accountsgoogle.se.ke
Open in
urlscan Pro
66.115.171.67
Malicious Activity!
Public Scan
Submission Tags: @phishunt_io
Submission: On April 11 via api from ES
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 11th 2021. Valid for: 3 months.
This is the only time accountsgoogle.se.ke was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 66.115.171.67 66.115.171.67 | 46562 (PERFORMIVE) (PERFORMIVE) | |
7 | 2a00:1450:400... 2a00:1450:4001:80f::2003 | 15169 (GOOGLE) (GOOGLE) | |
14 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
gstatic.com
fonts.gstatic.com ssl.gstatic.com Failed |
83 KB |
5 |
se.ke
accountsgoogle.se.ke |
633 KB |
14 | 2 |
Domain | Requested by | |
---|---|---|
7 | fonts.gstatic.com |
accountsgoogle.se.ke
|
5 | accountsgoogle.se.ke | |
0 | ssl.gstatic.com Failed | |
14 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
support.google.com |
accounts.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
accountsgoogle.utamu.club cPanel, Inc. Certification Authority |
2021-04-11 - 2021-07-10 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://accountsgoogle.se.ke/
Frame ID: A8959A7BA9BC0939028BB08F425D3F91
Requests: 16 HTTP requests in this frame
4 Outgoing links
These are links going to different origins than the main page.
Title: Learn more
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
accountsgoogle.se.ke/ |
1 MB 310 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
356 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
267 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v5/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOmCnqEu92Fr1Mu4WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
m=P9M9H,sy78,sy7c,sy7y,em3j,em3k,sy7q,m5Z1Eb,sy79,sy7a,sy7b,sy7d,sy7w,sy7x,sy7e,sy7f,sy7r,em3w,em3v,em3u,em3t,em3i,em3x,em3l,em3m,em3n,em3o,em3p,em3q,em3r,em3s,YmeC5c
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.NBPZx_gh7No.O/am=AgWAAQAAABRQIYFAEQKE_____tdv-gMAA4VhfAAAgIhCDEAD/rt=j/d=0/rs=ABkqax27JX__4qiOwUfTuSuI76lEGbLeRg/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ |
5 KB 5 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
jserror
accountsgoogle.se.ke/ |
10 KB 4 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
jserror
accountsgoogle.se.ke/ |
10 KB 4 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
jserror
accountsgoogle.se.ke/ |
10 KB 4 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
accountsgoogle.se.ke/ |
1 MB 310 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
m=P9M9H,sy78,sy7c,sy7y,em3j,em3k,sy7q,m5Z1Eb,sy79,sy7a,sy7b,sy7d,sy7w,sy7x,sy7e,sy7f,sy7r,em3w,em3v,em3u,em3t,em3i,em3x,em3l,em3m,em3n,em3o,em3p,em3q,em3r,em3s,YmeC5c
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.NBPZx_gh7No.O/am=AgWAAQAAABRQIYFAEQKE_____tdv-gMAA4VhfAAAgIhCDEAD/rt=j/d=0/rs=ABkqax27JX__4qiOwUfTuSuI76lEGbLeRg/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ssl.gstatic.com
- URL
- https://ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.NBPZx_gh7No.O/am=AgWAAQAAABRQIYFAEQKE_____tdv-gMAA4VhfAAAgIhCDEAD/rt=j/d=0/rs=ABkqax27JX__4qiOwUfTuSuI76lEGbLeRg/m=P9M9H,sy78,sy7c,sy7y,em3j,em3k,sy7q,m5Z1Eb,sy79,sy7a,sy7b,sy7d,sy7w,sy7x,sy7e,sy7f,sy7r,em3w,em3v,em3u,em3t,em3i,em3x,em3l,em3m,em3n,em3o,em3p,em3q,em3r,em3s,YmeC5c
- Domain
- ssl.gstatic.com
- URL
- https://ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.NBPZx_gh7No.O/am=AgWAAQAAABRQIYFAEQKE_____tdv-gMAA4VhfAAAgIhCDEAD/rt=j/d=0/rs=ABkqax27JX__4qiOwUfTuSuI76lEGbLeRg/m=P9M9H,sy78,sy7c,sy7y,em3j,em3k,sy7q,m5Z1Eb,sy79,sy7a,sy7b,sy7d,sy7w,sy7x,sy7e,sy7f,sy7r,em3w,em3v,em3u,em3t,em3i,em3x,em3l,em3m,em3n,em3o,em3p,em3q,em3r,em3s,YmeC5c
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| WIZ_global_data object| botguard string| viewPathPrefix boolean| cssLoaded string| _F_jsUrl object| _G function| _F_getAverageFps object| postmessage function| _DumpException function| _B_err object| closure_lm_530042 function| setDgResult function| AF_initDataInitializeCallback function| AF_initDataCallback object| ID_wizbind function| wiz_progress object| AF_initDataKeys object| AF_dataServiceRequests object| AF_initDataChunkQueue number| closure_uid_2988946330 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accountsgoogle.se.ke
fonts.gstatic.com
ssl.gstatic.com
ssl.gstatic.com
2a00:1450:4001:80f::2003
66.115.171.67
00001d3b9b00d5daf5cfc4e0e9e72db60a51f6928568ec99a635033468083937
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4027897cfc3619f467349f2ea76612eba4747da0c5eee1f049ba27813f4c6428
512262f5ff0c263c849d3702c7ad3098d3589100205c646d9ac6e0c50778fd8d
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
9ca415df2c57b1f26947351c66ccfaf99d2f8f01b4b8de019a3ae6f3a9c780c7
abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548
bbb22484b6ac90a9bcddc4158e5b530c078c475b78ceab0a9873719ec7e87eb9
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d