecom Group Limited) | |
3 | 2a00:1450:400... 2a00:1450:400c:c06::5e | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
1 | 2a00:1450:400... 2a00:1450:400c:c06::11 | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
10 | 4 |
ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK)
accounts-mail.space |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
accounts-mail.space
accounts-mail.space |
60 KB |
3 |
gstatic.com
ssl.gstatic.com |
7 KB |
1 |
google.com
mail.google.com |
52 B |
0 |
youtube.com
Failed
accounts.youtube.com Failed |
|
10 | 4 |
Domain | Requested by | |
---|---|---|
5 | accounts-mail.space |
accounts-mail.space
|
3 | ssl.gstatic.com |
accounts-mail.space
|
1 | mail.google.com |
accounts-mail.space
|
0 | accounts.youtube.com Failed |
accounts-mail.space
|
10 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
accounts.google.com |
support.google.com |
www.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google.com Google Internet Authority G2 |
2017-03-22 - 2017-06-14 |
3 months | crt.sh |
mail.google.com Google Internet Authority G2 |
2017-03-22 - 2017-06-14 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://accounts-mail.space/drive.postmailsecret.com/
Frame ID: 17992.1
Requests: 9 HTTP requests in this frame
Frame:
https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=-432011133×tamp=1491241098078
Frame ID: 17992.2
Requests: 1 HTTP requests in this frame
10 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: 瞭解更多資訊
Search URL Search Domain Scan URL
Title: Need help?
Search URL Search Domain Scan URL
Title: 建立帳戶
Search URL Search Domain Scan URL
Title: Sign in with a different account
Search URL Search Domain Scan URL
Title: Create account
Search URL Search Domain Scan URL
Title: About Google
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
accounts-mail.space/drive.postmailsecret.com/ Redirect Chain
|
57 KB 57 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
photo.png
accounts-mail.space/drive.postmailsecret.com/index_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow_back_grey600_24dp.png
accounts-mail.space/drive.postmailsecret.com/index_files/ |
117 B 117 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googlelogo_color_112x36dp.png
ssl.gstatic.com/images/branding/googlelogo/1x/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
universal_language_settings-21.png
accounts-mail.space/drive.postmailsecret.com/index_files/ |
199 B 199 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wlogostrip_230x17_1x.png
ssl.gstatic.com/accounts/ui/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkmark.png
ssl.gstatic.com/ui/v1/menu/ |
239 B 248 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
CheckConnection
accounts.youtube.com/accounts/ Frame 1799 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cleardot.gif
mail.google.com/mail/images/ |
43 B 52 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
accounts-mail.space/ |
1 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- accounts.youtube.com
- URL
- https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=-432011133×tamp=1491241098078
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts-mail.space
accounts.youtube.com
mail.google.com
ssl.gstatic.com
accounts.youtube.com
115.126.39.107
2a00:1450:400c:c06::11
2a00:1450:400c:c06::5e
05cdc120325f04f53e3ec7dbba877500d94db5a47e38fb6a2cc96fa3d1d7664c
2210e36b5b21e54cd4dc2ccdcc06138db8598d704ebf19052e5caa84edb4a675
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
59404af2d92c53ad1ee9e21b252c07c77dcba810b248a79d6ae989b1ff63c7d6
8d7d4305d9042a6f0a276c0cd646b0f4a18da60a800e844a70f51ad46cc1bd09
9ecd5e18216a965021f794cc1fd255767f8437ce1dd6c6c2ff4ceea7ccc0073d
a5d2a2bc6816e785e4832cc923980e0fad26b730c02e70c6d0dfdf3cfe3bf60b
b1304c800c82155c2deba577feed3b812830f7a8a592ce1898d1ade2c29e9511
f200aa60f60b6f435e4380744af7b81f6e21f01527e1b3ec5b8074c0ea9757a4