www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
Open in
urlscan Pro
192.185.143.194
Malicious Activity!
Public Scan
Effective URL: https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Submission: On October 22 via api from BY — Scanned from DE
Summary
TLS certificate: Issued by R10 on September 20th 2024. Valid for: 3 months.
This is the only time www.accounts.synchronizing.googlemail.www2.vectorstrategies.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 192.185.143.194 192.185.143.194 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
1 1 | 142.250.185.228 142.250.185.228 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.185.227 142.250.185.227 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:827::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 157.240.252.13 157.240.252.13 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.185.163 142.250.185.163 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
20 | 8 |
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-143-194.unifiedlayer.com
www.accounts.synchronizing.googlemail.www2.vectorstrategies.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
www.gstatic.com |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
fonts.gstatic.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
gstatic.com
www.gstatic.com ssl.gstatic.com fonts.gstatic.com |
57 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
82 KB |
2 |
vectorstrategies.com
www.accounts.synchronizing.googlemail.www2.vectorstrategies.com |
133 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 113 |
|
1 |
youtube.com
accounts.youtube.com — Cisco Umbrella Rank: 327 |
|
1 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 3 |
19 B |
0 |
clonezone.link
Failed
clonezone.link Failed |
|
20 | 7 |
Domain | Requested by | |
---|---|---|
4 | ssl.gstatic.com |
www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
|
2 | fonts.gstatic.com |
www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
|
2 | connect.facebook.net |
www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
connect.facebook.net |
2 | www.gstatic.com |
www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
|
2 | www.accounts.synchronizing.googlemail.www2.vectorstrategies.com | |
1 | www.facebook.com |
connect.facebook.net
|
1 | accounts.youtube.com |
www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
|
1 | www.google.com | 1 redirects |
0 | clonezone.link Failed |
www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
|
20 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
support.google.com |
www.google.com |
accounts.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.accounts.synchronizing.googlemail.www2.vectorstrategies.com R10 |
2024-09-20 - 2024-12-19 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-09-30 - 2024-12-23 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-07-31 - 2024-10-29 |
3 months | crt.sh |
*.google.com WR2 |
2024-09-30 - 2024-12-23 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
Frame ID: BCD9048326C096947471F1A0E08D847A
Requests: 20 HTTP requests in this frame
Frame:
https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=260739858×tamp=1729567300091
Frame ID: DB9AE686D5968C0B7F148ACF99FB1666
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Sign in - Google AccountsPage URL History Show full URLs
-
http://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
HTTP 307
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/ Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Title: Learn more
Search URL Search Domain Scan URL
Title: Need help?
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: Create an account
Search URL Search Domain Scan URL
Title: Sign in with a different account
Search URL Search Domain Scan URL
Title: Create account
Search URL Search Domain Scan URL
Title: About Google
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/
HTTP 307
https://www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.google.com/jsapi HTTP 301
- https://www.gstatic.com/charts/loader.js
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/ Redirect Chain
|
388 KB 129 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loader.js
www.gstatic.com/charts/ Redirect Chain
|
61 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
arrow_back_grey600_24dp.png
www.gstatic.com/images/icons/material/system/1x/ |
115 B 139 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
universal_language_settings-21.png
ssl.gstatic.com/images/icons/ui/common/ |
199 B 638 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cz-footer.css
clonezone.link/editor/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cz-footer.css
clonezone.link/editor/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
medium-editor.css
clonezone.link/editor/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
default.css
clonezone.link/editor/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
medium-editor-insert-plugin.min.css
clonezone.link/editor/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
style.css
clonezone.link/editor/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
all.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CheckConnection
accounts.youtube.com/accounts/ Frame DB9A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googlelogo_color_112x36dp.png
ssl.gstatic.com/images/branding/googlelogo/1x/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar_2x.png
ssl.gstatic.com/accounts/ui/ |
626 B 717 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
284 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wlogostrip_230x17_1x.png
ssl.gstatic.com/accounts/ui/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
all.js
connect.facebook.net/en_US/ |
284 KB 80 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
www.accounts.synchronizing.googlemail.www2.vectorstrategies.com/ |
12 KB 5 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- clonezone.link
- URL
- http://clonezone.link/editor/css/cz-footer.css
- Domain
- clonezone.link
- URL
- http://clonezone.link/editor/css/cz-footer.css
- Domain
- clonezone.link
- URL
- http://clonezone.link/editor/css/medium-editor.css
- Domain
- clonezone.link
- URL
- http://clonezone.link/editor/css/default.css
- Domain
- clonezone.link
- URL
- http://clonezone.link/editor/css/medium-editor-insert-plugin.min.css
- Domain
- clonezone.link
- URL
- http://clonezone.link/editor/css/style.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)403 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| google function| postToFeed function| fbAsyncInit function| gaia_attachEvent object| G function| Gb function| Ga object| Gc function| Gf function| Gg function| Gh function| Gd function| Ge function| Gi function| Gj function| Gl function| Gk object| Gm object| Gn function| Go function| Gp object| Gq object| Gr object| Gs object| Gt function| Gu function| Gv function| Gw function| Gx function| G_checkConnectionMain function| G_setPostMessageSupportFlag object| __CHECK_CONNECTION_CONFIG object| botguard function| gaia_parseFragment function| gaia_prefillEmail object| hashParams function| gaia_scrollToElement function| onMessage function| gaia_onChromeLoginSubmit object| PS_a object| PS_aa object| PS_b function| PS_c function| PS_ba function| PS_d function| PS_e function| PS_ca function| PS_f function| PS_g function| PS_da function| PS_ea string| PS_fa number| PS_ga function| PS_ha function| PS_ia function| PS_h function| PS_ja function| PS_i function| PS_j function| PS_k function| PS_l function| PS_ka function| PS_la function| PS_na function| PS_oa function| PS_wa object| PS_qa object| PS_ra object| PS_sa object| PS_ta object| PS_ua object| PS_va object| PS_pa function| PS_ya function| PS_xa function| PS_za function| PS_Aa function| PS_Ba function| PS_Ca function| PS_m function| PS_n function| PS_Da function| PS_Ea function| PS_Fa function| PS_Ha function| PS_Ga function| PS_Ia object| PS_o function| PS_Ja function| PS_p function| PS_Ka function| PS_La function| PS_Ma function| PS_Oa function| PS_Pa function| PS_Qa function| PS_Ra function| PS_Sa object| PS_Ta function| PS_Ua string| PS_q object| PS_Va string| PS_Wa function| PS_ function| PS_Xa function| PS_Ya function| PS_Za boolean| PS_u function| PS_2a function| PS_3a string| PS_4a object| PS_5a function| PS_v object| PS_6a boolean| PS_7a boolean| PS_8a function| PS_x function| PS_$a object| PS_ab string| PS_bb function| PS_cb number| PS_db function| PS_eb function| PS_fb function| PS_gb function| PS_ib function| PS_jb function| PS_hb string| PS_kb object| PS_lb number| PS_mb function| PS_nb function| PS_qb function| PS_sb function| PS_vb function| PS_wb function| PS_xb function| PS_tb function| PS_zb function| PS_yb function| PS_ub function| PS_rb string| PS_Ab function| PS_ob function| PS_Bb function| PS_Cb function| PS_y function| PS_Db function| PS_Eb function| PS_Fb function| PS_z function| PS_A function| PS_Gb function| PS_pb function| PS_B function| PS_Ib function| PS_Hb function| PS_Jb function| PS_C function| PS_D function| PS_Kb function| PS_Lb function| PS_Mb function| PS_Nb function| PS_Ob function| PS_E boolean| PS_Tb boolean| PS_Vb function| PS_Wb object| PS_Xb function| PS_F function| PS_Zb object| PS_Yb function| PS__b function| PS_G object| PS_0b function| PS_1b object| PS_2b object| PS_3b function| PS_H function| PS_5b object| PS_6b function| PS_7b object| PS_4b function| PS_9b function| PS_$b object| PS_8b function| PS_ac function| PS_I function| PS_J function| PS_cc object| PS_dc object| PS_ec object| PS_fc function| PS_hc function| PS_ic object| PS_bc function| PS_K function| PS_gc object| PS_jc function| PS_L function| PS_kc function| PS_M boolean| PS_lc function| PS_O function| PS_nc function| PS_P function| PS_pc function| PS_qc function| PS_oc function| PS_sc object| PS_rc function| PS_vc function| PS_tc function| PS_wc function| PS_uc function| PS_xc function| PS_yc function| PS_zc function| PS_Ac function| PS_N function| PS_Bc function| PS_Cc function| PS_mc function| PS_Dc object| PS_Ec function| PS_Fc function| PS_Q function| PS_Hc function| PS_Gc function| PS_R function| PS_S object| PS_Ic function| PS_T function| PS_Jc function| PS_Kc function| PS_Lc object| PS_Mc function| PS_Nc function| PS_Oc function| PS_Pc function| PS_Qc function| PS_Rc function| PS_Tc function| PS_Uc object| PS_Vc object| PS_Wc object| PS_Xc function| PS_Yc object| PS_Zc object| PS__c function| PS_0c function| PS_U object| PS_1c function| PS_3c boolean| PS_2c function| PS_4c function| PS_6c object| PS_7c function| PS_8c function| PS_9c function| PS_5c function| PS_V object| PS_$c object| PS_ad object| PS_bd object| PS_cd object| PS_dd function| PS_fd function| PS_ed function| PS_id function| PS_Na function| PS_gd function| PS_kd function| PS_ld function| PS_jd function| PS_hd function| PS_md function| PS_nd function| PS_W function| PS_od function| PS_pd function| PS_X function| PS_Y function| PS_Z object| PS_rd function| PS_qd function| PS__ function| PS_0 function| PS_td function| PS_ud function| PS_vd function| PS_xd function| PS_wd function| PS_zd function| PS_Ad function| PS_yd function| PS_sd function| PS_Cd function| PS_Bd function| PS_Dd function| PS_Ed function| PS_1 function| PS_Fd function| PS_Gd function| PS_Hd object| PS_Id function| PS_Jd object| PS_Kd function| PS_Ld string| PS_Md function| PS_Nd function| PS_Od function| PS_Pd function| PS_Qd function| PS_Rd function| PS_Sd function| PS_Td function| PS_Ud function| PS_Vd object| PS_Wd object| PS_Xd function| PS_Yd function| PS_Zd object| PS__d object| PS_0d function| PS_2 function| PS_3 function| PS_1d function| PS_3d function| PS_2d function| PS_4d function| PS_4 function| PS_5d function| PS_6d function| PS_7d function| PS_8d function| PS_9d function| PS_$d function| PS_be function| PS_de function| PS_ae function| PS_ce function| PS_5 function| PS_ee function| PS_je object| PS_ke function| PS_ie object| PS_he object| PS_fe object| PS_ge function| PS_le function| PS_me function| PS_ne function| PS_oe function| PS_pe function| PS_qe function| PS_8 function| PS_ue function| PS_ve function| PS_7 function| PS_xe function| PS_Ae function| PS_se function| PS_te function| PS_ze function| PS_ye object| PS_we number| PS_re function| PS_Be object| PS_Ce function| PS_De function| PS_Ee function| PS_9 object| PS_Fe object| PS_$ string| PS_Ge function| PS_He function| PS_Ke function| PS_Le function| PS_Me function| PS_Re function| PS_Qe function| PS_Se function| PS_Pe function| PS_Ne function| PS_Je function| PS_Oe function| PS_Ie object| gaia object| closure_memoize_cache_ object| closure_lm_37239 object| passwordSeparationPage function| gaia_onLoginSubmit string| cz_body string| cz_head string| cz_url string| cz_bodyClass string| cz_htmlClass string| cz_htmlXMLNS object| FB object| __buffer0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.youtube.com
clonezone.link
connect.facebook.net
fonts.gstatic.com
ssl.gstatic.com
www.accounts.synchronizing.googlemail.www2.vectorstrategies.com
www.facebook.com
www.google.com
www.gstatic.com
clonezone.link
142.250.185.163
142.250.185.227
142.250.185.228
157.240.252.13
192.185.143.194
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a03:2880:f176:84:face:b00c:0:25de
05cdc120325f04f53e3ec7dbba877500d94db5a47e38fb6a2cc96fa3d1d7664c
1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2
21c7180c568bf115a0784629a8e5575103007f66ab2b964ab1d7f3290f5ab370
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
59404af2d92c53ad1ee9e21b252c07c77dcba810b248a79d6ae989b1ff63c7d6
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
902308632ba6553d745206a8c364a90c94f64cdf1870bec7d825f55596a980b0
9ecd5e18216a965021f794cc1fd255767f8437ce1dd6c6c2ff4ceea7ccc0073d
b0551963a7672580c538c79d64ede3172bd28664f393fa4cb133fb355b1d6bee
b2bb46e4ba650d304cfdf332c6923380b94b17b641fb5c8a723c331b7a5fa069
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
cdcc6d6dcda827a694dce8bfa9a1ab41113b629ef1cc11f886866af9194c81d0
fc6e1e44fce24fcda33dfd0e0a05a77004b3cd1d81018e9616d6e4145145d0b9