It is LEGIT
If you see the URL in the address bar : https://accounts.google.com/signin/~
it means "accounts" is a subdomain of "google.com"
if you click on the green earth icon you will see something like "Certificate" followed by "valid". click on valid , it will show you a certificate issued by "Google Inc" speaking of its authenticity
Your concerns are valid, as hackers try phishing attacks and social engineering to get to their victims. In your case if the URL would have been something like accounts.google.com.singin.somedomain.com it would have been a fake .