urlscan.io logo urlscan.io
SecurityTrails logo

www.accounts.synchronizing.googlemail.www2.vectorstrategies.com Open in urlscan Pro
192.185.143.194  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Submission: On May 14 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 19 HTTP transactions. The main IP is 192.185.143.194, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.accounts.synchronizing.googlemail.www2.vectorstrategies.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 13th 2020. Valid for: 3 months.
This is the only time www.accounts.synchronizing.googlemail.www2.vectorstrategies.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

1    192.185.143.194 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-143-194.unifiedlayer.com
www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
1    2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
ssl.gstatic.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.youtube.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
4 ssl.gstatic.com www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
2 fonts.gstatic.com www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
2 connect.facebook.net www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
connect.facebook.net
2 www.gstatic.com www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
1 www.facebook.com connect.facebook.net
1 accounts.youtube.com www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
1 www.google.com 1 redirects
1 www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
0 clonezone.link Failed www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
19 9

This site contains links to these domains. Also see Links.

Domain
support.google.com
www.google.com
accounts.google.com
Subject Issuer Validity Valid
www2.vectorstrategies.com
Let's Encrypt Authority X3		 2020-03-13 -
2020-06-11		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-04-15 -
2020-07-14		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Frame ID: 8FFF89833410E5735E17F6649A40F8EF
Requests: 19 HTTP requests in this frame

Frame: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=260739858&timestamp=1589473178615
Frame ID: 0843A7B7254DA3CDA773D139D72E2B74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

19
Requests

68 %
HTTPS

86 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

297 kB
Transfer

862 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.google.com/jsapi HTTP 302
  • https://www.gstatic.com/charts/loader.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/ 		388 KB
130 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.143.194 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-143-194.unifiedlayer.com
Software
Apache /
Resource Hash
b0551963a7672580c538c79d64ede3172bd28664f393fa4cb133fb355b1d6bee

Request headers

:method
GET
:authority
www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 14 May 2020 16:19:38 GMT
server
Apache
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
loader.js
www.gstatic.com/charts/
Redirect Chain
  • https://www.google.com/jsapi
  • https://www.gstatic.com/charts/loader.js
44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
URL: https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91fbf0e6ca037cebb7810655e5df3a323d468da71986ac4d3297da7f8697159f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 16:16:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
207
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13769
x-xss-protection
0
last-modified
Mon, 11 May 2020 19:42:45 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 14 May 2020 17:16:11 GMT

Redirect headers

date
Thu, 14 May 2020 16:19:38 GMT
x-content-type-options
nosniff
server
sffe
status
302
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/charts/loader.js
cache-control
private
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
arrow_back_grey600_24dp.png
www.gstatic.com/images/icons/material/system/1x/ 		115 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/1x/arrow_back_grey600_24dp.png
Requested by
Host: www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
URL: https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21c7180c568bf115a0784629a8e5575103007f66ab2b964ab1d7f3290f5ab370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 06:28:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2541055
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
expires
Thu, 15 Apr 2021 06:28:43 GMT
universal_language_settings-21.png
ssl.gstatic.com/images/icons/ui/common/ 		199 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png
Requested by
Host: www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
URL: https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59404af2d92c53ad1ee9e21b252c07c77dcba810b248a79d6ae989b1ff63c7d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 11 Apr 2020 09:46:50 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
2874768
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
expires
Sun, 11 Apr 2021 09:46:50 GMT
cz-footer.css
clonezone.link/editor/css/ 		0
0
cz-footer.css
clonezone.link/editor/css/ 		0
0
medium-editor.css
clonezone.link/editor/css/ 		0
0
default.css
clonezone.link/editor/css/ 		0
0
medium-editor-insert-plugin.min.css
clonezone.link/editor/css/ 		0
0
style.css
clonezone.link/editor/css/ 		0
0
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
URL: https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c913c321e315c8f1279a62f6faf3a57b3160d14e4b4375fba5fc472a1ca2705d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
tG0qtDENGtnyrbLIe+WzNA==
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
1779
etag
"12e1f924c86055a9001ac5160ffd6cc4"
x-fb-debug
w9XwRs54sTtT//YL55zm5KAWoOEb7qbY1bo9Cu2Ueisb+aolDW96TnBjdG1cZ7N+PYxIQXXIVpas9+D9cDOjJQ==
x-fb-trip-id
780166575
x-fb-content-md5
a5faad5a43e56f745e544eb4243c9eb8
x-frame-options
DENY
date
Thu, 14 May 2020 16:19:38 GMT, Thu, 14 May 2020 16:19:38 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 May 2020 16:22:35 GMT
googlelogo_color_112x36dp.png
ssl.gstatic.com/images/branding/googlelogo/1x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png
Requested by
Host: www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
URL: https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ecd5e18216a965021f794cc1fd255767f8437ce1dd6c6c2ff4ceea7ccc0073d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2FManageAccount&followup=https%3A%2F%2Faccounts.google.com%2FManageAccount
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 13 Apr 2020 13:25:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2688838
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2449
x-xss-protection
0
expires
Tue, 13 Apr 2021 13:25:40 GMT
avatar_2x.png
ssl.gstatic.com/accounts/ui/ 		626 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/accounts/ui/avatar_2x.png
Requested by
Host: www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
URL: https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc6d6dcda827a694dce8bfa9a1ab41113b629ef1cc11f886866af9194c81d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2FManageAccount&followup=https%3A%2F%2Faccounts.google.com%2FManageAccount
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 04:21:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
2548689
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
626
x-xss-protection
0
expires
Thu, 15 Apr 2021 04:21:29 GMT
truncated
/ 		284 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc6e1e44fce24fcda33dfd0e0a05a77004b3cd1d81018e9616d6e4145145d0b9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
wlogostrip_230x17_1x.png
ssl.gstatic.com/accounts/ui/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png
Requested by
Host: www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
URL: https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05cdc120325f04f53e3ec7dbba877500d94db5a47e38fb6a2cc96fa3d1d7664c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2FManageAccount&followup=https%3A%2F%2Faccounts.google.com%2FManageAccount
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 05:25:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
2544860
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4285
x-xss-protection
0
expires
Thu, 15 Apr 2021 05:25:18 GMT
DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v13/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
URL: https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2FManageAccount&followup=https%3A%2F%2Faccounts.google.com%2FManageAccount
Origin
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com

Response headers

date
Sat, 11 Apr 2020 13:54:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2015 23:46:44 GMT
server
sffe
age
2859891
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16152
x-xss-protection
0
expires
Sun, 11 Apr 2021 13:54:47 GMT
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
URL: https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2FManageAccount&followup=https%3A%2F%2Faccounts.google.com%2FManageAccount
Origin
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com

Response headers

date
Fri, 10 Apr 2020 01:42:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2015 23:46:39 GMT
server
sffe
age
2990249
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15572
x-xss-protection
0
expires
Sat, 10 Apr 2021 01:42:09 GMT
CheckConnection
accounts.youtube.com/accounts/ Frame 0843 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=260739858&timestamp=1589473178615
Requested by
Host: www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
URL: https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ayLe9qvhtc1ERaYJzCnR6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self' script-src 'nonce-ayLe9qvhtc1ERaYJzCnR6Q' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;frame-ancestors https://accounts.google.com
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://accounts.google.com
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.youtube.com
:scheme
https
:path
/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=260739858&timestamp=1589473178615
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/

Response headers

status
200
content-type
text/html; charset=utf-8
x-frame-options
ALLOW-FROM https://accounts.google.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 14 May 2020 16:19:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-ayLe9qvhtc1ERaYJzCnR6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self' script-src 'nonce-ayLe9qvhtc1ERaYJzCnR6Q' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;frame-ancestors https://accounts.google.com
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
all.js
connect.facebook.net/en_US/ 		388 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=da452ef22a41e64cadb50742c93594ba&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
81c1cebeb338e6688955fc046c16070113370905c2bd57600602306f52aef286
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Origin
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ZwDcjKsIDTh7eYnIL3UjsQ==
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
114862
etag
"1a6b34ea407c2dbcec29c672fa127064"
x-fb-debug
2c9yUnqVPoPq5s7wKyflr5cdZBS585LXBs7Ea1SuwJUqOk9Ugll2qErwNgGYS0Xbe7WdO64zgcVxNwhXcij0YA==
x-fb-trip-id
780166575
x-fb-content-md5
f2ba22c3904edd6db7c26b63dabacbc7
x-frame-options
DENY
date
Thu, 14 May 2020 16:19:38 GMT, Thu, 14 May 2020 16:19:38 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Fri, 14 May 2021 16:02:35 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=887307771310758&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.accounts.synchronizing.googlemail.www2.vectorstrategies.com%2F%23identifier&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=da452ef22a41e64cadb50742c93594ba&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
v47V07LBzF0VZGwfg48+mPqnpmt+MTPGu42Pg6do6mJwu4C/24KvpvRBKIB4ipQ2o0+ztprxEE4bW2/X5PfeNg==
fb-s
unknown
status
200
date
Thu, 14 May 2020 16:19:38 GMT, Thu, 14 May 2020 16:19:38 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
clonezone.link
URL
http://clonezone.link/editor/css/cz-footer.css
Domain
clonezone.link
URL
http://clonezone.link/editor/css/cz-footer.css
Domain
clonezone.link
URL
http://clonezone.link/editor/css/medium-editor.css
Domain
clonezone.link
URL
http://clonezone.link/editor/css/default.css
Domain
clonezone.link
URL
http://clonezone.link/editor/css/medium-editor-insert-plugin.min.css
Domain
clonezone.link
URL
http://clonezone.link/editor/css/style.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

419 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google function| postToFeed function| fbAsyncInit function| gaia_attachEvent object| G function| Gb function| Ga object| Gc function| Gf function| Gg function| Gh function| Gd function| Ge function| Gi function| Gj function| Gl function| Gk object| Gm object| Gn function| Go function| Gp object| Gq object| Gr object| Gs object| Gt function| Gu function| Gv function| Gw function| Gx function| G_checkConnectionMain function| G_setPostMessageSupportFlag object| __CHECK_CONNECTION_CONFIG object| botguard function| gaia_parseFragment function| gaia_prefillEmail object| hashParams function| gaia_scrollToElement function| onMessage function| gaia_onChromeLoginSubmit object| FB object| PS_a object| PS_aa object| PS_b function| PS_c function| PS_ba function| PS_d function| PS_e function| PS_ca function| PS_f function| PS_g function| PS_da function| PS_ea string| PS_fa number| PS_ga function| PS_ha function| PS_ia function| PS_h function| PS_ja function| PS_i function| PS_j function| PS_k function| PS_l function| PS_ka function| PS_la undefined| PS_ma function| PS_na function| PS_oa function| PS_wa object| PS_qa object| PS_ra object| PS_sa object| PS_ta object| PS_ua object| PS_va object| PS_pa function| PS_ya function| PS_xa function| PS_za function| PS_Aa function| PS_Ba function| PS_Ca function| PS_m function| PS_n function| PS_Da function| PS_Ea function| PS_Fa function| PS_Ha function| PS_Ga function| PS_Ia object| PS_o function| PS_Ja function| PS_p function| PS_Ka function| PS_La function| PS_Ma function| PS_Oa function| PS_Pa function| PS_Qa function| PS_Ra function| PS_Sa object| PS_Ta function| PS_Ua string| PS_q object| PS_Va string| PS_Wa function| PS_ function| PS_Xa function| PS_Ya function| PS_Za boolean| PS_r boolean| PS_s boolean| PS__a boolean| PS_t boolean| PS_u boolean| PS_0a boolean| PS_1a function| PS_2a function| PS_3a string| PS_4a object| PS_5a function| PS_v object| PS_6a undefined| PS_w boolean| PS_7a boolean| PS_8a boolean| PS_9a function| PS_x function| PS_$a object| PS_ab string| PS_bb function| PS_cb number| PS_db function| PS_eb function| PS_fb function| PS_gb function| PS_ib function| PS_jb function| PS_hb string| PS_kb object| PS_lb number| PS_mb function| PS_nb function| PS_qb function| PS_sb function| PS_vb function| PS_wb function| PS_xb function| PS_tb function| PS_zb function| PS_yb function| PS_ub function| PS_rb string| PS_Ab function| PS_ob function| PS_Bb function| PS_Cb function| PS_y function| PS_Db function| PS_Eb function| PS_Fb function| PS_z function| PS_A function| PS_Gb function| PS_pb function| PS_B function| PS_Ib function| PS_Hb function| PS_Jb function| PS_C function| PS_D function| PS_Kb function| PS_Lb function| PS_Mb function| PS_Nb function| PS_Ob function| PS_E boolean| PS_Pb boolean| PS_Qb boolean| PS_Rb boolean| PS_Sb boolean| PS_Tb boolean| PS_Ub boolean| PS_Vb function| PS_Wb object| PS_Xb function| PS_F function| PS_Zb object| PS_Yb function| PS__b function| PS_G object| PS_0b function| PS_1b object| PS_2b object| PS_3b function| PS_H function| PS_5b object| PS_6b function| PS_7b object| PS_4b function| PS_9b function| PS_$b object| PS_8b function| PS_ac function| PS_I function| PS_J function| PS_cc object| PS_dc object| PS_ec object| PS_fc function| PS_hc function| PS_ic object| PS_bc function| PS_K function| PS_gc object| PS_jc function| PS_L function| PS_kc function| PS_M boolean| PS_lc function| PS_O function| PS_nc function| PS_P function| PS_pc function| PS_qc function| PS_oc function| PS_sc object| PS_rc function| PS_vc function| PS_tc function| PS_wc function| PS_uc function| PS_xc function| PS_yc function| PS_zc function| PS_Ac function| PS_N function| PS_Bc function| PS_Cc function| PS_mc function| PS_Dc object| PS_Ec function| PS_Fc function| PS_Q function| PS_Hc function| PS_Gc function| PS_R function| PS_S object| PS_Ic function| PS_T function| PS_Jc function| PS_Kc function| PS_Lc object| PS_Mc function| PS_Nc function| PS_Oc function| PS_Pc function| PS_Qc function| PS_Rc number| PS_Sc function| PS_Tc function| PS_Uc object| PS_Vc object| PS_Wc object| PS_Xc function| PS_Yc object| PS_Zc object| PS__c function| PS_0c function| PS_U object| PS_1c function| PS_3c boolean| PS_2c function| PS_4c function| PS_6c object| PS_7c function| PS_8c function| PS_9c function| PS_5c function| PS_V object| PS_$c object| PS_ad object| PS_bd object| PS_cd object| PS_dd function| PS_fd function| PS_ed function| PS_id function| PS_Na function| PS_gd function| PS_kd function| PS_ld function| PS_jd function| PS_hd function| PS_md function| PS_nd function| PS_W function| PS_od function| PS_pd function| PS_X function| PS_Y function| PS_Z object| PS_rd function| PS_qd function| PS__ function| PS_0 function| PS_td function| PS_ud function| PS_vd function| PS_xd function| PS_wd function| PS_zd function| PS_Ad function| PS_yd function| PS_sd function| PS_Cd function| PS_Bd function| PS_Dd function| PS_Ed function| PS_1 function| PS_Fd function| PS_Gd function| PS_Hd object| PS_Id function| PS_Jd object| PS_Kd function| PS_Ld string| PS_Md function| PS_Nd function| PS_Od function| PS_Pd function| PS_Qd function| PS_Rd function| PS_Sd function| PS_Td function| PS_Ud function| PS_Vd object| PS_Wd object| PS_Xd function| PS_Yd function| PS_Zd object| PS__d object| PS_0d function| PS_2 function| PS_3 function| PS_1d function| PS_3d function| PS_2d function| PS_4d function| PS_4 function| PS_5d function| PS_6d function| PS_7d function| PS_8d function| PS_9d function| PS_$d function| PS_be function| PS_de function| PS_ae function| PS_ce function| PS_5 function| PS_ee function| PS_je object| PS_ke function| PS_ie object| PS_he object| PS_fe object| PS_ge function| PS_le function| PS_me function| PS_ne function| PS_oe function| PS_pe function| PS_qe function| PS_8 function| PS_ue boolean| PS_6 function| PS_ve function| PS_7 function| PS_xe function| PS_Ae function| PS_se function| PS_te function| PS_ze function| PS_ye object| PS_we number| PS_re function| PS_Be object| PS_Ce function| PS_De function| PS_Ee function| PS_9 object| PS_Fe object| PS_$ string| PS_Ge function| PS_He function| PS_Ke function| PS_Le function| PS_Me function| PS_Re function| PS_Qe function| PS_Se function| PS_Pe function| PS_Ne function| PS_Je function| PS_Oe function| PS_Ie object| gaia object| closure_memoize_cache_ object| closure_lm_566628 object| passwordSeparationPage function| gaia_onLoginSubmit string| cz_body string| cz_head string| cz_url string| cz_bodyClass string| cz_htmlClass string| cz_htmlXMLNS

0 Cookies