googleu.org Open in urlscan Pro
2606:4700:3036::ac43:8e8f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://googleu.org/
Submission Tags: @phishunt_io
Submission: On May 09 via api (May 9th 2023, 10:00:07 pm UTC) from DE — Scanned from DE

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3036::ac43:8e8f, located in United States and belongs to CLOUDFLARENET, US. The main domain is googleu.org.
TLS certificate: Issued by GTS CA 1P5 on May 9th 2023. Valid for: 3 months.

This is the only time googleu.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3036::ac43:8e8f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::ac43:cd1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2

6 2606:4700:3036::ac43:8e8f (United States)

ASN13335 (CLOUDFLARENET, US)

googleu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:cd1e (United States)

ASN13335 (CLOUDFLARENET, US)

k.teunpt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	googleu.org googleu.org	496 KB
2	teunpt.com k.teunpt.com	4 KB
8	2

	Domain	Requested by
6	googleu.org	googleu.org
2	k.teunpt.com	googleu.org
8	2

This site contains links to these domains. Also see Links.

Domain
k.teunpt.com

Subject Issuer	Validity	Valid
googleu.org GTS CA 1P5	`2023-05-09` - `2023-08-07`	3 months	crt.sh
teunpt.com GTS CA 1P5	`2023-04-30` - `2023-07-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://googleu.org/
Frame ID: 2E6805A426169B885A18A0C6E78FCA0F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Easylink下载页面

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

500 kB
Transfer

561 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://k.teunpt.com/api/wz/app?id=20003&os=ios

Search URL Search Domain Scan URL

URL: https://k.teunpt.com/api/wz/app?id=20003&os=android

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response googleu.org/	2 KB 1 KB	537ms 440ms	Document text/html	2606:4700:3036::ac43:8e8f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://googleu.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4c9f49622837518301acfa792d00e8edbc563af75c920a7ab859774e62b31a89` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7c4d367eecb9918c-FRA content-encoding br content-type text/html date Tue, 09 May 2023 22:00:01 GMT last-modified Tue, 09 May 2023 09:46:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BNTp245QfOdacGGA8FBBrmQy16aoYOV6GnpZe4ysWnA9zZhp2ceRVVfn6f87gMxzn%2BCyGzmlmgFmO1KqAmReMO2X4cF3xrWvPFF7%2BuB5jDSWKQfitaujlo8W3Oi5vIEhp7L%2FVtnnx%2F6xA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	style.css googleu.org/css/	5 KB 2 KB	436ms 434ms	Stylesheet text/css	2606:4700:3036::ac43:8e8f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://googleu.org/css/style.css Requested by Host: googleu.org URL: https://googleu.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9508ed62f841d0fd37ae29e1306a4701089c7f114338bf3badccddabc77191d2` Request headers accept-language de-DE,de;q=0.9 Referer https://googleu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 09 May 2023 22:00:01 GMT content-encoding br cf-cache-status MISS last-modified Tue, 09 May 2023 09:46:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"645a165b-153a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ALefOmjhNk8ooCkd8%2Bm0zhnp%2BmeyLymaOJGE1AgeO%2BBYTrtAoexeGjWpwiNRKhishyokP3XvTspU7xFiHJYnq5jPS90VzLKl3nlxWaYl5RgOlPgGbVMwefW9V%2FvSVVKIOvreBlLDHQXiQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 7c4d3681bfc3918c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 10 May 2023 10:00:01 GMT
GET H2	200	dl1.png googleu.org/img/	9 KB 10 KB	432ms 431ms	Image image/png	2606:4700:3036::ac43:8e8f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://googleu.org/img/dl1.png Requested by Host: googleu.org URL: https://googleu.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `308ab26d895282d08b14d12becaed4dcf62dd61b986ebe31819ce4afc848272e` Request headers accept-language de-DE,de;q=0.9 Referer https://googleu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 09 May 2023 22:00:01 GMT cf-cache-status MISS last-modified Tue, 09 May 2023 09:46:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "645a165d-2544" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnMf%2F4ddXXKW2Qi9Hn25BFx46hBe7xqq%2B3aKff3WdARxssfxmJdCI96nSZkLa%2FJEKeDEdPbxzMBvTKiXI2S%2Bie7S2uuxCQYreAjUu8XiEv%2BtWYw2PFepxLgk7KjlD1a0m6BlkX2ux8WlxA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 7c4d3681bfc6918c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9540 expires Thu, 08 Jun 2023 22:00:01 GMT
GET H3	200	dl2.png googleu.org/img/	8 KB 9 KB	428ms 428ms	Image image/png	2606:4700:3036::ac43:8e8f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://googleu.org/img/dl2.png Requested by Host: googleu.org URL: https://googleu.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e1a12470e3fcde19c48a4dde66c6f27ef6c620d4b521b908321717d51faffe95` Request headers accept-language de-DE,de;q=0.9 Referer https://googleu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 09 May 2023 22:00:02 GMT cf-cache-status MISS last-modified Tue, 09 May 2023 09:46:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "645a165d-205d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgNkV0yqrdvj3hha54nDC6ETTyzEnUfzG2INi0%2B4grDe14IZqyJttPQn35E22jPCmu%2FrETmOfIGtL07p2NCScBQGFJlKxCjhyFPBjnMWWRP%2B%2BxcFhJP9NB2yCw7TeqZJF117XWqWmP4BAw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 7c4d368468b91c36-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8285 expires Thu, 08 Jun 2023 22:00:02 GMT
GET H3	200	jquery1.10.2.js Show response googleu.org/js/	94 KB 34 KB	642ms 642ms	Script application/javascript	2606:4700:3036::ac43:8e8f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://googleu.org/js/jquery1.10.2.js Requested by Host: googleu.org URL: https://googleu.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c8963b6bd2ca8497603794bf9adcbff7a3ea55c9c3edef3d5a992405ee256a90` Request headers accept-language de-DE,de;q=0.9 Referer https://googleu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 09 May 2023 22:00:02 GMT content-encoding br cf-cache-status MISS last-modified Tue, 09 May 2023 09:46:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"645a165e-176ba" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3o1JRt1qucSnDACHhjPkf6zWUdiUZuPISNjGDteIJ1NG553XRrZg8aB%2Fx19I6E8EkOvc391PJHtSsePNtOGGDN%2BaAuxtLrxx%2F22YDkYz0P7vGnU4A7ky1dMHnzi9il7zBsQNiMe0L4MBmg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7c4d368468b51c36-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 10 May 2023 10:00:02 GMT
GET H3	200	bg.jpg googleu.org/img/	440 KB 440 KB	1372ms 1372ms	Image image/jpeg	2606:4700:3036::ac43:8e8f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://googleu.org/img/bg.jpg Requested by Host: googleu.org URL: https://googleu.org/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:8e8f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e63c7169ab54061a5acf8647e92bb6634cb91fd41904fe2624cc389708627163` Request headers accept-language de-DE,de;q=0.9 Referer https://googleu.org/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 09 May 2023 22:00:02 GMT cf-cache-status MISS last-modified Tue, 09 May 2023 09:46:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "645a165d-6df11" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bs3rGSVfMPuEL1d4CdUoMKjp5Ej3P0T4GAqvh5%2BEDsMxid%2FQGmySxI1hVorAz%2BabgknsJ8JYstnBW7TYMDWBPADw0v2Mu9XY%2BixdfEckBABFY8AD9geCFWrUBEUGLtcyPkag1R1ULckpWA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 7c4d368488db1c36-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 450321 expires Thu, 08 Jun 2023 22:00:02 GMT
GET H2	200	detail Show response k.teunpt.com/api/wz/	611 B 905 B	1237ms 479ms	XHR application/json	2606:4700:3031::ac43:cd1e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://k.teunpt.com/api/wz/detail?id=20003 Requested by Host: googleu.org URL: https://googleu.org/js/jquery1.10.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:cd1e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e057a8336686f2a2c7539498045afef6024f0335b57f40b47a22a80dfdfc0103` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://googleu.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 09 May 2023 22:00:03 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6spiyrEM%2FWAYaG4tTk7KXoSM8B76f0V3DG%2BNMDcxP8b6peWHnBGsIHdYn5l7Bm7D9kxciRR1luVnqz0rtEEh3zX4U3%2B9ESPHXyoxOJb%2F6tvPmTPi4YkovmvqRlO1BfciZSkD%2Fy1C5f%2FPKE%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=UTF-8 access-control-allow-origin https://googleu.org access-control-allow-credentials true cf-ray 7c4d368d8b97693a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	pic k.teunpt.com/api/wz/	2 KB 3 KB	547ms 462ms	Image image/png	2606:4700:3031::ac43:cd1e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://k.teunpt.com/api/wz/pic?name=uploads/file/2023-05-05/25cec6f09a6d3bd6b046d4c172b417d1_20230505160849.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:cd1e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `14e7bab6d96b6f505160894327ba0306beb2ca979902cca6c3ca6e7d8ac25f39` Request headers accept-language de-DE,de;q=0.9 Referer https://googleu.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Tue, 09 May 2023 22:00:04 GMT cf-cache-status DYNAMIC last-modified Fri, 05 May 2023 08:08:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pW%2B5vNrkHUKu6sa6Liultx9cEvl5R6qzmqLHV5Foa90m8f7hj8kQ0xWjEXQGNzOezUnBd9etUzGty20kkca0pou5H49%2F6PYM3R3i4mAwDos23V%2BU07VTeDgDTMFh8lh19ws6B4Uafl%2BAow%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin access-control-allow-credentials true cf-ray 7c4d36910e26381c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleu.org
k.teunpt.com
2606:4700:3031::ac43:cd1e
2606:4700:3036::ac43:8e8f
14e7bab6d96b6f505160894327ba0306beb2ca979902cca6c3ca6e7d8ac25f39
308ab26d895282d08b14d12becaed4dcf62dd61b986ebe31819ce4afc848272e
4c9f49622837518301acfa792d00e8edbc563af75c920a7ab859774e62b31a89
9508ed62f841d0fd37ae29e1306a4701089c7f114338bf3badccddabc77191d2
c8963b6bd2ca8497603794bf9adcbff7a3ea55c9c3edef3d5a992405ee256a90
e057a8336686f2a2c7539498045afef6024f0335b57f40b47a22a80dfdfc0103
e1a12470e3fcde19c48a4dde66c6f27ef6c620d4b521b908321717d51faffe95
e63c7169ab54061a5acf8647e92bb6634cb91fd41904fe2624cc389708627163

googleu.org Open in urlscan Pro 2606:4700:3036::ac43:8e8f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

500 kBTransfer

561 kBSize

0 Cookies

2 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Indicators

googleu.org Open in urlscan Pro
2606:4700:3036::ac43:8e8f Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

500 kB
Transfer

561 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions