www.googledrivelogin.ga
Open in
urlscan Pro
172.96.184.175
Malicious Activity!
Public Scan
Submission: On July 12 via manual from IT
Summary
This is the only time www.googledrivelogin.ga was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: GDrive and other (Online)Live information
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 172.96.184.175 172.96.184.175 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC) | |
1 | 2606:4700::68... 2606:4700::6813:c697 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 205.185.208.52 205.185.208.52 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
21 | 4 |
ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: 172.96.184.175-static.reverse.arandomserver.com
www.googledrivelogin.ga |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ajax.aspnetcdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
googledrivelogin.ga
www.googledrivelogin.ga |
355 KB |
1 |
aspnetcdn.com
ajax.aspnetcdn.com |
7 KB |
1 |
jquery.com
code.jquery.com |
33 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
28 KB |
21 | 4 |
Domain | Requested by | |
---|---|---|
18 | www.googledrivelogin.ga |
www.googledrivelogin.ga
|
1 | ajax.aspnetcdn.com |
www.googledrivelogin.ga
|
1 | code.jquery.com |
www.googledrivelogin.ga
|
1 | cdnjs.cloudflare.com |
www.googledrivelogin.ga
|
21 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh | |
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-03-02 - 2019-09-08 |
6 months | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
*.vo.msecnd.net Microsoft IT TLS CA 2 |
2018-03-30 - 2020-03-30 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/
Frame ID: 1EF0478A55BB18B871E856AAF139FDF6
Requests: 21 HTTP requests in this frame
Screenshot
Detected technologies
LiteSpeed (Web Servers) ExpandDetected patterns
- headers server /^LiteSpeed$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
medialog.css
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homestyle.css
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ Redirect Chain
|
82 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.2.min.js
code.jquery.com/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home_gl.png
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/imgs/ |
46 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home_yl.png
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/imgs/ |
60 KB 60 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home_hm.png
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/imgs/ |
45 KB 45 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home_al.png
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/imgs/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homes.png
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/imgs/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ddsclickreader.js
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/js/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.13.1/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
selectddsclickreader.js
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/js/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ashegradient.jpg
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/css/ |
142 KB 142 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
G.drive-logo.png
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/css/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cdrive.png
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/css/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ymll.png
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/imgs/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
live_outlook.png
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/imgs/ |
517 B 809 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
al.png
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/imgs/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
email.png
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/imgs/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gmll.png
www.googledrivelogin.ga/GdocsPage/8202fx4/userfile/imgs/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: GDrive and other (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.aspnetcdn.com
cdnjs.cloudflare.com
code.jquery.com
www.googledrivelogin.ga
152.199.19.160
172.96.184.175
205.185.208.52
2606:4700::6813:c697
09033b69c786f7f3ef6c5c85971766374edd62826922178514216ea4e3470962
0b6c1e1b33c085efad5bdc32654ec90b4ddc934eb1c1aca71a439ff89867f468
0e95cbf733f41b43a1e2716643ad7ea8cd5fdfcb2eee2d038f4618c579bcaff7
1b5fe12e21a9d8ff78e007ecf9fa5a819947dc3e6ba7a0ca4951760d1c006adf
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
28c7b34056e30c4c048b4da0a046e908e191ebacae47fb5e3565bcdd38b3d4df
2d969aa754b1b8717f07de58438f7f80b10b1d931abb6bb5a9630f3e965bcaf0
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
337e2e7a9fffa8ba0b0b7390018f987e2ca76381bca23bce91e523f5e49d5a9c
42c0ead27ac740b9d5c103b43d4052db5bfb21e678998430312a1cb084b84a52
66a23bceffcbcb36561811aa1a926d18a278aa80ffafa741a5dba9710d94c705
7334619d2b7beaba69be47379d041972c78a93c312bfe2d6e7bc7363bdbf2184
73b1ce58fa539aab1d6d1424607c5ff60fc5e2f2c0becd3a776f7f4f8f3664b0
9934fa5988c2156dd616e080f4dd535da3c4a8c714f543f3f7bad6df7db992db
9d428a9c0ca5aa434a6a2d039c88f6bba4ac5a8e62a0966de364ae7dd8461d5e
c7b07a0440ecfbd1f32110a6a5c7e92ecfe0200a65ba5fdd5660a98cf2294c09
cd6e0be4018603bfaf716f7bf578c8a17228b0038681227057dd58c81a1a76ad
e4757bc21666bb69019864c33f1a8cea703ce0611feae33dd6a37f4d18f3d84d
f1dc1ccfbf85cb17014e6aa8bf3a30e228facf5617377d402d8d8496d3c60f89
fa1039d53048689f8353d87b3b7f7fc76e1eccf3483433d1631bc6bc602825cc
fe20c8e0becadb7cca8baff387ef47456631b7f72d5674f72ed416a224b7a3e4