transitplay.com Open in urlscan Pro
139.99.166.212 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/bjhgy/transitplay15.html#TUh5M9rm4.gqgStYokLvWnw?zhmcRgjFWCJnV=HYpwMzsTLHTpH39f9lyg01xqmr01gs2g0...
Effective URL:
http://transitplay.com/unsubscribe.php
Submission: On January 23 via api (January 23rd 2022, 5:44:15 pm UTC) from BE — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 139.99.166.212, located in Sydney, Australia and belongs to OVH, FR. The main domain is transitplay.com.

This is the only time transitplay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:828::2010	15169 (GOOGLE) (GOOGLE)
1 9	139.99.166.212 139.99.166.212	16276 (OVH) (OVH)
9	2

1 2a00:1450:4001:828::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.99.166.212 (Sydney, Australia) 1 redirects

ASN16276 (OVH, FR)
PTR: ip212.ip-139-99-166.net

transitplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	transitplay.com 1 redirects transitplay.com	231 KB
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 425	1 KB
9	2

	Domain	Requested by
9	transitplay.com	1 redirects storage.googleapis.com transitplay.com
1	storage.googleapis.com
9	2

This site contains no links.

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://transitplay.com/unsubscribe.php
Frame ID: 159E235CAE91ADE9F772110BC5D6A2DD
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Unsubscribe

Page URL History Show full URLs

https://storage.googleapis.com/bjhgy/transitplay15.html Page URL
http://transitplay.com/TUh5M9rm4.gqgStYokLvWnw?zhmcRgjFWCJnV=HYpwMzsTLHTpH39f9lyg01xqmr01gs2g021mr1... HTTP 302
http://transitplay.com/unsubscribe.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

9
Requests

11 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

232 kB
Transfer

230 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/bjhgy/transitplay15.html Page URL
http://transitplay.com/TUh5M9rm4.gqgStYokLvWnw?zhmcRgjFWCJnV=HYpwMzsTLHTpH39f9lyg01xqmr01gs2g021mr191o63qh01z00 HTTP 302
http://transitplay.com/unsubscribe.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	transitplay15.html storage.googleapis.com/bjhgy/	631 B 1 KB	38ms 11ms	Document text/html	2a00:1450:4001:828::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/bjhgy/transitplay15.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers x-guploader-uploadid ADPycdvJeLrp7goX0m5lqJY3bgI8PDN__GeHVnUuT4fmLygEBnohym29CaO8aFVltP6IdIQjquz_bT3gcw6EKRFdKLlJFsVJXg x-goog-generation 1630356671115156 x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-stored-content-length 631 x-goog-hash crc32c=3KtLvg== md5=Xogca83nuHvEgRjl1eWDEw== x-goog-storage-class STANDARD accept-ranges bytes content-length 631 server UploadServer date Sun, 23 Jan 2022 16:54:37 GMT expires Sun, 23 Jan 2022 17:54:37 GMT cache-control public, max-age=3600 age 2970 last-modified Mon, 30 Aug 2021 20:51:11 GMT etag "5e881c6bcde7b87bc48118e5d5e58313" content-type text/html alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	Primary Request unsubscribe.php Show response transitplay.com/ Redirect Chain http://transitplay.com/TUh5M9rm4.gqgStYokLvWnw?zhmcRgjFWCJnV=HYpwMzsTLHTpH39f9lyg01xqmr01gs2g021mr191o63qh01z00 http://transitplay.com/unsubscribe.php	3 KB 3 KB	274ms 274ms	Document text/html	139.99.166.212 OVH
General Check archive.org Show headers Download Go to Full URL http://transitplay.com/unsubscribe.php Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/bjhgy/transitplay15.html Protocol HTTP/1.1 Server 139.99.166.212 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip212.ip-139-99-166.net Software Apache / Resource Hash `efa65496943f2de92658ef86636d6fa96180366ac35e1c7cf00d90b3e1e63dda` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://storage.googleapis.com/bjhgy/transitplay15.html#TUh5M9rm4.gqgStYokLvWnw?zhmcRgjFWCJnV=HYpwMzsTLHTpH39f9lyg01xqmr01gs2g021mr191o63qh01z00 Response headers Date Sun, 23 Jan 2022 17:44:11 GMT Server Apache Content-Length 3221 Connection close Content-Type text/html; charset=UTF-8 Redirect headers Date Sun, 23 Jan 2022 17:44:07 GMT Server Apache Location ./unsubscribe.php Content-Length 0 Connection close Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	styles.css transitplay.com/css/	2 KB 3 KB	543ms 265ms	Stylesheet text/css	139.99.166.212 OVH
General Check archive.org Show headers Download Go to Full URL http://transitplay.com/css/styles.css Requested by Host: transitplay.com URL: http://transitplay.com/unsubscribe.php Protocol HTTP/1.1 Server 139.99.166.212 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip212.ip-139-99-166.net Software Apache / Resource Hash `2125b90db1814c362cc93ee10b9d5dc5b380edb620717ff0e1ef68ac3fc1d5e5` Request headers Accept-Language de-DE,de;q=0.9 Referer http://transitplay.com/unsubscribe.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sun, 23 Jan 2022 17:44:11 GMT Last-Modified Tue, 13 Jul 2021 13:48:34 GMT Server Apache ETag "9fd-5c7017e78c6e5" Content-Type text/css Connection close Accept-Ranges bytes Content-Length 2557
GET H/1.1	200 OK	bg.jpg transitplay.com/images/	136 KB 136 KB	302ms 302ms	Image image/jpeg	139.99.166.212 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://transitplay.com/images/bg.jpg Requested by Host: transitplay.com URL: http://transitplay.com/css/styles.css Protocol HTTP/1.1 Server 139.99.166.212 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip212.ip-139-99-166.net Software Apache / Resource Hash `15d1fa5a7c42ba54b0d59dcc295a2f88a4404c2bdfeb3aef4e42762f7abbaefb` Request headers Accept-Language de-DE,de;q=0.9 Referer http://transitplay.com/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sun, 23 Jan 2022 17:44:11 GMT Last-Modified Tue, 13 Jul 2021 13:48:42 GMT Server Apache ETag "21f87-5c7017ef7ac03" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 139143
GET H/1.1	200 OK	hd.jpg transitplay.com/images/	64 KB 65 KB	522ms 258ms	Image image/jpeg	139.99.166.212 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://transitplay.com/images/hd.jpg Requested by Host: transitplay.com URL: http://transitplay.com/css/styles.css Protocol HTTP/1.1 Server 139.99.166.212 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip212.ip-139-99-166.net Software Apache / Resource Hash `b1064d68fc41de64a7a301c692f76329b21b7459ae30cdad939c1e08978e11ed` Request headers Accept-Language de-DE,de;q=0.9 Referer http://transitplay.com/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sun, 23 Jan 2022 17:44:12 GMT Last-Modified Tue, 13 Jul 2021 13:48:43 GMT Server Apache ETag "101bc-5c7017f05b5d8" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 65980
GET H/1.1	200 OK	main.gif transitplay.com/images/	21 KB 21 KB	534ms 265ms	Image image/gif	139.99.166.212 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://transitplay.com/images/main.gif Requested by Host: transitplay.com URL: http://transitplay.com/css/styles.css Protocol HTTP/1.1 Server 139.99.166.212 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip212.ip-139-99-166.net Software Apache / Resource Hash `356bda262da69e349fd0a4bc49982bccc97cb5eb48724edc088dc0de1ef6fb4b` Request headers Accept-Language de-DE,de;q=0.9 Referer http://transitplay.com/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sun, 23 Jan 2022 17:44:12 GMT Last-Modified Tue, 13 Jul 2021 13:48:44 GMT Server Apache ETag "5431-5c7017f142d0e" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 21553
GET H/1.1	200 OK	side.jpg transitplay.com/images/	3 KB 3 KB	534ms 267ms	Image image/jpeg	139.99.166.212 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://transitplay.com/images/side.jpg Requested by Host: transitplay.com URL: http://transitplay.com/css/styles.css Protocol HTTP/1.1 Server 139.99.166.212 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip212.ip-139-99-166.net Software Apache / Resource Hash `c9c73845557309508b638fc49eea0c21a54721ea2b36ecf4a016b98e369073a6` Request headers Accept-Language de-DE,de;q=0.9 Referer http://transitplay.com/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sun, 23 Jan 2022 17:44:12 GMT Last-Modified Tue, 13 Jul 2021 13:48:45 GMT Server Apache ETag "a07-5c7017f2217a3" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 2567
GET H/1.1	404 Not Found	g_top.gif transitplay.com/images/	0 0	1567ms 1299ms	Image text/html	139.99.166.212 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://transitplay.com/images/g_top.gif Requested by Host: transitplay.com URL: http://transitplay.com/css/styles.css Protocol HTTP/1.1 Server 139.99.166.212 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip212.ip-139-99-166.net Software Apache / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer http://transitplay.com/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sun, 23 Jan 2022 17:44:12 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close X-Robots-Tag noindex Content-Length 169
GET H/1.1	404 Not Found	ar.gif transitplay.com/images/	220 B 220 B	1699ms 1412ms	Image text/html	139.99.166.212 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://transitplay.com/images/ar.gif Requested by Host: transitplay.com URL: http://transitplay.com/css/styles.css Protocol HTTP/1.1 Server 139.99.166.212 Sydney, Australia, ASN16276 (OVH, FR), Reverse DNS ip212.ip-139-99-166.net Software Apache / Resource Hash `db534eea9bed06941c14a66542b40c24c4799bcd82212dc1839607746f3b71f1` Request headers Accept-Language de-DE,de;q=0.9 Referer http://transitplay.com/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Sun, 23 Jan 2022 17:44:12 GMT Server Apache Connection close X-Robots-Tag noindex Content-Length 220 Content-Type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://transitplay.com/images/g_top.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://transitplay.com/images/g_top.gif Message: Failed to load resource: net::ERR_INVALID_CHUNKED_ENCODING
network	error	URL: http://transitplay.com/images/ar.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

storage.googleapis.com
transitplay.com
139.99.166.212
2a00:1450:4001:828::2010
15d1fa5a7c42ba54b0d59dcc295a2f88a4404c2bdfeb3aef4e42762f7abbaefb
2125b90db1814c362cc93ee10b9d5dc5b380edb620717ff0e1ef68ac3fc1d5e5
356bda262da69e349fd0a4bc49982bccc97cb5eb48724edc088dc0de1ef6fb4b
b1064d68fc41de64a7a301c692f76329b21b7459ae30cdad939c1e08978e11ed
c9c73845557309508b638fc49eea0c21a54721ea2b36ecf4a016b98e369073a6
db534eea9bed06941c14a66542b40c24c4799bcd82212dc1839607746f3b71f1
efa65496943f2de92658ef86636d6fa96180366ac35e1c7cf00d90b3e1e63dda

transitplay.com Open in urlscan Pro 139.99.166.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

11 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

232 kBTransfer

230 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

transitplay.com Open in urlscan Pro
139.99.166.212 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

11 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

232 kB
Transfer

230 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions