accounts.synchronizing.googlemail.www2.vectorstrategies.com
Open in
urlscan Pro
192.185.143.194
Malicious Activity!
Public Scan
Submission: On December 30 via automatic, source openphish
Summary
This is the only time accounts.synchronizing.googlemail.www2.vectorstrategies.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 192.185.143.194 192.185.143.194 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer) | |
5 | 34.207.33.232 34.207.33.232 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:818::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 | 2a00:1450:400... 2a00:1450:4001:819::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 | 2a00:1450:400... 2a00:1450:4001:817::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
19 | 10 |
ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: 192-185-143-194.unifiedlayer.com
accounts.synchronizing.googlemail.www2.vectorstrategies.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-207-33-232.compute-1.amazonaws.com
clonezone.link |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com |
ASN15169 (GOOGLE - Google LLC, US)
ssl.gstatic.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net | |
staticxx.facebook.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com |
ASN15169 (GOOGLE - Google LLC, US)
accounts.youtube.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
gstatic.com
www.gstatic.com ssl.gstatic.com fonts.gstatic.com |
39 KB |
5 |
clonezone.link
clonezone.link |
9 KB |
2 |
facebook.com
staticxx.facebook.com www.facebook.com |
|
2 |
facebook.net
connect.facebook.net |
59 KB |
1 |
youtube.com
accounts.youtube.com |
|
1 |
google.com
www.google.com |
6 KB |
1 |
vectorstrategies.com
accounts.synchronizing.googlemail.www2.vectorstrategies.com |
129 KB |
19 | 7 |
Domain | Requested by | |
---|---|---|
5 | clonezone.link |
accounts.synchronizing.googlemail.www2.vectorstrategies.com
|
4 | ssl.gstatic.com |
accounts.synchronizing.googlemail.www2.vectorstrategies.com
|
2 | fonts.gstatic.com |
accounts.synchronizing.googlemail.www2.vectorstrategies.com
|
2 | connect.facebook.net |
accounts.synchronizing.googlemail.www2.vectorstrategies.com
connect.facebook.net |
1 | www.facebook.com |
connect.facebook.net
|
1 | staticxx.facebook.com |
connect.facebook.net
|
1 | accounts.youtube.com |
accounts.synchronizing.googlemail.www2.vectorstrategies.com
|
1 | www.gstatic.com |
accounts.synchronizing.googlemail.www2.vectorstrategies.com
|
1 | www.google.com |
accounts.synchronizing.googlemail.www2.vectorstrategies.com
|
1 | accounts.synchronizing.googlemail.www2.vectorstrategies.com | |
19 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
support.google.com |
www.google.com |
accounts.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.google.com GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-12-06 - 2020-03-05 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
http://accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Frame ID: 522409ED18B71981A6BEB7DB1072FD87
Requests: 18 HTTP requests in this frame
Frame:
https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=260739858×tamp=1577664704371
Frame ID: 24393D5CF3B88BA5ED350BED70F10D60
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: C93EBFAB9E9DC17F2ADDD79340A3E26C
Requests: 1 HTTP requests in this frame
11 Outgoing links
These are links going to different origins than the main page.
Title: Learn more
Search URL Search Domain Scan URL
Title: Need help?
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: Create an account
Search URL Search Domain Scan URL
Title: Sign in with a different account
Search URL Search Domain Scan URL
Title: Create account
Search URL Search Domain Scan URL
Title: About Google
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
accounts.synchronizing.googlemail.www2.vectorstrategies.com/ |
388 KB 129 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cz-footer.css
clonezone.link/editor/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
medium-editor.css
clonezone.link/editor/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.css
clonezone.link/editor/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
medium-editor-insert-plugin.min.css
clonezone.link/editor/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
clonezone.link/editor/css/ |
13 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jsapi
www.google.com/ |
26 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow_back_grey600_24dp.png
www.gstatic.com/images/icons/material/system/1x/ |
115 B 220 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
universal_language_settings-21.png
ssl.gstatic.com/images/icons/ui/common/ |
199 B 320 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googlelogo_color_112x36dp.png
ssl.gstatic.com/images/branding/googlelogo/1x/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar_2x.png
ssl.gstatic.com/accounts/ui/ |
626 B 725 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
284 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wlogostrip_230x17_1x.png
ssl.gstatic.com/accounts/ui/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CheckConnection
accounts.youtube.com/accounts/ Frame 2439 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
connect.facebook.net/en_US/ |
190 KB 57 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xd_arbiter.php
staticxx.facebook.com/connect/ Frame C93E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)423 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate number| googleLT_ object| google object| ca function| google_exportSymbol function| google_exportProperty function| postToFeed function| fbAsyncInit function| gaia_attachEvent object| G function| Gb function| Ga object| Gc function| Gf function| Gg function| Gh function| Gd function| Ge function| Gi function| Gj function| Gl function| Gk object| Gm object| Gn function| Go function| Gp object| Gq object| Gr object| Gs object| Gt function| Gu function| Gv function| Gw function| Gx function| G_checkConnectionMain function| G_setPostMessageSupportFlag object| __CHECK_CONNECTION_CONFIG object| botguard function| gaia_parseFragment function| gaia_prefillEmail object| hashParams function| gaia_scrollToElement function| onMessage function| gaia_onChromeLoginSubmit object| PS_a object| PS_aa object| PS_b function| PS_c function| PS_ba function| PS_d function| PS_e function| PS_ca function| PS_f function| PS_g function| PS_da function| PS_ea string| PS_fa number| PS_ga function| PS_ha function| PS_ia function| PS_h function| PS_ja function| PS_i function| PS_j function| PS_k function| PS_l function| PS_ka function| PS_la undefined| PS_ma function| PS_na function| PS_oa function| PS_wa object| PS_qa object| PS_ra object| PS_sa object| PS_ta object| PS_ua object| PS_va object| PS_pa function| PS_ya function| PS_xa function| PS_za function| PS_Aa function| PS_Ba function| PS_Ca function| PS_m function| PS_n function| PS_Da function| PS_Ea function| PS_Fa function| PS_Ha function| PS_Ga function| PS_Ia object| PS_o function| PS_Ja function| PS_p function| PS_Ka function| PS_La function| PS_Ma function| PS_Oa function| PS_Pa function| PS_Qa function| PS_Ra function| PS_Sa object| PS_Ta function| PS_Ua string| PS_q object| PS_Va string| PS_Wa function| PS_ function| PS_Xa function| PS_Ya function| PS_Za boolean| PS_r boolean| PS_s boolean| PS__a boolean| PS_t boolean| PS_u boolean| PS_0a boolean| PS_1a function| PS_2a function| PS_3a string| PS_4a object| PS_5a function| PS_v object| PS_6a undefined| PS_w boolean| PS_7a boolean| PS_8a boolean| PS_9a function| PS_x function| PS_$a object| PS_ab string| PS_bb function| PS_cb number| PS_db function| PS_eb function| PS_fb function| PS_gb function| PS_ib function| PS_jb function| PS_hb string| PS_kb object| PS_lb number| PS_mb function| PS_nb function| PS_qb function| PS_sb function| PS_vb function| PS_wb function| PS_xb function| PS_tb function| PS_zb function| PS_yb function| PS_ub function| PS_rb string| PS_Ab function| PS_ob function| PS_Bb function| PS_Cb function| PS_y function| PS_Db function| PS_Eb function| PS_Fb function| PS_z function| PS_A function| PS_Gb function| PS_pb function| PS_B function| PS_Ib function| PS_Hb function| PS_Jb function| PS_C function| PS_D function| PS_Kb function| PS_Lb function| PS_Mb function| PS_Nb function| PS_Ob function| PS_E boolean| PS_Pb boolean| PS_Qb boolean| PS_Rb boolean| PS_Sb boolean| PS_Tb boolean| PS_Ub boolean| PS_Vb function| PS_Wb object| PS_Xb function| PS_F function| PS_Zb object| PS_Yb function| PS__b function| PS_G object| PS_0b function| PS_1b object| PS_2b object| PS_3b function| PS_H function| PS_5b object| PS_6b function| PS_7b object| PS_4b function| PS_9b function| PS_$b object| PS_8b function| PS_ac function| PS_I function| PS_J function| PS_cc object| PS_dc object| PS_ec object| PS_fc function| PS_hc function| PS_ic object| PS_bc function| PS_K function| PS_gc object| PS_jc function| PS_L function| PS_kc function| PS_M boolean| PS_lc function| PS_O function| PS_nc function| PS_P function| PS_pc function| PS_qc function| PS_oc function| PS_sc object| PS_rc function| PS_vc function| PS_tc function| PS_wc function| PS_uc function| PS_xc function| PS_yc function| PS_zc function| PS_Ac function| PS_N function| PS_Bc function| PS_Cc function| PS_mc function| PS_Dc object| PS_Ec function| PS_Fc function| PS_Q function| PS_Hc function| PS_Gc function| PS_R function| PS_S object| PS_Ic function| PS_T function| PS_Jc function| PS_Kc function| PS_Lc object| PS_Mc function| PS_Nc function| PS_Oc function| PS_Pc function| PS_Qc function| PS_Rc number| PS_Sc function| PS_Tc function| PS_Uc object| PS_Vc object| PS_Wc object| PS_Xc function| PS_Yc object| PS_Zc object| PS__c function| PS_0c function| PS_U object| PS_1c function| PS_3c boolean| PS_2c function| PS_4c function| PS_6c object| PS_7c function| PS_8c function| PS_9c function| PS_5c function| PS_V object| PS_$c object| PS_ad object| PS_bd object| PS_cd object| PS_dd function| PS_fd function| PS_ed function| PS_id function| PS_Na function| PS_gd function| PS_kd function| PS_ld function| PS_jd function| PS_hd function| PS_md function| PS_nd function| PS_W function| PS_od function| PS_pd function| PS_X function| PS_Y function| PS_Z object| PS_rd function| PS_qd function| PS__ function| PS_0 function| PS_td function| PS_ud function| PS_vd function| PS_xd function| PS_wd function| PS_zd function| PS_Ad function| PS_yd function| PS_sd function| PS_Cd function| PS_Bd function| PS_Dd function| PS_Ed function| PS_1 function| PS_Fd function| PS_Gd function| PS_Hd object| PS_Id function| PS_Jd object| PS_Kd function| PS_Ld string| PS_Md function| PS_Nd function| PS_Od function| PS_Pd function| PS_Qd function| PS_Rd function| PS_Sd function| PS_Td function| PS_Ud function| PS_Vd object| PS_Wd object| PS_Xd function| PS_Yd function| PS_Zd object| PS__d object| PS_0d function| PS_2 function| PS_3 function| PS_1d function| PS_3d function| PS_2d function| PS_4d function| PS_4 function| PS_5d function| PS_6d function| PS_7d function| PS_8d function| PS_9d function| PS_$d function| PS_be function| PS_de function| PS_ae function| PS_ce function| PS_5 function| PS_ee function| PS_je object| PS_ke function| PS_ie object| PS_he object| PS_fe object| PS_ge function| PS_le function| PS_me function| PS_ne function| PS_oe function| PS_pe function| PS_qe function| PS_8 function| PS_ue boolean| PS_6 function| PS_ve function| PS_7 function| PS_xe function| PS_Ae function| PS_se function| PS_te function| PS_ze function| PS_ye object| PS_we number| PS_re function| PS_Be object| PS_Ce function| PS_De function| PS_Ee function| PS_9 object| PS_Fe object| PS_$ string| PS_Ge function| PS_He function| PS_Ke function| PS_Le function| PS_Me function| PS_Re function| PS_Qe function| PS_Se function| PS_Pe function| PS_Ne function| PS_Je function| PS_Oe function| PS_Ie object| gaia object| closure_memoize_cache_ object| closure_lm_457047 object| passwordSeparationPage function| gaia_onLoginSubmit object| FB string| cz_body string| cz_head string| cz_url string| cz_bodyClass string| cz_htmlClass string| cz_htmlXMLNS0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.synchronizing.googlemail.www2.vectorstrategies.com
accounts.youtube.com
clonezone.link
connect.facebook.net
fonts.gstatic.com
ssl.gstatic.com
staticxx.facebook.com
www.facebook.com
www.google.com
www.gstatic.com
192.185.143.194
2a00:1450:4001:816::2004
2a00:1450:4001:817::2003
2a00:1450:4001:818::2003
2a00:1450:4001:819::2003
2a00:1450:4001:821::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.207.33.232
05cdc120325f04f53e3ec7dbba877500d94db5a47e38fb6a2cc96fa3d1d7664c
12e80c6a9f38d27ad957a3981114d4afa9ab2a6885128b9a3329cb98c3b5827b
1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2
21c7180c568bf115a0784629a8e5575103007f66ab2b964ab1d7f3290f5ab370
26368fc5017ca5f4ac1b5fc9f1cd7ec1f08df70f3bc9ced353329a06a0201ac2
3827a62e7b54b21bbcdb7b565f8aee1437bd4bbfde762d6d29dd3714e2969c62
3f5aeae6c6ef3afa10681c4216eabc616547959e7808bfa32abeb6e4dc3f0641
47807b15963d2a8aeb40b72578cd491190d28a585c9281247aa610ba9debe108
59404af2d92c53ad1ee9e21b252c07c77dcba810b248a79d6ae989b1ff63c7d6
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
8f72a3e53db4da1102fed76a21568765d7a19343ad4a8d2e4264b91000cda7f6
9ecd5e18216a965021f794cc1fd255767f8437ce1dd6c6c2ff4ceea7ccc0073d
b0551963a7672580c538c79d64ede3172bd28664f393fa4cb133fb355b1d6bee
b5947aa3719e0df61673b36c79cab86d7a1d2461ad6526a8d8c38899c032b987
cdcc6d6dcda827a694dce8bfa9a1ab41113b629ef1cc11f886866af9194c81d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc6e1e44fce24fcda33dfd0e0a05a77004b3cd1d81018e9616d6e4145145d0b9