googlesecurity.center
Open in
urlscan Pro
68.66.248.49
Malicious Activity!
Public Scan
Submission: On November 04 via automatic, source openphish
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 3rd 2020. Valid for: 3 months.
This is the only time googlesecurity.center was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 68.66.248.49 68.66.248.49 | 55293 (A2HOSTING) (A2HOSTING) | |
1 | 95.154.244.106 95.154.244.106 | 20860 (IOMART-AS) (IOMART-AS) | |
8 | 2a00:1450:400... 2a00:1450:4001:815::2003 | 15169 (GOOGLE) (GOOGLE) | |
21 | 4 |
ASN55293 (A2HOSTING, US)
PTR: nl1-ts1.a2hosting.com
googlesecurity.center |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
gstatic.com
fonts.gstatic.com ssl.gstatic.com Failed |
107 KB |
4 |
googlesecurity.center
googlesecurity.center |
461 KB |
1 |
smtpjs.com
smtpjs.com |
942 B |
0 |
google.com
Failed
play.google.com Failed |
|
21 | 4 |
Domain | Requested by | |
---|---|---|
8 | fonts.gstatic.com |
googlesecurity.center
|
4 | googlesecurity.center |
googlesecurity.center
|
1 | smtpjs.com |
googlesecurity.center
|
0 | play.google.com Failed | |
0 | ssl.gstatic.com Failed | |
21 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
support.google.com |
accounts.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
googlesecurity.center ZeroSSL RSA Domain Secure Site CA |
2020-11-03 - 2021-02-01 |
3 months | crt.sh |
smtpjs.com Let's Encrypt Authority X3 |
2020-11-02 - 2021-01-31 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://googlesecurity.center/
Frame ID: 6050FE28680044AEB8A8D6E63769217C
Requests: 21 HTTP requests in this frame
Frame:
https://googlesecurity.center/index_files/bscframe.html
Frame ID: 308F164C22886FF68B60966A0203835C
Requests: 1 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Title: Help
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
googlesecurity.center/ |
2 MB 459 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smtp.js
smtpjs.com/v3/ |
871 B 942 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
bscframe.html
googlesecurity.center/index_files/ Frame 308F |
225 B 408 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
267 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v14/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOmCnqEu92Fr1Mu4WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
m=NpD4ec,SF3gsd,YLQSd,pB6Zqd,o02Jie,rHjpXd,QLpTOd,oWOlDb,n73qwf,MpJwZc,bIf8i,omf1Od,zbML3c,zy0vNb,K0PMbc,otPmVb,rlNAl
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.vTnP5HVGoAA.O/am=f-EDBn5wBBrwA4AA8wAAAAAABAAAA8gTLMtI9Vrp-5cB/d=0/ct=zgms/rs=ABkqax2jTT1R3Sf9Mfz7kumSrt6I1PHMQA/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ |
5 KB 5 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
jserror
googlesecurity.center/ |
707 B 784 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
jserror
googlesecurity.center/ |
707 B 726 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
log
play.google.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
log
play.google.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
log
play.google.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
log
play.google.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
log
play.google.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
m=NpD4ec,SF3gsd,YLQSd,pB6Zqd,o02Jie,rHjpXd,QLpTOd,oWOlDb,n73qwf,MpJwZc,bIf8i,omf1Od,zbML3c,zy0vNb,K0PMbc,otPmVb,rlNAl
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.vTnP5HVGoAA.O/am=f-EDBn5wBBrwA4AA8wAAAAAABAAAA8gTLMtI9Vrp-5cB/d=0/ct=zgms/rs=ABkqax2jTT1R3Sf9Mfz7kumSrt6I1PHMQA/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
log
play.google.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ssl.gstatic.com
- URL
- https://ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.vTnP5HVGoAA.O/am=f-EDBn5wBBrwA4AA8wAAAAAABAAAA8gTLMtI9Vrp-5cB/d=0/ct=zgms/rs=ABkqax2jTT1R3Sf9Mfz7kumSrt6I1PHMQA/m=NpD4ec,SF3gsd,YLQSd,pB6Zqd,o02Jie,rHjpXd,QLpTOd,oWOlDb,n73qwf,MpJwZc,bIf8i,omf1Od,zbML3c,zy0vNb,K0PMbc,otPmVb,rlNAl
- Domain
- play.google.com
- URL
- https://play.google.com/log?format=json&hasfast=true
- Domain
- play.google.com
- URL
- https://play.google.com/log?format=json&hasfast=true
- Domain
- play.google.com
- URL
- https://play.google.com/log?format=json&hasfast=true
- Domain
- play.google.com
- URL
- https://play.google.com/log?format=json&hasfast=true
- Domain
- play.google.com
- URL
- https://play.google.com/log?format=json&hasfast=true
- Domain
- ssl.gstatic.com
- URL
- https://ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.vTnP5HVGoAA.O/am=f-EDBn5wBBrwA4AA8wAAAAAABAAAA8gTLMtI9Vrp-5cB/d=0/ct=zgms/rs=ABkqax2jTT1R3Sf9Mfz7kumSrt6I1PHMQA/m=NpD4ec,SF3gsd,YLQSd,pB6Zqd,o02Jie,rHjpXd,QLpTOd,oWOlDb,n73qwf,MpJwZc,bIf8i,omf1Od,zbML3c,zy0vNb,K0PMbc,otPmVb,rlNAl
- Domain
- play.google.com
- URL
- https://play.google.com/log?format=json&hasfast=true
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| WIZ_global_data object| botguard string| viewPathPrefix boolean| cssLoaded object| _G function| _F_getAverageFps object| postmessage function| _DumpException function| _B_err object| closure_lm_677688 function| AF_initDataInitializeCallback function| AF_initDataCallback object| ID_wizbind function| wiz_progress object| AF_initDataKeys object| AF_dataServiceRequests object| AF_initDataChunkQueue object| Email function| sendEmail boolean| ly11Pc function| onSmsReceived function| setSkUiEvent function| setFido2SkUiEvent number| closure_uid_2461517230 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.gstatic.com
googlesecurity.center
play.google.com
smtpjs.com
ssl.gstatic.com
play.google.com
ssl.gstatic.com
2a00:1450:4001:815::2003
68.66.248.49
95.154.244.106
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
1fd711cb491a361ef91e29c50de0680a4b156c0b34bb91e18570d0037263a776
3d0de4302083efbf87fa332ebea62eec58df1a2680845d8b068c94fbcd1398d4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
9ca415df2c57b1f26947351c66ccfaf99d2f8f01b4b8de019a3ae6f3a9c780c7
abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
cf7cca8892145c4708af199d5ef7ec4926f3bfd61a8d5fa91a42e378d567cfcf
d090a4047a92954a06c1d411213d273696225e8eb2de9e795a04bdec68ced05a
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d