urlscan.io logo urlscan.io
SecurityTrails logo

accounts.googleaccount.us.com Open in urlscan Pro
206.189.215.52  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://accounts.googleaccount.us.com/ServiceLogin?passive=1209600&continue=https://docs.google.com/&followup=https://docs.google.com/...
Submission Tags: @phishunt_io
Submission: On December 19 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 206.189.215.52, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is accounts.googleaccount.us.com.
TLS certificate: Issued by R3 on December 18th 2020. Valid for: 3 months.
This is the only time accounts.googleaccount.us.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

IP Address AS Autonomous System
16 206.189.215.52 14061 (DIGITALOC...)
16 2
Domain Requested by
8 fonts.googleaccount.us.com accounts.googleaccount.us.com
3 ssl.googleaccount.us.com
2 play.googleaccount.us.com
2 accounts.googleaccount.us.com accounts.googleaccount.us.com
1 accounts-yt.googleaccount.us.com
16 5

This site contains links to these domains. Also see Links.

Domain
support.googleaccount.us.com
Subject Issuer Validity Valid
wwww.googleaccount.us.com
R3		 2020-12-18 -
2021-03-18		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://accounts.googleaccount.us.com/ServiceLogin?passive=1209600&continue=https://docs.google.com/&followup=https://docs.google.com/&emr=1
Frame ID: AC7D42B3AE8C2C9F2BB927AFF3DD176A
Requests: 15 HTTP requests in this frame

Frame: https://accounts-yt.googleaccount.us.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.googleaccount.us.com&v=-1029148081&timestamp=1608379594444
Frame ID: FD84DE08E08DA570E7B9DA412DDBAF36
Requests: 1 HTTP requests in this frame

Frame: https://accounts.googleaccount.us.com/_/bscframe
Frame ID: 24BAA860531151FB55E6AF3A77284FFD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

5
Subdomains

2
IPs

1
Countries

1747 kB
Transfer

1736 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set ServiceLogin
accounts.googleaccount.us.com/ 		2 MB
2 MB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.googleaccount.us.com/ServiceLogin?passive=1209600&continue=https://docs.google.com/&followup=https://docs.google.com/&emr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
GSE /
Resource Hash
e2d77e386aa4859825ee03b0739b161dd8339247e3dde24161003febe312f040

Request headers

Host
accounts.googleaccount.us.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
close
Content-Type
text/html; charset=utf-8
Date
Sat, 19 Dec 2020 12:06:31 GMT
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Pragma
no-cache
Server
GSE
Set-Cookie
__Host-GAPS=1:iq4ZWUqM8pQn16jXgFS_vYy6_kKOgg:hFMQlswM1us8gI2G; Path=/; HttpOnly lGBK=9efc01cb8c1efcd57bde1cfb102f40a816d7d52ca01a311a8427ada010bbd0bf; Path=/; Domain=googleaccount.us.com; Expires=Sat, 19 Dec 2020 13:06:31 GMT; Max-Age=3600
Transfer-Encoding
chunked
X-Auto-Login
realm=com.google&args=continue%3Dhttps%253A%252F%252Fdocs.google.com%252F
truncated
/ 		267 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.googleaccount.us.com/s/googlesans/v14/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleaccount.us.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
Requested by
Host: accounts.googleaccount.us.com
URL: https://accounts.googleaccount.us.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
sffe /
Resource Hash
1e1c37812116c45a81199ac9302cf3bb1fa9ef9199d9d8e7a0887dd526dc039a

Request headers

Origin
https://accounts.googleaccount.us.com
Referer
https://accounts.googleaccount.us.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Dec 2020 07:10:58 GMT
Last-Modified
Mon, 22 Apr 2019 23:42:59 GMT
Server
sffe
Age
276936
Transfer-Encoding
chunked
Content-Type
font/woff2
Access-Control-Allow-Origin
https://accounts.googleaccount.us.com
Cache-Control
public, max-age=31536000
Access-Control-Allow-Credentials
true
Connection
close
Accept-Ranges
bytes
Timing-Allow-Origin
*
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires
Thu, 16 Dec 2021 07:10:58 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.googleaccount.us.com/s/roboto/v18/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleaccount.us.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: accounts.googleaccount.us.com
URL: https://accounts.googleaccount.us.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Request headers

Origin
https://accounts.googleaccount.us.com
Referer
https://accounts.googleaccount.us.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Dec 2020 12:42:54 GMT
Last-Modified
Mon, 16 Oct 2017 17:32:51 GMT
Server
sffe
Age
84220
Transfer-Encoding
chunked
Content-Type
font/woff2
Access-Control-Allow-Origin
https://accounts.googleaccount.us.com
Cache-Control
public, max-age=31536000
Access-Control-Allow-Credentials
true
Connection
close
Accept-Ranges
bytes
Timing-Allow-Origin
*
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires
Sat, 18 Dec 2021 12:42:54 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.googleaccount.us.com/s/roboto/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleaccount.us.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: accounts.googleaccount.us.com
URL: https://accounts.googleaccount.us.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
sffe /
Resource Hash
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188

Request headers

Origin
https://accounts.googleaccount.us.com
Referer
https://accounts.googleaccount.us.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 07:54:35 GMT
Last-Modified
Mon, 16 Oct 2017 17:32:55 GMT
Server
sffe
Age
187919
Transfer-Encoding
chunked
Content-Type
font/woff2
Access-Control-Allow-Origin
https://accounts.googleaccount.us.com
Cache-Control
public, max-age=31536000
Access-Control-Allow-Credentials
true
Connection
close
Accept-Ranges
bytes
Timing-Allow-Origin
*
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires
Fri, 17 Dec 2021 07:54:35 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.googleaccount.us.com/s/googlesans/v14/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleaccount.us.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
Requested by
Host: accounts.googleaccount.us.com
URL: https://accounts.googleaccount.us.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
sffe /
Resource Hash
ca8a090651c62cbe8c24c6e99ce3c75a2aeac745159675da0f35a3249b2d4733

Request headers

Origin
https://accounts.googleaccount.us.com
Referer
https://accounts.googleaccount.us.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Dec 2020 09:48:41 GMT
Last-Modified
Mon, 22 Apr 2019 23:43:00 GMT
Server
sffe
Age
94673
Transfer-Encoding
chunked
Content-Type
font/woff2
Access-Control-Allow-Origin
https://accounts.googleaccount.us.com
Cache-Control
public, max-age=31536000
Access-Control-Allow-Credentials
true
Connection
close
Accept-Ranges
bytes
Timing-Allow-Origin
*
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires
Sat, 18 Dec 2021 09:48:41 GMT
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.googleaccount.us.com/s/roboto/v18/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleaccount.us.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
Requested by
Host: accounts.googleaccount.us.com
URL: https://accounts.googleaccount.us.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
sffe /
Resource Hash
80fa23b4804621ce7f16b5c56d524dd90ea09d792622eeac9adf0ee6317b9e3a

Request headers

Origin
https://accounts.googleaccount.us.com
Referer
https://accounts.googleaccount.us.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 13 Dec 2020 02:14:57 GMT
Last-Modified
Mon, 16 Oct 2017 17:32:59 GMT
Server
sffe
Age
553897
Transfer-Encoding
chunked
Content-Type
font/woff2
Access-Control-Allow-Origin
https://accounts.googleaccount.us.com
Cache-Control
public, max-age=31536000
Access-Control-Allow-Credentials
true
Connection
close
Accept-Ranges
bytes
Timing-Allow-Origin
*
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires
Mon, 13 Dec 2021 02:14:57 GMT
KFOmCnqEu92Fr1Mu4WxKKTU1Kvnz.woff2
fonts.googleaccount.us.com/s/roboto/v18/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleaccount.us.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4WxKKTU1Kvnz.woff2
Requested by
Host: accounts.googleaccount.us.com
URL: https://accounts.googleaccount.us.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
sffe /
Resource Hash
949e287846b0940817e4ea0f65accc4481a46b8733dc12aa0265293a4645c661

Request headers

Origin
https://accounts.googleaccount.us.com
Referer
https://accounts.googleaccount.us.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 16:22:05 GMT
Last-Modified
Mon, 16 Oct 2017 17:32:54 GMT
Server
sffe
Age
157469
Transfer-Encoding
chunked
Content-Type
font/woff2
Access-Control-Allow-Origin
https://accounts.googleaccount.us.com
Cache-Control
public, max-age=31536000
Access-Control-Allow-Credentials
true
Connection
close
Accept-Ranges
bytes
Timing-Allow-Origin
*
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires
Fri, 17 Dec 2021 16:22:05 GMT
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.googleaccount.us.com/s/roboto/v18/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleaccount.us.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
Requested by
Host: accounts.googleaccount.us.com
URL: https://accounts.googleaccount.us.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
sffe /
Resource Hash
41720926981ffb6dc229f06fc0bbf0f43e45ba032d126726ebee481c2a6559e2

Request headers

Origin
https://accounts.googleaccount.us.com
Referer
https://accounts.googleaccount.us.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Dec 2020 09:54:18 GMT
Last-Modified
Mon, 16 Oct 2017 17:32:50 GMT
Server
sffe
Age
94337
Transfer-Encoding
chunked
Content-Type
font/woff2
Access-Control-Allow-Origin
https://accounts.googleaccount.us.com
Cache-Control
public, max-age=31536000
Access-Control-Allow-Credentials
true
Connection
close
Accept-Ranges
bytes
Timing-Allow-Origin
*
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires
Sat, 18 Dec 2021 09:54:18 GMT
m=sym,i5dxUd,RAnnUd,syj,syk,uu7UOe,soHxf
ssl.googleaccount.us.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.foNYy-BrHr4.O/am=LwAAdmADGvAAQIAJAAAAAAAAADCATCjLWPW1wvuX/d=0/ct=zgms/rs=ABkqax0bgAFaPZ_7GA6CxX0qUFGgLwFxQA/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.googleaccount.us.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.foNYy-BrHr4.O/am=LwAAdmADGvAAQIAJAAAAAAAAADCATCjLWPW1wvuX/d=0/ct=zgms/rs=ABkqax0bgAFaPZ_7GA6CxX0qUFGgLwFxQA/m=sym,i5dxUd,RAnnUd,syj,syk,uu7UOe,soHxf
Requested by
Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en.foNYy-BrHr4.O/am=LwAAdmADGvAAQIAJAAAAAAAAADCATCjLWPW1wvuX/d=1/ct=zgms/rs=ABkqax0bgAFaPZ_7GA6CxX0qUFGgLwFxQA/m=glifb,identifier_view,unknownerror_view
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
sffe /
Resource Hash
7e3735df28d29381ee35bc44376e56729bd2c13c4d6a1fb88ba8f895d00266e3

Request headers

Referer
https://accounts.googleaccount.us.com/ServiceLogin?passive=1209600&continue=https://docs.google.com/&followup=https://docs.google.com/&emr=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 17 Dec 2020 16:35:52 GMT
Last-Modified
Sat, 05 Dec 2020 08:45:58 GMT
Server
sffe
Age
156642
Accept-Ranges
bytes
Vary
Accept-Encoding, Origin
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Access-Control-Allow-Credentials
true
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires
Fri, 17 Dec 2021 16:35:52 GMT
CheckConnection
accounts-yt.googleaccount.us.com/accounts/ Frame FD84 		31 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts-yt.googleaccount.us.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.googleaccount.us.com&v=-1029148081&timestamp=1608379594444
Requested by
Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en.foNYy-BrHr4.O/am=LwAAdmADGvAAQIAJAAAAAAAAADCATCjLWPW1wvuX/d=1/ct=zgms/rs=ABkqax0bgAFaPZ_7GA6CxX0qUFGgLwFxQA/m=glifb,identifier_view,unknownerror_view
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
ESF /
Resource Hash
e6a38dcaa073b3b7b1047f5ec003835dcfb67bc88aaaa498c6e4430070b6eab4

Request headers

Host
accounts-yt.googleaccount.us.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://accounts.googleaccount.us.com/ServiceLogin?passive=1209600&continue=https://docs.google.com/&followup=https://docs.google.com/&emr=1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
lGBK=9efc01cb8c1efcd57bde1cfb102f40a816d7d52ca01a311a8427ada010bbd0bf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://accounts.googleaccount.us.com/ServiceLogin?passive=1209600&continue=https://docs.google.com/&followup=https://docs.google.com/&emr=1

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
close
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Sat, 19 Dec 2020 12:06:34 GMT
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Pragma
no-cache
Server
ESF
Transfer-Encoding
chunked
log
play.googleaccount.us.com/ 		131 B
1022 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.googleaccount.us.com/log?format=json&hasfast=true
Requested by
Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en.foNYy-BrHr4.O/am=LwAAdmADGvAAQIAJAAAAAAAAADCATCjLWPW1wvuX/d=1/ct=zgms/rs=ABkqax0bgAFaPZ_7GA6CxX0qUFGgLwFxQA/m=glifb,identifier_view,unknownerror_view
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Request headers

Referer
https://accounts.googleaccount.us.com/signin/v2/identifier?passive=1209600&continue=https%3A%2F%2Fdocs.google.com%2F&followup=https%3A%2F%2Fdocs.google.com%2F&emr=1&flowName=GlifWebSignIn&flowEntry=ServiceLogin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Date
Sat, 19 Dec 2020 12:06:35 GMT
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Server
Playlog
Transfer-Encoding
chunked
P3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
Access-Control-Allow-Origin
https://accounts.googleaccount.us.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
close
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Headers
X-Playlog-Web
Expires
Sat, 19 Dec 2020 12:06:35 GMT
KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
fonts.googleaccount.us.com/s/roboto/v18/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleaccount.us.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
Requested by
Host: accounts.googleaccount.us.com
URL: https://accounts.googleaccount.us.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
sffe /
Resource Hash
a0a893b2ff1c82d49ac0c09ace71cf8178c0830f6a988103c779b6fc12c0da78

Request headers

Origin
https://accounts.googleaccount.us.com
Referer
https://accounts.googleaccount.us.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Dec 2020 12:12:59 GMT
Last-Modified
Mon, 16 Oct 2017 17:32:44 GMT
Server
sffe
Age
86016
Transfer-Encoding
chunked
Content-Type
font/woff2
Access-Control-Allow-Origin
https://accounts.googleaccount.us.com
Cache-Control
public, max-age=31536000
Access-Control-Allow-Credentials
true
Connection
close
Accept-Ranges
bytes
Timing-Allow-Origin
*
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires
Sat, 18 Dec 2021 12:12:59 GMT
m=NpD4ec,SF3gsd,YLQSd,lCVo3d,o02Jie,rHjpXd,pB6Zqd,QLpTOd,oWOlDb,n73qwf,MpJwZc,bIf8i,omf1Od,zbML3c,zy0vNb,K0PMbc,otPmVb,rlNAl
ssl.googleaccount.us.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.foNYy-BrHr4.O/am=LwAAdmADGvAAQIAJAAAAAAAAADCATCjLWPW1wvuX/d=0/ct=zgms/rs=ABkqax0bgAFaPZ_7GA6CxX0qUFGgLwFxQA/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.googleaccount.us.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.foNYy-BrHr4.O/am=LwAAdmADGvAAQIAJAAAAAAAAADCATCjLWPW1wvuX/d=0/ct=zgms/rs=ABkqax0bgAFaPZ_7GA6CxX0qUFGgLwFxQA/m=NpD4ec,SF3gsd,YLQSd,lCVo3d,o02Jie,rHjpXd,pB6Zqd,QLpTOd,oWOlDb,n73qwf,MpJwZc,bIf8i,omf1Od,zbML3c,zy0vNb,K0PMbc,otPmVb,rlNAl
Requested by
Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en.foNYy-BrHr4.O/am=LwAAdmADGvAAQIAJAAAAAAAAADCATCjLWPW1wvuX/d=1/ct=zgms/rs=ABkqax0bgAFaPZ_7GA6CxX0qUFGgLwFxQA/m=glifb,identifier_view,unknownerror_view
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
sffe /
Resource Hash
a7a29ee6816b31b8f3100c8439d5a9b5ad2c78b9c0e67ff3d519a96c6e0c9f85

Request headers

Referer
https://accounts.googleaccount.us.com/signin/v2/identifier?passive=1209600&continue=https%3A%2F%2Fdocs.google.com%2F&followup=https%3A%2F%2Fdocs.google.com%2F&emr=1&flowName=GlifWebSignIn&flowEntry=ServiceLogin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Dec 2020 12:57:41 GMT
Last-Modified
Sat, 05 Dec 2020 08:45:58 GMT
Server
sffe
Age
83334
Accept-Ranges
bytes
Vary
Accept-Encoding, Origin
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Access-Control-Allow-Credentials
true
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires
Sat, 18 Dec 2021 12:57:41 GMT
Cookie set bscframe
accounts.googleaccount.us.com/_/ Frame 24BA 		15 B
876 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.googleaccount.us.com/_/bscframe
Requested by
Host: accounts.googleaccount.us.com
URL: https://accounts.googleaccount.us.com/ServiceLogin?passive=1209600&continue=https://docs.google.com/&followup=https://docs.google.com/&emr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
ESF /
Resource Hash
c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e

Request headers

Host
accounts.googleaccount.us.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://accounts.googleaccount.us.com/signin/v2/identifier?passive=1209600&continue=https%3A%2F%2Fdocs.google.com%2F&followup=https%3A%2F%2Fdocs.google.com%2F&emr=1&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://accounts.googleaccount.us.com/signin/v2/identifier?passive=1209600&continue=https%3A%2F%2Fdocs.google.com%2F&followup=https%3A%2F%2Fdocs.google.com%2F&emr=1&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
close
Content-Type
text/html; charset=utf-8
Date
Sat, 19 Dec 2020 12:06:35 GMT
Expires
Mon, 01 Jan 1990 00:00:00 GMT
P3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
Pragma
no-cache
Server
ESF
Set-Cookie
NID=205=B57iCFw8G6575ikz4qntyTNxSRCnyX-VTnZ18iIFSxQqm3yBdyUwcyjxylGO5FV5ArKVxkEqkFcqhmoHWll5Cilak-F5LfZ_p4jzZxeZaTwOZ2sj2RRbIzYyVY0h82YtFhtsMq_6U-4b5mlPJBaTNvWc5qhDZXDCPUhXKQXFRnc; Path=/; Domain=googleaccount.us.com; HttpOnly; SameSite=None
Transfer-Encoding
chunked
m=sy1a,sy1b,sy1c,sy1e,sy1f,sy2z,pwd_view
ssl.googleaccount.us.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.foNYy-BrHr4.O/am=LwAAdmADGvAAQIAJAAAAAAAAADCATCjLWPW1wvuX/d=0/ct=zgms/rs=ABkqax0bgAFaPZ_7GA6CxX0qUFGgLwFxQA/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.googleaccount.us.com/accounts/static/_/js/k=gaia.gaiafe_glif.en.foNYy-BrHr4.O/am=LwAAdmADGvAAQIAJAAAAAAAAADCATCjLWPW1wvuX/d=0/ct=zgms/rs=ABkqax0bgAFaPZ_7GA6CxX0qUFGgLwFxQA/m=sy1a,sy1b,sy1c,sy1e,sy1f,sy2z,pwd_view
Requested by
Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en.foNYy-BrHr4.O/am=LwAAdmADGvAAQIAJAAAAAAAAADCATCjLWPW1wvuX/d=1/ct=zgms/rs=ABkqax0bgAFaPZ_7GA6CxX0qUFGgLwFxQA/m=glifb,identifier_view,unknownerror_view
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
sffe /
Resource Hash
212ed7f8c305fa6be10c50f9328bb2a76e17333af652c6143243398e1de60820

Request headers

Referer
https://accounts.googleaccount.us.com/signin/v2/identifier?passive=1209600&continue=https%3A%2F%2Fdocs.google.com%2F&followup=https%3A%2F%2Fdocs.google.com%2F&emr=1&flowName=GlifWebSignIn&flowEntry=ServiceLogin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 19 Dec 2020 08:18:20 GMT
Last-Modified
Sat, 05 Dec 2020 08:45:58 GMT
Server
sffe
Age
13696
Accept-Ranges
bytes
Vary
Accept-Encoding, Origin
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Access-Control-Allow-Credentials
true
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Expires
Sun, 19 Dec 2021 08:18:20 GMT
log
play.googleaccount.us.com/ 		131 B
1022 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.googleaccount.us.com/log?format=json&hasfast=true
Requested by
Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en.foNYy-BrHr4.O/am=LwAAdmADGvAAQIAJAAAAAAAAADCATCjLWPW1wvuX/d=1/ct=zgms/rs=ABkqax0bgAFaPZ_7GA6CxX0qUFGgLwFxQA/m=glifb,identifier_view,unknownerror_view
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.215.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Request headers

Referer
https://accounts.googleaccount.us.com/signin/v2/identifier?passive=1209600&continue=https%3A%2F%2Fdocs.google.com%2F&followup=https%3A%2F%2Fdocs.google.com%2F&emr=1&flowName=GlifWebSignIn&flowEntry=ServiceLogin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Date
Sat, 19 Dec 2020 12:06:36 GMT
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Server
Playlog
Transfer-Encoding
chunked
P3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
Access-Control-Allow-Origin
https://accounts.googleaccount.us.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
close
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Headers
X-Playlog-Web
Expires
Sat, 19 Dec 2020 12:06:36 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| myFakeLocation object| WIZ_global_data object| botguard string| viewPathPrefix boolean| cssLoaded object| _G object| postmessage function| _F_getAverageFps function| _DumpException function| _B_err object| closure_lm_248344 function| AF_initDataInitializeCallback function| AF_initDataCallback object| ID_wizbind function| wiz_progress object| AF_initDataKeys object| AF_dataServiceRequests object| AF_initDataChunkQueue function| onSmsReceived function| setSkUiEvent function| setFido2SkUiEvent number| closure_uid_602998879 function| onFetchPhoneNumberInfo boolean| ly11Pc function| onAccountAdd function| nativePrimaryActionHit function| nativeSecondaryActionHit

1 Cookies

Domain/Path Name / Value
accounts-yt.googleaccount.us.com/accounts Name: CheckConnectionTempCookie214
Value: 750809