urlscan.io logo urlscan.io
SecurityTrails logo

googl-e.secured-login.net Open in urlscan Pro
54.86.39.20  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gmail.net-login.com/XcmVujaXBpZWN50X2lkPTZMzMzgzeZOTAyzMyZjYW1wRYWdlnbl9ydW5faWQ9MTA5IMjE0MCZhY3Rpb249Y2xpY2smdXJsPW...
Effective URL: https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
Submission: On January 29 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 11 HTTP transactions. The main IP is 54.86.39.20, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is googl-e.secured-login.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 31st 2016. Valid for: 3 years.
This is the only time googl-e.secured-login.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 54.173.63.222 14618 (AMAZON-AES)
4 54.86.39.20 14618 (AMAZON-AES)
4 172.217.22.35 15169 (GOOGLE)
2 172.217.16.163 15169 (GOOGLE)
11 4
1    54.173.63.222 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-173-63-222.compute-1.amazonaws.com
gmail.net-login.com
4    54.86.39.20 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-86-39-20.compute-1.amazonaws.com
googl-e.secured-login.net
4    172.217.22.35 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f35.1e100.net
ssl.gstatic.com
2    172.217.16.163 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f163.1e100.net
fonts.gstatic.com
Domain Requested by
4 ssl.gstatic.com googl-e.secured-login.net
4 googl-e.secured-login.net googl-e.secured-login.net
2 fonts.gstatic.com googl-e.secured-login.net
1 gmail.net-login.com 1 redirects
0 ajax.googleapis.com Failed googl-e.secured-login.net
11 5

This site contains no links.

Subject Issuer Validity Valid
knowbe4.com
Go Daddy Secure Certificate Authority - G2		 2016-03-31 -
2019-02-25		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
Frame ID: (610A2BD6938051D15F420DD65D24DDD7)
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://gmail.net-login.com/XcmVujaXBpZWN50X2lkPTZMzMzgzeZOTAyzMyZjYW1wRYWdlnbl9ydW5faWQ9MTA5IMjE0MCZhY3... HTTP 302
    https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^Highcharts$/i
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
  • env /^Modernizr$/i
Overall confidence: 100%
Detected patterns
  • env /^moment$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

11
Requests

36 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

928 kB
Transfer

3518 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gmail.net-login.com/XcmVujaXBpZWN50X2lkPTZMzMzgzeZOTAyzMyZjYW1wRYWdlnbl9ydW5faWQ9MTA5IMjE0MCZhY3Rpb249Y2xpY2smdXJsPWh0dHBzOi8vZ29vZ2wtZS5zZWN1cmVkLWxvZ2luLm5ldC9wYWdlcy81OWVhMzM5ZTYxY2M= HTTP 302
    https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 59ea339e61cc
googl-e.secured-login.net/pages/
Redirect Chain
  • http://gmail.net-login.com/XcmVujaXBpZWN50X2lkPTZMzMzgzeZOTAyzMyZjYW1wRYWdlnbl9ydW5faWQ9MTA5IMjE0MCZhY3Rpb249Y2xpY2smdXJsPWh0dHBzOi8vZ29vZ2wtZS5zZWN1cmVkLWxvZ2luLm5ldC9wYWdlcy81OWVhMzM5ZTYxY2M=
  • https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
26 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.39.20 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-39-20.compute-1.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
b3ff4c24d14a680dacb3b393e59ea5f16b79a38e5a8f9500dd46f9e96ea8fd08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
accept-encoding
gzip, deflate
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
:authority
googl-e.secured-login.net
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-runtime
0.023595
date
Mon, 29 Jan 2018 16:27:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.4.6 (Ubuntu)
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
status
200 200 OK
cache-control
max-age=0, private, must-revalidate
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
8f80cf42-3693-4134-9bc8-e8e6cff26896

Redirect headers

X-Runtime
0.033333
Date
Mon, 29 Jan 2018 16:27:33 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.4.6 (Ubuntu)
Status
302 Found
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Location
https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
afaf2c1c-0759-4cd1-bdc2-93d5a4ba2b18
application-1038ec4180cfacc81f87b7231d99ef9771e78050f16949e01bc1ac2ad9b37a98.js
googl-e.secured-login.net/assets/ 		3 MB
858 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googl-e.secured-login.net/assets/application-1038ec4180cfacc81f87b7231d99ef9771e78050f16949e01bc1ac2ad9b37a98.js
Requested by
Host: googl-e.secured-login.net
URL: https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.39.20 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-39-20.compute-1.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
1038ec4180cfacc81f87b7231d99ef9771e78050f16949e01bc1ac2ad9b37a98

Request headers

:path
/assets/application-1038ec4180cfacc81f87b7231d99ef9771e78050f16949e01bc1ac2ad9b37a98.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
googl-e.secured-login.net
referer
https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
:scheme
https
:method
GET
Referer
https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 29 Jan 2018 16:27:33 GMT
content-encoding
gzip
last-modified
Thu, 25 Jan 2018 19:53:59 GMT
server
nginx/1.4.6 (Ubuntu)
etag
"5a6a35d7-d6315"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=315360000 public
content-length
877333
expires
Thu, 31 Dec 2037 23:55:55 GMT
modernizr-654222debe8018b12f1993ceddff30dc163a7d5008d79869c399d6d167321f97.js
googl-e.secured-login.net/assets/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googl-e.secured-login.net/assets/modernizr-654222debe8018b12f1993ceddff30dc163a7d5008d79869c399d6d167321f97.js
Requested by
Host: googl-e.secured-login.net
URL: https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.39.20 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-39-20.compute-1.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
654222debe8018b12f1993ceddff30dc163a7d5008d79869c399d6d167321f97

Request headers

:path
/assets/modernizr-654222debe8018b12f1993ceddff30dc163a7d5008d79869c399d6d167321f97.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
googl-e.secured-login.net
referer
https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
:scheme
https
:method
GET
Referer
https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 29 Jan 2018 16:27:33 GMT
content-encoding
gzip
last-modified
Thu, 25 Jan 2018 19:53:59 GMT
server
nginx/1.4.6 (Ubuntu)
etag
"5a6a35d7-3d69"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=315360000 public
content-length
15721
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_2x.png
ssl.gstatic.com/accounts/ui/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/accounts/ui/logo_2x.png
Requested by
Host: googl-e.secured-login.net
URL: https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
Protocol
SPDY
Server
172.217.22.35 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f35.1e100.net
Software
sffe /
Resource Hash
749ecb257b4dabd6c2d346578fcbe63a96bf94c1f2366496409296167f03b7a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 17 Jan 2018 21:55:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
1017110
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
5274
x-xss-protection
1; mode=block
expires
Thu, 17 Jan 2019 21:55:43 GMT
avatar_2x.png
ssl.gstatic.com/accounts/ui/ 		626 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/accounts/ui/avatar_2x.png
Requested by
Host: googl-e.secured-login.net
URL: https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
Protocol
SPDY
Server
172.217.22.35 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f35.1e100.net
Software
sffe /
Resource Hash
cdcc6d6dcda827a694dce8bfa9a1ab41113b629ef1cc11f886866af9194c81d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Tue, 12 Dec 2017 05:01:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
4188353
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
626
x-xss-protection
1; mode=block
expires
Wed, 12 Dec 2018 05:01:40 GMT
logo_strip_2x.png
ssl.gstatic.com/accounts/ui/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/accounts/ui/logo_strip_2x.png
Requested by
Host: googl-e.secured-login.net
URL: https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
Protocol
SPDY
Server
172.217.22.35 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f35.1e100.net
Software
sffe /
Resource Hash
b2d3305551055e5d28aea38f218ee6ff6006afb8c80cc4f206a206bcb758df7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 08 Dec 2017 20:46:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
4477257
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
10297
x-xss-protection
1; mode=block
expires
Sat, 08 Dec 2018 20:46:36 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1/ 		0
0
DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v10/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: googl-e.secured-login.net
URL: https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
Protocol
SPDY
Server
172.217.16.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f163.1e100.net
Software
sffe /
Resource Hash
30427ab021a9d28d0f9724a8565c2463ee5a3938417dd0750d58ab79ac07cf12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
Origin
https://googl-e.secured-login.net

Response headers

date
Wed, 17 Jan 2018 19:45:51 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:08:10 GMT
server
sffe
age
1024903
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
16212
x-xss-protection
1; mode=block
expires
Thu, 17 Jan 2019 19:45:51 GMT
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v10/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: googl-e.secured-login.net
URL: https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
Protocol
SPDY
Server
172.217.16.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f163.1e100.net
Software
sffe /
Resource Hash
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
Origin
https://googl-e.secured-login.net

Response headers

date
Mon, 11 Dec 2017 01:50:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:06:58 GMT
server
sffe
age
4286227
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
15556
x-xss-protection
1; mode=block
expires
Tue, 11 Dec 2018 01:50:27 GMT
checkmark.png
ssl.gstatic.com/ui/v1/menu/ 		239 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/ui/v1/menu/checkmark.png
Requested by
Host: googl-e.secured-login.net
URL: https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
Protocol
SPDY
Server
172.217.22.35 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f35.1e100.net
Software
sffe /
Resource Hash
2210e36b5b21e54cd4dc2ccdcc06138db8598d704ebf19052e5caa84edb4a675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Tue, 12 Dec 2017 05:01:49 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
4188345
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
239
x-xss-protection
1; mode=block
expires
Wed, 12 Dec 2018 05:01:49 GMT
plugins
googl-e.secured-login.net/pages/ 		59 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googl-e.secured-login.net/pages/plugins
Requested by
Host: googl-e.secured-login.net
URL: https://googl-e.secured-login.net/assets/application-1038ec4180cfacc81f87b7231d99ef9771e78050f16949e01bc1ac2ad9b37a98.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.39.20 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-86-39-20.compute-1.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
e28d501ceaa19f352749f967f76b2bf257caff3f45797bf00dca1d66f808a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/pages/plugins
pragma
no-cache
origin
https://googl-e.secured-login.net
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
googl-e.secured-login.net
x-requested-with
XMLHttpRequest
:scheme
https
referer
https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
content-length
94
:method
POST
Accept
*/*
Referer
https://googl-e.secured-login.net/pages/59ea339e61cc?crid=333839023&crun=1092140&dom=gmail.net-login.com
Origin
https://googl-e.secured-login.net
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-runtime
0.011089
date
Mon, 29 Jan 2018 16:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.4.6 (Ubuntu)
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
status
200 200 OK
cache-control
max-age=0, private, must-revalidate
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
dbd8b437-8dc9-4956-818a-5e9b06a8ca72

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ajax.googleapis.com
URL
http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| RunTimeData function| RunTimeApi function| RunTimeApi_Initialize function| RunTimeApi_Terminate function| RunTimeApi_GetValue function| RunTimeApi_SetValue function| RunTimeApi_Commit function| RunTimeApi_GetLastError function| RunTimeApi_GetErrorString function| RunTimeApi_GetDiagnostic function| RunTimeApi_CloseOutSession function| updateQueryStringParameter function| getParam function| colSort function| ES6Promise function| $ function| jQuery object| jQuery112404819069734033883 function| Retina function| RetinaImagePath function| RetinaImage object| Select2 object| Highcharts function| Color function| Chart object| Chartkick function| proj4 function| SimpleWidget object| Tree object| Utils object| asap_questionaire function| AsapStoreViewer object| Routes function| moment function| _ object| ProgressBar object| html5 object| Modernizr object| asap object| kb4

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block