google-usz.com
Open in
urlscan Pro
188.114.96.3
Malicious Activity!
Public Scan
Effective URL: https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&ch...
Submission Tags: @phishunt_io
Submission: On June 25 via api from DE — Scanned from NL
Summary
TLS certificate: Issued by WE1 on June 25th 2024. Valid for: 3 months.
This is the only time google-usz.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
ASN15169 (GOOGLE, US)
lh3.googleusercontent.com |
ASN15169 (GOOGLE, US)
play-lh.googleusercontent.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
s1.kwai.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-146.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f22.1e100.net
play-lh.googleusercontent.com |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-3.amazonaws.com
appdv76.s3.ap-southeast-3.amazonaws.com |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
api.mythad.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
vofzhq.com
www.vofzhq.com |
3 MB |
11 |
googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 112 play-lh.googleusercontent.com — Cisco Umbrella Rank: 534 |
6 KB |
10 |
tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 787 |
246 KB |
6 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
443 KB |
2 |
feiwindevelopment.com
game99.feiwindevelopment.com |
585 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 Failed |
115 KB |
2 |
google-usz.com
google-usz.com |
53 KB |
1 |
mythad.com
api.mythad.com — Cisco Umbrella Rank: 32965 |
733 B |
1 |
kwai.net
s1.kwai.net — Cisco Umbrella Rank: 21860 |
27 KB |
1 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204 |
59 KB |
1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2418 Failed |
156 B |
1 |
amazonaws.com
appdv76.s3.ap-southeast-3.amazonaws.com Failed |
565 B |
73 | 12 |
Domain | Requested by | |
---|---|---|
22 | www.vofzhq.com |
google-usz.com
|
10 | analytics.tiktok.com |
google-usz.com
analytics.tiktok.com |
9 | play-lh.googleusercontent.com |
google-usz.com
|
5 | fonts.gstatic.com |
www.vofzhq.com
|
2 | game99.feiwindevelopment.com |
analytics.tiktok.com
|
2 | lh3.googleusercontent.com |
google-usz.com
|
2 | www.googletagmanager.com |
google-usz.com
|
2 | google-usz.com |
google-usz.com
|
1 | www.gstatic.com | |
1 | api.mythad.com |
analytics.tiktok.com
|
1 | s1.kwai.net |
google-usz.com
|
1 | connect.facebook.net |
google-usz.com
|
1 | api.ipify.org |
google-usz.com
|
1 | appdv76.s3.ap-southeast-3.amazonaws.com |
google-usz.com
|
73 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
google-usz.com WE1 |
2024-06-25 - 2024-09-23 |
3 months | crt.sh |
vofzhq.com WE1 |
2024-06-23 - 2024-09-21 |
3 months | crt.sh |
*.googleusercontent.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
edgestatic.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
ipify.org GTS CA 1P5 |
2024-05-19 - 2024-08-17 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-04-03 - 2024-07-02 |
3 months | crt.sh |
*.kwai.net GlobalSign RSA OV SSL CA 2018 |
2023-10-26 - 2024-11-26 |
a year | crt.sh |
*.tiktok.com RapidSSL ECC CA 2018 |
2023-07-14 - 2024-08-13 |
a year | crt.sh |
*.gstatic.com WR2 |
2024-06-03 - 2024-08-26 |
3 months | crt.sh |
*.s3.ap-southeast-3.amazonaws.com Amazon RSA 2048 M01 |
2023-12-12 - 2024-11-23 |
a year | crt.sh |
feiwindevelopment.com GTS CA 1P5 |
2024-05-20 - 2024-08-18 |
3 months | crt.sh |
*.mythad.com GlobalSign GCC R3 DV TLS CA 2020 |
2024-03-12 - 2025-04-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang
Frame ID: BFF393E307AE22FEB2DFDCE3212FAB0C
Requests: 72 HTTP requests in this frame
Screenshot
Page Title
7276 – Apps on Google PlayPage URL History Show full URLs
- https://google-usz.com/ Page URL
- https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=990... Page URL
Detected technologies
Clipboard.js (Miscellaneous) ExpandDetected patterns
- clipboard(?:-([\d.]+))?(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://google-usz.com/ Page URL
- https://google-usz.com/?id=s7&t=1&p0=1dutxt0z&p1=9900_campaign&p2=123&p3=9900_adgroup&p4=123&p5=9900_creative&p6=123&channelCode=guanwang Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
73 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
google-usz.com/ |
241 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.vofzhq.com/resource/save4/assets/css/ |
658 KB 104 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clipboard.min.js
www.vofzhq.com/resource/save4/assets/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
adjust-latest.min.js
www.vofzhq.com/resource/save4/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
js
www.googletagmanager.com/gtag/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
lh3.googleusercontent.com/a/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw
play-lh.googleusercontent.com/ |
222 B 520 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s7-1.png
www.vofzhq.com/resource/save4/assets/image/ |
223 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s7-2.png
www.vofzhq.com/resource/save4/assets/image/ |
326 KB 326 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
s7-3.png
www.vofzhq.com/resource/save4/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
s7-4.png
www.vofzhq.com/resource/save4/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
s7-5.png
www.vofzhq.com/resource/save4/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
play-lh.googleusercontent.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
play-lh.googleusercontent.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
play-lh.googleusercontent.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
play-lh.googleusercontent.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
indonesia.png
www.vofzhq.com/resource/save4/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
www.vofzhq.com/resource/save4/assets/js/ |
1 KB 1011 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
7276.js
appdv76.s3.ap-southeast-3.amazonaws.com/download-app/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
api.ipify.org/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
google-usz.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
google-usz.com/ |
241 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.vofzhq.com/resource/save4/assets/css/ |
658 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clipboard.min.js
www.vofzhq.com/resource/save4/assets/js/ |
18 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adjust-latest.min.js
www.vofzhq.com/resource/save4/assets/js/ |
90 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
127 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
lh3.googleusercontent.com/a/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.ipify.org/ |
22 B 156 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
183 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
219 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
events-nr.js
s1.kwai.net/kos/s101/nlav11187/pixel/custom/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2
fonts.gstatic.com/s/googlesans/v29/ |
24 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
fonts.gstatic.com/s/googlematerialicons/v137/ |
227 KB 227 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw
play-lh.googleusercontent.com/ |
222 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s7-1.png
www.vofzhq.com/resource/save4/assets/image/ |
377 KB 373 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s7-2.png
www.vofzhq.com/resource/save4/assets/image/ |
326 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s7-3.png
www.vofzhq.com/resource/save4/assets/image/ |
271 KB 270 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s7-4.png
www.vofzhq.com/resource/save4/assets/image/ |
261 KB 254 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s7-5.png
www.vofzhq.com/resource/save4/assets/image/ |
379 KB 379 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
play-lh.googleusercontent.com/ |
200 B 225 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
play-lh.googleusercontent.com/ |
244 B 269 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
play-lh.googleusercontent.com/ |
202 B 227 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
play-lh.googleusercontent.com/ |
164 B 189 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ |
159 KB 159 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ALV-UjV_vZlNPeSM8EdEYzgKxLHGyLIFmXLJDagbIrmNlEZzDA=s32-rw
play-lh.googleusercontent.com/a-/ |
454 B 478 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ACg8ocJmEhycReUrpF1BW4XaKBAC8HxR6QECHaiw1oA42jSD=s32-rw-mo
play-lh.googleusercontent.com/a/ |
302 B 327 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ALV-UjVMwRXok34XAALEWtNe_yinuUDme1ecfXKMbhzsc1a8=s64-rw
play-lh.googleusercontent.com/a-/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
indonesia.png
www.vofzhq.com/resource/save4/assets/image/ |
192 B 692 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
www.vofzhq.com/resource/save4/assets/js/ |
1 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7276.js
appdv76.s3.ap-southeast-3.amazonaws.com/download-app/ |
158 B 565 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.MTU0NDc1MDUxMA.js
analytics.tiktok.com/i18n/pixel/static/ |
339 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.MTU0NDc1MDUxMQ.js
analytics.tiktok.com/i18n/pixel/static/ |
344 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ |
146 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 704 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 845 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
tiktok
game99.feiwindevelopment.com/game99-platform-app/s2s/ |
109 B 585 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s7.png
www.vofzhq.com/resource/save4/assets/image/ |
364 KB 364 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
tiktok
game99.feiwindevelopment.com/game99-platform-app/s2s/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 704 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s1.png
www.vofzhq.com/resource/save4/assets/image/ |
102 KB 102 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s2.png
www.vofzhq.com/resource/save4/assets/image/ |
87 KB 87 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s3.png
www.vofzhq.com/resource/save4/assets/image/ |
100 KB 100 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s4.png
www.vofzhq.com/resource/save4/assets/image/ |
103 KB 103 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s5.png
www.vofzhq.com/resource/save4/assets/image/ |
107 KB 108 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s6.png
www.vofzhq.com/resource/save4/assets/image/ |
103 KB 104 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getPixelConfig
api.mythad.com/rest/n/adintl/ad/ |
139 B 733 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
act
analytics.tiktok.com/api/v2/pixel/ |
0 846 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon_v3.ico
www.gstatic.com/android/market_images/web/ |
4 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save4/assets/js/adjust-latest.min.js
- Domain
- www.googletagmanager.com
- URL
- https://www.googletagmanager.com/gtag/js?id=
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save4/assets/image/s7-3.png
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save4/assets/image/s7-4.png
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save4/assets/image/s7-5.png
- Domain
- play-lh.googleusercontent.com
- URL
- https://play-lh.googleusercontent.com/iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
- Domain
- play-lh.googleusercontent.com
- URL
- https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
- Domain
- play-lh.googleusercontent.com
- URL
- https://play-lh.googleusercontent.com/W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
- Domain
- play-lh.googleusercontent.com
- URL
- https://play-lh.googleusercontent.com/ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save4/assets/image/indonesia.png
- Domain
- appdv76.s3.ap-southeast-3.amazonaws.com
- URL
- https://appdv76.s3.ap-southeast-3.amazonaws.com/download-app/7276.js
- Domain
- api.ipify.org
- URL
- https://api.ipify.org/?format=json
- Domain
- google-usz.com
- URL
- https://google-usz.com/?id=s7
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)60 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| ClipboardJS object| urlParams object| gtagParam object| geventParam function| gtag object| dataLayer object| fb_pixel_id object| fb_access_token function| fbq function| _fbq object| kwai_pixel_id string| KwaiAnalyticsObject object| kwaiq object| install object| params object| tiktok_pixel_id string| TiktokAnalyticsObject object| ttq object| google_tag_manager object| google_tag_data object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| downloadLink function| getAuthToken function| getCookie function| buildURL function| getFbPid function| gtag_report_conversion object| _czc function| loadScript function| goDownload string| tracker string| campaign string| adgroup string| creative function| similarGamesClick function| yoda_kuaishou_plugin_callback_Kwai_isSupport_e1d8a002_d363_4bb7_b448_a6ab581d5102 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_f5ed0480_8289_4b2f_a2d3_4c7f7f6445f0 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_cc3547c9_72e2_4819_86d5_89e18aa75476 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_e94f9546_93f5_4a0d_bec8_2c2e00ef485f function| yoda_kuaishou_plugin_callback_Kwai_isSupport_6581886e_acba_4830_a3cd_a48467fd4e9b function| yoda_kuaishou_plugin_callback_Kwai_isSupport_0f7b6063_0ca6_4107_afb7_64d8b56b49bb object| events function| yoda_kuaishou_plugin_callback_Kwai_isSupport_6fe834e5_ff7f_4770_84e4_a6561943dd98 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_9aea98a4_0cc5_431e_a40e_2cb95181a524 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_e6d1ed24_9eab_4992_bde6_bc033c39ad6e function| yoda_kuaishou_plugin_callback_Kwai_isSupport_3e82ab78_86dc_486c_b4a5_97a0a820fd0a function| yoda_kuaishou_plugin_callback_Kwai_isSupport_0e202c02_8e35_4e63_8ec9_b6d93c19996d function| yoda_kuaishou_plugin_callback_Kwai_isSupport_54a9a759_7eb8_4aff_baf3_7a54dc44e886 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_411b6bb8_aec4_4b66_95ac_387eb308a9e5 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_3dd894a8_7eca_41eb_a570_9e3aa9e8cfb1 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_44fec536_1eca_48a7_9ecc_f3e833e58a5e function| yoda_kuaishou_plugin_callback_Kwai_isSupport_b9dc4a97_d0b3_429d_a44b_74e344942511 object| Adjust4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.tiktok.com/ | Name: _ttp Value: 2iNHvlybUfuaY0edZGBLx5JOGhn |
|
.google-usz.com/ | Name: _tt_enable_cookie Value: 1 |
|
.google-usz.com/ | Name: _ttp Value: ylpITVSBJRAZtbQ6onceslSWyAx |
|
.mythad.com/ | Name: kwai_ckid Value: 1719324349295_7093547659429402 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.tiktok.com
api.ipify.org
api.mythad.com
appdv76.s3.ap-southeast-3.amazonaws.com
connect.facebook.net
fonts.gstatic.com
game99.feiwindevelopment.com
google-usz.com
lh3.googleusercontent.com
play-lh.googleusercontent.com
s1.kwai.net
www.googletagmanager.com
www.gstatic.com
www.vofzhq.com
api.ipify.org
appdv76.s3.ap-southeast-3.amazonaws.com
google-usz.com
play-lh.googleusercontent.com
www.googletagmanager.com
www.vofzhq.com
104.126.37.146
142.250.186.118
172.67.157.31
172.67.202.152
172.67.74.152
188.114.96.3
2606:4700:3037::6815:2a35
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:827::2001
2a00:1450:4001:829::2016
2a00:1450:4001:82f::2003
2a03:2880:f084:105:face:b00c:0:3
43.131.10.207
43.132.32.113
52.95.178.26
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0c74ad66c22f05cf782dba9b81ba62c36c9c0d19eb577c9a3ff787636365b8e9
15ff4dffcd2275bde1cb9763e9d70dc4b3837333354301ee58a73d63107577ac
1a62c574fd79e739c2c9f74e33ab2479c6b8c418090abb5ae151b1f43622e88f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2de14746137fc099576d3f3607b3f7767871eb50a20fa3b4e0da3359d4489af3
2e66a4315d0abf76f37d99e9f7595f43ab23965947fa90ab49a2e816700a02df
3575ac0087b76854e36690ae29a45b5c0cefdf6a0a9de6e38516a0fddfc08689
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
47d3e5c22630f08413d65b1507e3c2600f0dea1ae83f045f9f1a0be5514efee2
4f32ffbe78af2ae4ffe1bc3e97d4e5083826cb93c6f69e3a1da7fe30e0d50f51
4fb4e1565ee11145ccf8da1119e8812bc3cd513e8b15f2621a14bd43c06fc5a7
52960b56e4d4fbf39e5cae2833367131bb2354c69ab5d9eb296d82733f62923d
56c16d63110e6829e9e1fbd0a239dc54750300ac8d5a21193997747e2e6ede8f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6359730448551bba0d86f19fcab39ed5e43b68b047e9c50bfc26751867bac0b7
6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284
7163ed07fc099c1d8eb7ad4ea82ab3ac04b9062613a22e0a6b9f9f9943383118
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
81f19844a2982f73e56b70b096d2c3e37945c929b09ae4d765337821a530d77a
84f31b21d000c3456ba14c06e3a59d50c4a83bf871a40ca04eabd7b033d10952
857726437435447dd7f9970ac0ddf672c69889f1e3c087b1d84f009cf1edeeba
89b9444fa3a554de0694fc69ea67ea030af61f4f65dfd6e741f573bca8133b94
8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627
97345231261554cadfea643b3d5d2f75422b1f0db9c591e726aeed585a03e141
9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf
9e81a6112423a16742c1b94f60fcf2f1dcd4a82d42a000c10d3406a5186e2b4f
9ebe83d4c779d73aa32492ee896280033b6e37aad7ae1a3f0b86e0ddcf887a02
9ee660b9ef1bf8766fb46c9ce9a110e8fe21ee648957fa443861b3044b9a578f
a470aee42951c22167312e9862033578ea4eb0140f0a5d52ed38c15630982bb3
b194e068c2bf442d79b2562b36bae41830948922e6461366f747ea5ef31280ee
cb52d5507dce843dc910b016aa4f98f340ca5dea659b3d1e5b5f714c18d0b066
d20d4d8d667aade2afaf1d0d29993fe69c38672bd6a07129cf2ec31c93ca22a5
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
dd58e173db0554fedaa502ad9769e4eef77981332c4619b7d6ef71945e482e3c
de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec
e00870e3c1034202dcd8dbce87276fa59681fecbfc01c3637f64dad8f767b574
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eafea0e6977d05bf745afdd4f3b36c665a32caa7fbd6fd2e1a444ee4a0238ded
ec7079f564b373b25697d50497ace94e23b2208bd15ca06f9458a4fde31bee23
ee83373c5d6c67b60f6aadd8b6ed1f573a25ffe53379788d8f4dd671b861088b
f2582ba55ec07d7ae8bfe3ee0b769103e8870156ad832faf74324d1ec75355d1
f343b3015d0545a7d5b719a434135bcae2ac766ed459aeea671e3688b79d1875
f53c074f3aa414973be092bb5a5b8f016db40f7156954284e1b117c4fe3572c5
fa8124ac4fe21c49f2bb4373761e0550e03306f125522ef08a114288fb74e8c9
fae63f6a2db54a0cbd743ad20afff2b23b8d6e63639010d40957a7da730cf8e0
fda578c8b2454a91dd915904ee6cb2f8517609067f12a8d195b2d7185da670d3