www.gmailmsg.com
Open in
urlscan Pro
54.154.75.86
Public Scan
Submission: On June 16 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on April 13th 2023. Valid for: a year.
This is the only time www.gmailmsg.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 54.154.75.86 54.154.75.86 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 192.0.66.2 192.0.66.2 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
7 | 2 |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-75-86.eu-west-1.compute.amazonaws.com
www.gmailmsg.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
go-vip.co
sophos-phish-threat.go-vip.co |
111 KB |
1 |
gmailmsg.com
www.gmailmsg.com |
2 KB |
7 | 2 |
Domain | Requested by | |
---|---|---|
6 | sophos-phish-threat.go-vip.co |
www.gmailmsg.com
sophos-phish-threat.go-vip.co |
1 | www.gmailmsg.com | |
7 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.sophos.com |
staysafe.sophos.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
gmailmsg.com Amazon RSA 2048 M01 |
2023-04-13 - 2024-05-04 |
a year | crt.sh |
*.go-vip.co Sectigo RSA Domain Validation Secure Server CA |
2022-10-26 - 2023-11-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.gmailmsg.com/signin?t=eyJhbGciOiJIUzI1NiJ9.eyJ0cmFja2luZ190b2tlbiI6IjJkMGEyM2U3LWVkOGUtNDg2ZS1hZjFiLTQwYmM5MTBlZWZhMyIsImNlbGwiOiJodHRwczovL3V0MHA3amg4NGUuZXhlY3V0ZS1hcGkuZXUtY2VudHJhbC0xLmFtYXpvbmF3cy5jb20vcHJvZC9hcGkvcGhpc2hpbmdjYW1wYWlnbiIsImNhbXBhaWduX3Rva2VuIjoiNmQ0NGI0NTEtOTczZC00NWY1LWE0NGItNjkwOWY0OTcyNGVjIiwidGVzdF90b2tlbiI6ZmFsc2UsImV4dGVybmFsX3RyYWluaW5nIjpmYWxzZSwiaWF0IjoxNjg2ODM1MjkyLCJpc3MiOiJodHRwczovL2FwcC5waGlzaHRocmVhdC5jb20iLCJleHAiOjE2OTQ2MTEyOTJ9.iW3Hlq_0GG_vdd7VzAgqow2dXh_2cbaIZToRsEzbtxQ
Frame ID: 2A665690BB9FEF41FA3CC4167EDF68B1
Requests: 7 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Title: Sophos
Search URL Search Domain Scan URL
Title: Go to training
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
signin
www.gmailmsg.com/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
master.min.css
sophos-phish-threat.go-vip.co/_static/wp-content/themes/phishthreat/assets/css/ |
88 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sophos-logo.png
sophos-phish-threat.go-vip.co/_static/wp-content/themes/phishthreat/assets/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
secondary-logo.png
sophos-phish-threat.go-vip.co/_static/wp-content/themes/phishthreat/assets/images/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flama-book-webfont.ttf
sophos-phish-threat.go-vip.co/_static/wp-content/themes/phishthreat/assets/fonts/ |
50 KB 26 KB |
Font
application/font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flama-light-webfont.ttf
sophos-phish-threat.go-vip.co/_static/wp-content/themes/phishthreat/assets/fonts/ |
50 KB 26 KB |
Font
application/font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flama-medium-webfont.ttf
sophos-phish-threat.go-vip.co/_static/wp-content/themes/phishthreat/assets/fonts/ |
51 KB 26 KB |
Font
application/font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.gmailmsg.com/wp-content/plugins | Name: wordpress_sec_756c12a83cfbec080e0017373d6ae55f Value: 2d0a23e7-ed8e-486e-af1b-40bc910eefa3%7C1687064613%7C6SorTLj7ApdNxiPrkCfTdGM80XH75ij3lLFz42J0KX2%7Cb2df494d79f64bf6a23297f151adeb1b5519e917a26faca8b1251dca009410c4 |
|
www.gmailmsg.com/wp-admin | Name: wordpress_sec_756c12a83cfbec080e0017373d6ae55f Value: 2d0a23e7-ed8e-486e-af1b-40bc910eefa3%7C1687064613%7C6SorTLj7ApdNxiPrkCfTdGM80XH75ij3lLFz42J0KX2%7Cb2df494d79f64bf6a23297f151adeb1b5519e917a26faca8b1251dca009410c4 |
|
www.gmailmsg.com/ | Name: wordpress_logged_in_756c12a83cfbec080e0017373d6ae55f Value: 2d0a23e7-ed8e-486e-af1b-40bc910eefa3%7C1687064613%7C6SorTLj7ApdNxiPrkCfTdGM80XH75ij3lLFz42J0KX2%7Cf4494b8090596bb2fca699af2daa62d13b4ab30ee3241dcb0ec8ac832c6485b4 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sophos-phish-threat.go-vip.co
www.gmailmsg.com
192.0.66.2
54.154.75.86
1eee700208fddc9dbea7fd453e8a1dbaca020a9c0dedb43f985f3fd1ddcbda2d
26c9591f379c4d5f7901ae9ae5f022d6818a7b6d0cbd39bc5a175247af768293
5940cb8b477258b23e3d3e2136f22ec12ff9d26964e54e81a4d4582ceb032169
8a4007fcbdbb05010eeb3b8401048e2c6aef424ff851d25c8409ffe08eb6f526
d088c5e7ccc85feda2e2f398f4188c8c49f6c0178e75e2e758f9a9c4e3fddff0
ec341c00863f513a04b66db10c2180649ab00b68275db6dcd7abdf6bd780b947
f1dd8f33178fc66764414b4552521f686c8c37dec7f8ffe0b255a66e1a81b246