google.dente91.com Open in urlscan Pro
65.0.180.142 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://google.dente91.com/
Submission: On November 13 via automatic, source certstream-suspicious (November 13th 2020, 3:57:24 am UTC)

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 65.0.180.142, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is google.dente91.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 13th 2020. Valid for: 3 months.

This is the only time google.dente91.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address		AS Autonomous System
6	65.0.180.142 65.0.180.142		16509 (AMAZON-02) (AMAZON-02)
7	2

6 65.0.180.142 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-65-0-180-142.ap-south-1.compute.amazonaws.com

google.dente91.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	dente91.com google.dente91.com	1 MB
7	1

	Domain	Requested by
6	google.dente91.com
7	1

This site contains no links.

Subject Issuer	Validity	Valid
google.dente91.com Let's Encrypt Authority X3	`2020-11-13` - `2021-02-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://google.dente91.com/
Frame ID: AE25BF378D449EFA77337CBAFF4BB733
Requests: 10 HTTP requests in this frame

Frame: https://google.dente91.com/accounts/CheckConnection?pmpo=https%3A%2F%2Fgoogle.dente91.com&v=1955773570&timestamp=1605239828276
Frame ID: 93D40B47E7676C36845B81E8C69E5CC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:^|\s)Python(?:\/([\d.]+))?/i
headers server /Werkzeug\/?([\d\.]+)?/i

Flask (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /Werkzeug\/?([\d\.]+)?/i

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1049 kB
Transfer

1067 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.0	200 OK	Primary Request / Show response google.dente91.com/	1 MB 1 MB	502ms 165ms	Document text/html	65.0.180.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://google.dente91.com/ Protocol HTTP/1.0 Security TLS 1.3, , AES_256_GCM Server 65.0.180.142 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-65-0-180-142.ap-south-1.compute.amazonaws.com Software Werkzeug/1.0.1 Python/3.6.9 / Resource Hash `c11bab53127e9c18425256d554898d1041ded46b7776aef02cabfe1a8c092cdc` Request headers Host google.dente91.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type text/html; charset=utf-8 Content-Length 1071713 Server Werkzeug/1.0.1 Python/3.6.9 Date Fri, 13 Nov 2020 03:57:07 GMT
GET DATA	200 OK	truncated /	267 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml;charset=UTF-8
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e04ecbf6f436807ae99808ff1cf107477e48507c13220dfcfffbdf5bcbb32d72` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	356 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `bbb22484b6ac90a9bcddc4158e5b530c078c475b78ceab0a9873719ec7e87eb9` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	0 0		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Origin https://google.dente91.com Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type font/woff2
GET BLOB	200 OK	5230d3bb-1884-4bb1-84e9-b558cac80a92 https://google.dente91.com/	14 KB 0		Font font/woff2
General Check archive.org Show headers Download Go to Full URL blob:https://google.dente91.com/5230d3bb-1884-4bb1-84e9-b558cac80a92 Requested by Host: google.dente91.com URL: https://google.dente91.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `db44c6b7985f942465865cfe688770803ab464ec35fb9aefaeccc052e9b74b2a` Request headers Origin https://google.dente91.com Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 14600 Content-Type font/woff2
GET H/1.0	404 NOT FOUND	rs=ABkqax1PgqMWHDiqpDYee-DsKLUhe8KNyw Show response google.dente91.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.eTVqNRLH_Ls.O/m=P9M9H/am=ghaAAAAAAAwoEIRgMAMrAtMw/rt=j/d=0/	232 B 393 B	644ms 162ms	XHR text/html	65.0.180.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://google.dente91.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.eTVqNRLH_Ls.O/m=P9M9H/am=ghaAAAAAAAwoEIRgMAMrAtMw/rt=j/d=0/rs=ABkqax1PgqMWHDiqpDYee-DsKLUhe8KNyw Requested by Host: URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en.eTVqNRLH_Ls.O/m=glifb,identifier,unknownerror/am=ghaAAAAAAAwoEIRgMAMrAtMw/rt=j/d=1/rs=ABkqax1PgqMWHDiqpDYee-DsKLUhe8KNyw Protocol HTTP/1.0 Security TLS 1.3, , AES_256_GCM Server 65.0.180.142 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-65-0-180-142.ap-south-1.compute.amazonaws.com Software Werkzeug/1.0.1 Python/3.6.9 / Resource Hash `9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc` Request headers Referer https://google.dente91.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 13 Nov 2020 03:57:08 GMT Server Werkzeug/1.0.1 Python/3.6.9 Content-Length 232 Content-Type text/html; charset=utf-8
GET H/1.0	404 NOT FOUND	CheckConnection Show response google.dente91.com/accounts/ Frame 93D4	232 B 393 B	456ms 162ms	Document text/html	65.0.180.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://google.dente91.com/accounts/CheckConnection?pmpo=https%3A%2F%2Fgoogle.dente91.com&v=1955773570&timestamp=1605239828276 Requested by Host: URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en.eTVqNRLH_Ls.O/m=glifb,identifier,unknownerror/am=ghaAAAAAAAwoEIRgMAMrAtMw/rt=j/d=1/rs=ABkqax1PgqMWHDiqpDYee-DsKLUhe8KNyw Protocol HTTP/1.0 Security TLS 1.3, , AES_256_GCM Server 65.0.180.142 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-65-0-180-142.ap-south-1.compute.amazonaws.com Software Werkzeug/1.0.1 Python/3.6.9 / Resource Hash `9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc` Request headers Host google.dente91.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-origin Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://google.dente91.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://google.dente91.com/ Response headers Content-Type text/html; charset=utf-8 Content-Length 232 Server Werkzeug/1.0.1 Python/3.6.9 Date Fri, 13 Nov 2020 03:57:08 GMT
POST H/1.0	404 NOT FOUND	jserror Show response google.dente91.com/	232 B 393 B	755ms 162ms	XHR text/html	65.0.180.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://google.dente91.com/jserror Requested by Host: URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en.eTVqNRLH_Ls.O/m=glifb,identifier,unknownerror/am=ghaAAAAAAAwoEIRgMAMrAtMw/rt=j/d=1/rs=ABkqax1PgqMWHDiqpDYee-DsKLUhe8KNyw Protocol HTTP/1.0 Security TLS 1.3, , AES_256_GCM Server 65.0.180.142 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-65-0-180-142.ap-south-1.compute.amazonaws.com Software Werkzeug/1.0.1 Python/3.6.9 / Resource Hash `9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc` Request headers Referer https://google.dente91.com/signin/v2/identifier?flowName=GlifWebSignIn&flowEntry=ServiceLogin User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers Date Fri, 13 Nov 2020 03:57:08 GMT Server Werkzeug/1.0.1 Python/3.6.9 Content-Length 232 Content-Type text/html; charset=utf-8
POST H/1.0	404 NOT FOUND	jserror Show response google.dente91.com/	232 B 393 B	915ms 160ms	XHR text/html	65.0.180.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://google.dente91.com/jserror Requested by Host: URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en.eTVqNRLH_Ls.O/m=glifb,identifier,unknownerror/am=ghaAAAAAAAwoEIRgMAMrAtMw/rt=j/d=1/rs=ABkqax1PgqMWHDiqpDYee-DsKLUhe8KNyw Protocol HTTP/1.0 Security TLS 1.3, , AES_256_GCM Server 65.0.180.142 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-65-0-180-142.ap-south-1.compute.amazonaws.com Software Werkzeug/1.0.1 Python/3.6.9 / Resource Hash `9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc` Request headers Referer https://google.dente91.com/signin/v2/identifier?flowName=GlifWebSignIn&flowEntry=ServiceLogin User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers Date Fri, 13 Nov 2020 03:57:09 GMT Server Werkzeug/1.0.1 Python/3.6.9 Content-Length 232 Content-Type text/html; charset=utf-8
GET H/1.0	404 NOT FOUND	rs=ABkqax1PgqMWHDiqpDYee-DsKLUhe8KNyw Show response google.dente91.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.eTVqNRLH_Ls.O/m=P9M9H/am=ghaAAAAAAAwoEIRgMAMrAtMw/rt=j/d=0/	232 B 393 B	480ms 161ms	XHR text/html	65.0.180.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://google.dente91.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.eTVqNRLH_Ls.O/m=P9M9H/am=ghaAAAAAAAwoEIRgMAMrAtMw/rt=j/d=0/rs=ABkqax1PgqMWHDiqpDYee-DsKLUhe8KNyw Requested by Host: URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en.eTVqNRLH_Ls.O/m=glifb,identifier,unknownerror/am=ghaAAAAAAAwoEIRgMAMrAtMw/rt=j/d=1/rs=ABkqax1PgqMWHDiqpDYee-DsKLUhe8KNyw Protocol HTTP/1.0 Security TLS 1.3, , AES_256_GCM Server 65.0.180.142 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-65-0-180-142.ap-south-1.compute.amazonaws.com Software Werkzeug/1.0.1 Python/3.6.9 / Resource Hash `9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc` Request headers Referer https://google.dente91.com/signin/v2/identifier?flowName=GlifWebSignIn&flowEntry=ServiceLogin User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 13 Nov 2020 03:57:14 GMT Server Werkzeug/1.0.1 Python/3.6.9 Content-Length 232 Content-Type text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

google.dente91.com
65.0.180.142
9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc
abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548
bbb22484b6ac90a9bcddc4158e5b530c078c475b78ceab0a9873719ec7e87eb9
c11bab53127e9c18425256d554898d1041ded46b7776aef02cabfe1a8c092cdc
db44c6b7985f942465865cfe688770803ab464ec35fb9aefaeccc052e9b74b2a
e04ecbf6f436807ae99808ff1cf107477e48507c13220dfcfffbdf5bcbb32d72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

google.dente91.com Open in urlscan Pro 65.0.180.142 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

86 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

1049 kBTransfer

1067 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

28 JavaScript Global Variables

0 Cookies

Indicators

google.dente91.com Open in urlscan Pro
65.0.180.142 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1049 kB
Transfer

1067 kB
Size

0
Cookies

7 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!