urlscan.io logo urlscan.io
SecurityTrails logo

housinganywhere.imgix.net Open in urlscan Pro
2a04:4e42:46::720  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://housinganywhere.imgix.net/room/2099996/11a06d8c-f676-4b5c-b1a9-b03300fe1fcf.jpg%3Fixlib=react-9.2.0&auto=format&w=490&h=30...
Submission: On January 10 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 7 HTTP transactions. The main IP is 2a04:4e42:46::720, located in United States and belongs to FASTLY, US. The main domain is housinganywhere.imgix.net.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on December 7th 2023. Valid for: a year.
This is the only time housinganywhere.imgix.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

IP Address AS Autonomous System
1 2a04:4e42:46:... 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
7 4
Apex Domain
Subdomains		 Transfer
5 google.com
accounts.google.com — Cisco Umbrella Rank: 65
5 KB
1 gstatic.com
ssl.gstatic.com
4 KB
1 imgix.net
housinganywhere.imgix.net
107 KB
7 3
Domain Requested by
5 accounts.google.com housinganywhere.imgix.net
1 ssl.gstatic.com housinganywhere.imgix.net
1 housinganywhere.imgix.net
7 3

This site contains links to these domains. Also see Links.

Domain
accounts.google.com
support.google.com
Subject Issuer Validity Valid
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-12-07 -
2025-01-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://housinganywhere.imgix.net/room/2099996/11a06d8c-f676-4b5c-b1a9-b03300fe1fcf.jpg%3Fixlib=react-9.2.0&auto=format&w=490&h=300&dpr=1&q=75/
Frame ID: D21F200283888BEADFA3565AC4924A21
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.com/_/bscframe
Frame ID: 634466AC641A96BC9EFDC728A908CBAB
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/_/bscframe
Frame ID: 8509145BDE7D35DC0E872F17DAC6173F
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/_/bscframe
Frame ID: 9229F9D711F762EBEDFE9F0FCA2D1A48
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/_/bscframe
Frame ID: 9FE5C69D144E329336140C48C5E29943
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/_/bscframe
Frame ID: 4E408E1DE657EF2A9177CBADA349DB60
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in - Google Accounts

Page Statistics

7
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

115 kB
Transfer

624 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
housinganywhere.imgix.net/room/2099996/11a06d8c-f676-4b5c-b1a9-b03300fe1fcf.jpg%3Fixlib=react-9.2.0&auto=format&w=490&h=300&dpr=1&q=75/ 		613 KB
107 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://housinganywhere.imgix.net/room/2099996/11a06d8c-f676-4b5c-b1a9-b03300fe1fcf.jpg%3Fixlib=react-9.2.0&auto=format&w=490&h=300&dpr=1&q=75/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:46::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
098e81b6f64d511415c82a44ae6e64d6aff9bfa46691f651d4d269e493e99252
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
public, max-age=300
content-encoding
gzip
content-length
109041
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 17:10:14 GMT
last-modified
Tue, 10 Oct 2023 13:37:22 GMT
server
Google Frontend
timing-allow-origin
*
vary
Accept-Encoding
x-cache
MISS, MISS
x-content-type-options
nosniff
x-imgix-id
7f466d7eab1669860dec6dabf280348e6743d2a3
x-imgix-render-farm
02.139816
x-served-by
cache-sjc10048-SJC, cache-lga21935-LGA
googlelogo_color_74x24dp.png
ssl.gstatic.com/images/branding/googlelogo/2x/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/images/branding/googlelogo/2x/googlelogo_color_74x24dp.png
Requested by
Host: housinganywhere.imgix.net
URL: https://housinganywhere.imgix.net/room/2099996/11a06d8c-f676-4b5c-b1a9-b03300fe1fcf.jpg%3Fixlib=react-9.2.0&auto=format&w=490&h=300&dpr=1&q=75/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28b6edd1e2bebc00c9d9f9aaf6bf2b37dfab3ebb600f7eeedc8eb30915d793ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://housinganywhere.imgix.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 11:56:23 GMT
x-content-type-options
nosniff
age
18831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3240
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 09 Jan 2025 11:56:23 GMT
bscframe
accounts.google.com/_/ Frame 6344 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/bscframe
Requested by
Host: housinganywhere.imgix.net
URL: https://housinganywhere.imgix.net/room/2099996/11a06d8c-f676-4b5c-b1a9-b03300fe1fcf.jpg%3Fixlib=react-9.2.0&auto=format&w=490&h=300&dpr=1&q=75/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::54 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9d96782c90c461a2cfae4477fe5b9831876b1e7aa134db567598348032d2836c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://housinganywhere.imgix.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="AccountsSignInSignUpUi"
date
Wed, 10 Jan 2024 17:10:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"AccountsSignInSignUpUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInSignUpUi"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a88c103245471928655f8cc20e9e87b3b6eb7607d47df736b7f296891dac66d2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
bscframe
accounts.google.com/_/ Frame 8509 		2 KB
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/bscframe
Requested by
Host: housinganywhere.imgix.net
URL: https://housinganywhere.imgix.net/room/2099996/11a06d8c-f676-4b5c-b1a9-b03300fe1fcf.jpg%3Fixlib=react-9.2.0&auto=format&w=490&h=300&dpr=1&q=75/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::54 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b9e4bea01913ee1adaa1d90303e8bb298052f630be43f9439c55ffc26543930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://housinganywhere.imgix.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="AccountsSignInSignUpUi"
date
Wed, 10 Jan 2024 17:10:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"AccountsSignInSignUpUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInSignUpUi"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
bscframe
accounts.google.com/_/ Frame 9229 		2 KB
836 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/bscframe
Requested by
Host: housinganywhere.imgix.net
URL: https://housinganywhere.imgix.net/room/2099996/11a06d8c-f676-4b5c-b1a9-b03300fe1fcf.jpg%3Fixlib=react-9.2.0&auto=format&w=490&h=300&dpr=1&q=75/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::54 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9193dbcf8c74bc6eb07dbbe3ad7bbb017261764e8b3b6d22100726619915cf06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://housinganywhere.imgix.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="AccountsSignInSignUpUi"
date
Wed, 10 Jan 2024 17:10:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"AccountsSignInSignUpUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInSignUpUi"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
bscframe
accounts.google.com/_/ Frame 9FE5 		2 KB
835 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/bscframe
Requested by
Host: housinganywhere.imgix.net
URL: https://housinganywhere.imgix.net/room/2099996/11a06d8c-f676-4b5c-b1a9-b03300fe1fcf.jpg%3Fixlib=react-9.2.0&auto=format&w=490&h=300&dpr=1&q=75/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::54 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f0ca198340951ee052a2d7a44890e77ea875f887aa7c448773a9c44385851bf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://housinganywhere.imgix.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="AccountsSignInSignUpUi"
date
Wed, 10 Jan 2024 17:10:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"AccountsSignInSignUpUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInSignUpUi"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
bscframe
accounts.google.com/_/ Frame 4E40 		2 KB
834 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/bscframe
Requested by
Host: housinganywhere.imgix.net
URL: https://housinganywhere.imgix.net/room/2099996/11a06d8c-f676-4b5c-b1a9-b03300fe1fcf.jpg%3Fixlib=react-9.2.0&auto=format&w=490&h=300&dpr=1&q=75/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::54 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf43954b31ada82fd957db9cf51df396dc1472552ca2dec9b4ffe333ef3a7270
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://housinganywhere.imgix.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="AccountsSignInSignUpUi"
date
Wed, 10 Jan 2024 17:10:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"AccountsSignInSignUpUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInSignUpUi"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| botguard

0 Cookies

5 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/_/bscframe
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/_/bscframe
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/_/bscframe
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/_/bscframe
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/_/bscframe
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff