Submitted URL: http://secured-dot-p7q8y6t5.uc.r.appspot.com
Effective URL: https://secured-dot-p7q8y6t5.uc.r.appspot.com/
Submission: On May 23 via api from BE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions.
The main IP is 2a00:1450:4001:821::2014, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is secured-dot-p7q8y6t5.uc.r.appspot.com.
TLS certificate: Issued by GTS CA 1O1 on May 5th 2020. Valid for: 3 months.
This is the first time this domain was scanned on urlscan.io!

Verdict: Malicious (Score: 100/100) Show Details

  • urlscan - Score: 100
    phishing
    Phishing against AOL (Online)

Domain & IP information

IP Address AS Autonomous System
1 15 2a00:1450:400... 15169 (GOOGLE)
14 1
Domain
Subdomains
Transfer
15 r.appspot.com
63 KB
14 1
Domain Requested by
15 secured-dot-p7q8y6t5.uc.r.appspot.com 1 redirects secured-dot-p7q8y6t5.uc.r.appspot.com
14 1

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
*.appspot.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /Google Frontend/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/

Redirect Chain
  • http://secured-dot-p7q8y6t5.uc.r.appspot.com/
  • https://secured-dot-p7q8y6t5.uc.r.appspot.com/
9 KB
4 KB
Document
General
Full URL
https://secured-dot-p7q8y6t5.uc.r.appspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
28da90187f67a86c92f77f09dbd602dd6c236765ad2fea72e3f6c1acae107865

Request headers

:method
GET
:authority
secured-dot-p7q8y6t5.uc.r.appspot.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html
content-encoding
gzip
x-cloud-trace-context
31ed4b3be3fb0d5041a20d6aacdcbd94
vary
Accept-Encoding
date
Sat, 23 May 2020 06:25:50 GMT
server
Google Frontend
cache-control
private
content-length
3455
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location
https://secured-dot-p7q8y6t5.uc.r.appspot.com/
X-Cloud-Trace-Context
01a9f5edf22865fa0ed89b7d97d1c03a
Date
Sat, 23 May 2020 06:25:50 GMT
Content-Type
text/html
Server
Google Frontend
Content-Length
0
jquery-1.4.2.min.js
/js
70 KB
28 KB
Script
General
Full URL
https://secured-dot-p7q8y6t5.uc.r.appspot.com/js/jquery-1.4.2.min.js
Requested by
Host: secured-dot-p7q8y6t5.uc.r.appspot.com
URL: https://secured-dot-p7q8y6t5.uc.r.appspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Request headers

Referer
https://secured-dot-p7q8y6t5.uc.r.appspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:25:50 GMT
content-encoding
gzip
server
Google Frontend
etag
"niyZvw"
content-type
application/javascript
status
200
x-cloud-trace-context
31ed4b3be3fb0d5041a20d6aacdcbd94
cache-control
public, max-age=5
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 23 May 2020 06:25:55 GMT
snslanding.js
/js
2 KB
841 B
Script
General
Full URL
https://secured-dot-p7q8y6t5.uc.r.appspot.com/js/snslanding.js
Requested by
Host: secured-dot-p7q8y6t5.uc.r.appspot.com
URL: https://secured-dot-p7q8y6t5.uc.r.appspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ddae6d3eb90e6652daa591e4363bc52d269c1e100643c97a376611b7adbc9367

Request headers

Referer
https://secured-dot-p7q8y6t5.uc.r.appspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:25:50 GMT
content-encoding
gzip
server
Google Frontend
etag
"niyZvw"
content-type
application/javascript
status
200
x-cloud-trace-context
7cbe72b077173cfcb03e1fb14b8ac908
cache-control
public, max-age=5
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 23 May 2020 06:25:55 GMT
snslanding.css
/js
5 KB
2 KB
Stylesheet
General
Full URL
https://secured-dot-p7q8y6t5.uc.r.appspot.com/js/snslanding.css
Requested by
Host: secured-dot-p7q8y6t5.uc.r.appspot.com
URL: https://secured-dot-p7q8y6t5.uc.r.appspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
30659174b5dbc38f53e455dbfe7ec71d73f07ec44dac3c0aaf1c99b4d5c8da0f

Request headers

Referer
https://secured-dot-p7q8y6t5.uc.r.appspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:25:50 GMT
content-encoding
gzip
server
Google Frontend
etag
"niyZvw"
content-type
text/css
status
200
x-cloud-trace-context
31ed4b3be3fb0d5041a20d6aacdcbd94
cache-control
public, max-age=5
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 23 May 2020 06:25:55 GMT
hdr_err.css
/js
676 B
431 B
Stylesheet
General
Full URL
https://secured-dot-p7q8y6t5.uc.r.appspot.com/js/hdr_err.css
Requested by
Host: secured-dot-p7q8y6t5.uc.r.appspot.com
URL: https://secured-dot-p7q8y6t5.uc.r.appspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
b6fbd0e1845aebb3bf513537eb3d8dae360ea4b5d2e225ab22679da9bb75292c

Request headers

Referer
https://secured-dot-p7q8y6t5.uc.r.appspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:25:50 GMT
content-encoding
gzip
server
Google Frontend
etag
"niyZvw"
content-type
text/css
status
200
x-cloud-trace-context
3e99ecc9006093fd3f4ce0007227a4fb
cache-control
public, max-age=5
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 23 May 2020 06:25:55 GMT
css?family=Open+Sans:300italic,300
/js/added
9 KB
3 KB
Stylesheet
General
Full URL
https://secured-dot-p7q8y6t5.uc.r.appspot.com/js/added/css?family=Open+Sans:300italic,300
Requested by
Host: secured-dot-p7q8y6t5.uc.r.appspot.com
URL: https://secured-dot-p7q8y6t5.uc.r.appspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
28da90187f67a86c92f77f09dbd602dd6c236765ad2fea72e3f6c1acae107865

Request headers

Referer
https://secured-dot-p7q8y6t5.uc.r.appspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:25:50 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
text/html
status
200
x-cloud-trace-context
721bcae8ec8ddadf57c3524b6d9d5103
cache-control
private
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3455
11-mybenefits-sns.css
/js/added
3 KB
907 B
Stylesheet
General
Full URL
https://secured-dot-p7q8y6t5.uc.r.appspot.com/js/added/11-mybenefits-sns.css
Requested by
Host: secured-dot-p7q8y6t5.uc.r.appspot.com
URL: https://secured-dot-p7q8y6t5.uc.r.appspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
5c429d4f6c293e746723c621969d0af720ef5b1b3f05447efe45eee1c4b591e7

Request headers

Referer
https://secured-dot-p7q8y6t5.uc.r.appspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:25:50 GMT
content-encoding
gzip
server
Google Frontend
etag
"niyZvw"
content-type
text/css
status
200
x-cloud-trace-context
3e99ecc9006093fd3f4ce0007227a4fb
cache-control
public, max-age=5
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 23 May 2020 06:25:55 GMT
lpUiStyles.css
/js
12 KB
3 KB
Stylesheet
General
Full URL
https://secured-dot-p7q8y6t5.uc.r.appspot.com/js/lpUiStyles.css
Requested by
Host: secured-dot-p7q8y6t5.uc.r.appspot.com
URL: https://secured-dot-p7q8y6t5.uc.r.appspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
1a97e13035b779835312549e4b3f9c913b00ffc0e0eacdd39d4cd1f60dc885db

Request headers

Referer
https://secured-dot-p7q8y6t5.uc.r.appspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:25:50 GMT
content-encoding
gzip
server
Google Frontend
etag
"niyZvw"
content-type
text/css
status
200
x-cloud-trace-context
53835704e1b3184b3bc5942539a9e486
cache-control
public, max-age=5
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 23 May 2020 06:25:55 GMT
error.gif
/js
1021 B
1 KB
Image
General
Full URL
https://secured-dot-p7q8y6t5.uc.r.appspot.com/js/error.gif
Requested by
Host: secured-dot-p7q8y6t5.uc.r.appspot.com
URL: https://secured-dot-p7q8y6t5.uc.r.appspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
07981e5b5f4c84246a00de0212f7f4af17cae9e45c4bdf357ced2cad8a1bbc32

Request headers

Referer
https://secured-dot-p7q8y6t5.uc.r.appspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:25:50 GMT
server
Google Frontend
etag
"niyZvw"
content-type
image/gif
status
200
x-cloud-trace-context
e01be79bf27682b61bfc7de5e66b11e3
cache-control
public, max-age=5
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 23 May 2020 06:25:55 GMT
lpUi.js
/js
19 KB
6 KB
Script
General
Full URL
https://secured-dot-p7q8y6t5.uc.r.appspot.com/js/lpUi.js
Requested by
Host: secured-dot-p7q8y6t5.uc.r.appspot.com
URL: https://secured-dot-p7q8y6t5.uc.r.appspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cf87ecf582ede0b10d28a3980e6ac156315274b7fed846a9eeee0c572498f89a

Request headers

Referer
https://secured-dot-p7q8y6t5.uc.r.appspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:25:50 GMT
content-encoding
gzip
server
Google Frontend
etag
"niyZvw"
content-type
application/javascript
status
200
x-cloud-trace-context
e01be79bf27682b61bfc7de5e66b11e3
cache-control
public, max-age=5
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 23 May 2020 06:25:55 GMT
lp-aol-head-lg.png
/js/added
7 KB
7 KB
Image
General
Full URL
https://secured-dot-p7q8y6t5.uc.r.appspot.com/js/added/lp-aol-head-lg.png
Requested by
Host: secured-dot-p7q8y6t5.uc.r.appspot.com
URL: https://secured-dot-p7q8y6t5.uc.r.appspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
754d851f37baf4b424f4d86d668755d7d2b042534f96b3de0b27e6ce3b095392

Request headers

Referer
https://secured-dot-p7q8y6t5.uc.r.appspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:25:50 GMT
server
Google Frontend
etag
"niyZvw"
content-type
image/png
status
200
x-cloud-trace-context
9b00099c67f239aa545f1b21ad8826ae
cache-control
public, max-age=5
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 23 May 2020 06:25:55 GMT
AC_OETags.js
/js
4 KB
2 KB
Script
General
Full URL
https://secured-dot-p7q8y6t5.uc.r.appspot.com/js/AC_OETags.js
Requested by
Host: secured-dot-p7q8y6t5.uc.r.appspot.com
URL: https://secured-dot-p7q8y6t5.uc.r.appspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
dcee5312b1a816445dcc424a72970ad633f4fdf67d35dd1e80beb3579f7b399f

Request headers

Referer
https://secured-dot-p7q8y6t5.uc.r.appspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:25:50 GMT
content-encoding
gzip
server
Google Frontend
etag
"niyZvw"
content-type
application/javascript
status
200
x-cloud-trace-context
721bcae8ec8ddadf57c3524b6d9d5103
cache-control
public, max-age=5
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 23 May 2020 06:25:55 GMT
fs.js
/js
1 KB
760 B
Script
General
Full URL
https://secured-dot-p7q8y6t5.uc.r.appspot.com/js/fs.js
Requested by
Host: secured-dot-p7q8y6t5.uc.r.appspot.com
URL: https://secured-dot-p7q8y6t5.uc.r.appspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ca06cc86362548d949921dec1eb8c62696b3710d9654c81699b83e9060fe74b3

Request headers

Referer
https://secured-dot-p7q8y6t5.uc.r.appspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:25:50 GMT
content-encoding
gzip
server
Google Frontend
etag
"niyZvw"
content-type
application/javascript
status
200
x-cloud-trace-context
3e99ecc9006093fd3f4ce0007227a4fb
cache-control
public, max-age=5
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 23 May 2020 06:25:55 GMT
mybenefits-new.png
/js/added
5 KB
5 KB
Image
General
Full URL
https://secured-dot-p7q8y6t5.uc.r.appspot.com/js/added/mybenefits-new.png
Requested by
Host: secured-dot-p7q8y6t5.uc.r.appspot.com
URL: https://secured-dot-p7q8y6t5.uc.r.appspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d488104f0bdb8ee82ed277bf7a4c87c940981b3ed3956aac1b45e41cd0ffd10a

Request headers

Referer
https://secured-dot-p7q8y6t5.uc.r.appspot.com/js/added/11-mybenefits-sns.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 23 May 2020 06:25:50 GMT
server
Google Frontend
etag
"niyZvw"
content-type
image/png
status
200
x-cloud-trace-context
3e99ecc9006093fd3f4ce0007227a4fb
cache-control
public, max-age=5
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 23 May 2020 06:25:55 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://secured-dot-p7q8y6t5.uc.r.appspot.com/
  • https://secured-dot-p7q8y6t5.uc.r.appspot.com/

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan - Score: 100

Categories:
phishing

Tags:
phishing

Phishing against: AOL (Online)

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| snslp_aligntoelement function| cleanupchromejs function| isEmpty function| modifyCreateAccountLink boolean| cookieEnabled undefined| layer function| RetVal function| User function| LoginVal function| QtnIdVal function| prereqchecks function| setCookie function| trimString function| stripOffAOLDomains function| handleUrl function| xstooltip_findPosX function| xstooltip_findPosY function| clearLbl function| checkLbl function| clearPwdLbl function| checkPwdLbl function| selectRange function| includeJsFile function| AsqVal function| asqReset function| checkAsqChange function| valAsqCreate function| valAsqCreateNew function| valAsqChange function| valAsqAnswers function| snsCheckAsq function| validateAsq function| snsCheckSecurID function| validateSecureID function| snscheckregimagtext function| valRegImageText function| getObject function| playAudio function| refreshImage function| valOIDForm function| setOpenID function| populateUrl function| showBubbleText function| hideBubbleText function| AuthUtil function| Tab function| UI object| uiArr object| btnArr object| AOLAliasDivs function| getById function| getStyle function| isAOLAlias function| getAuthTabWidth function| getAuthTabFilePrefix function| showTab2 function| createTabList function| attachAuthEvents function| showTab function| showTabs function| showContent function| showAOLAliasTab function| showOidTabs function| showFirstTabs function| createTabList2 function| showTab2Set function| show2Tab function| showAOLAliasTab2 function| showTabsSet function| attachAuthEvents2 function| showTabSet function| checkOIDFormSubmission function| GetWidth function| GetHeight function| authPopupLogin function| validateTab object| lgnEl object| pwdEl string| si3Class boolean| noPh number| ie function| setFocus boolean| isIE boolean| isWin boolean| isOpera boolean| isSafari function| ControlVersion function| GetSwfVer function| DetectFlashVer function| AC_AddExtension function| AC_Generateobj function| AC_FL_RunContent function| AC_GetArgs number| requiredMajorVersion number| requiredMinorVersion number| requiredRevision boolean| hasProductInstall boolean| hasRequestedVersion function| getFlashDPCookie function| getCookie function| thisMovie number| versionStr

1 Cookies

Domain/Path Name / Value
secured-dot-p7q8y6t5.uc.r.appspot.com/ Name:
Value: testcookie