urlscan.io logo urlscan.io
SecurityTrails logo

googleplay.ggbetpl.xyz Open in urlscan Pro
172.67.149.252  Public Scan

Go To Rescan Add Verdict Report
URL: https://googleplay.ggbetpl.xyz/en/pwa/googleplay
Submission Tags: @phishunt_io
Submission: On October 15 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 172.67.149.252, located in United States and belongs to CLOUDFLARENET, US. The main domain is googleplay.ggbetpl.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 15th 2021. Valid for: a year.
This is the only time googleplay.ggbetpl.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.149.252 13335 (CLOUDFLAR...)
1 104.16.87.20 13335 (CLOUDFLAR...)
6 142.250.181.246 15169 (GOOGLE)
9 3
Domain Requested by
6 play-lh.googleusercontent.com googleplay.ggbetpl.xyz
2 googleplay.ggbetpl.xyz googleplay.ggbetpl.xyz
1 cdn.jsdelivr.net googleplay.ggbetpl.xyz
9 3

This site contains links to these domains. Also see Links.

Domain
play.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-15 -
2022-10-14		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://googleplay.ggbetpl.xyz/en/pwa/googleplay
Frame ID: 1D4D868B26A0E167838A5411076EA1F5
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

wwwjuhvv;oijvv

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+?href="[^"]+bulma(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

737 kB
Transfer

925 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request googleplay
googleplay.ggbetpl.xyz/en/pwa/ 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleplay.ggbetpl.xyz/en/pwa/googleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.149.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a401bb45c41678b961e13521ce0c4ddf274c73938de15ab13a40d1384f96b422

Request headers

:method
GET
:authority
googleplay.ggbetpl.xyz
:scheme
https
:path
/en/pwa/googleplay
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 15 Oct 2021 20:54:26 GMT
content-type
text/html; charset=UTF-8
set-cookie
did=11009_googleplay_6169ea82dbb26; expires=Sat, 15-Oct-2022 20:54:26 GMT; Max-Age=31536000; path=/ pdk=4093ceac1820b29e9bc4ede617805e5e; expires=Sat, 15-Oct-2022 20:54:26 GMT; Max-Age=31536000
x-mod-pagespeed
1.13.35.2-0
vary
Accept-Encoding
cache-control
max-age=0, no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6h4RGZhCmoxcaNy9iTbfPIKoj07gmvs7fPsBQ6fBiyQBh0wVVAMM2TV%2BepA0kOiqOgIoH9gTAjGE3VcIeFOXJ6ag7MnTpNKgDG2xV1JE54TJhrb4fQKGoZE%2F6pSNDCPb%2FF%2BFRX4wZ9l"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69ebf14f9b8bcd8b-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bulma.min.css
cdn.jsdelivr.net/npm/bulma@0.9.2/css/ 		201 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bulma@0.9.2/css/bulma.min.css
Requested by
Host: googleplay.ggbetpl.xyz
URL: https://googleplay.ggbetpl.xyz/en/pwa/googleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bc4ac4300e0d51d745a728937262077d277ae5a26f984957066c41794667c59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 20:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3118263
x-jsd-version
0.9.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19138-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"32207-yhs67gOXCSpWkozInuAyMWfytfM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
69ebf152fe702169-DUS
qbpnFfGpQ7znKfwf5wiILCKSkBmZBALjTLSQ9_jl_FDp6PCcQDgrPSAV4J06Y1u-UF8=s0
play-lh.googleusercontent.com/ 		371 KB
372 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/qbpnFfGpQ7znKfwf5wiILCKSkBmZBALjTLSQ9_jl_FDp6PCcQDgrPSAV4J06Y1u-UF8=s0
Requested by
Host: googleplay.ggbetpl.xyz
URL: https://googleplay.ggbetpl.xyz/en/pwa/googleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.246 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f22.1e100.net
Software
fife /
Resource Hash
706d8163d5df7f6b1611ecee556a1332f551d94e849a65c1dcccbeed90538adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 20:54:27 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
380379
x-xss-protection
0
expires
Sat, 16 Oct 2021 20:54:27 GMT
AOh14Gh77XcbSVGnAUh49lWJsVcnnmKs7eLjRhzH7Ax4=s64
play-lh.googleusercontent.com/a-/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/a-/AOh14Gh77XcbSVGnAUh49lWJsVcnnmKs7eLjRhzH7Ax4=s64
Requested by
Host: googleplay.ggbetpl.xyz
URL: https://googleplay.ggbetpl.xyz/en/pwa/googleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.246 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f22.1e100.net
Software
fife /
Resource Hash
490a6ff67a3afe8104b08d42fc79571ed5cecfa6ec37731eac79166d4b00f14b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 20:54:27 GMT
x-content-type-options
nosniff
server
fife
etag
"v9"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4899
x-xss-protection
0
expires
Sat, 16 Oct 2021 20:54:27 GMT
6bzZvPcSupVg_2QTezuNeyKH7ufakVdrrxqz1WauguklAfrGUHcfZdAYWeaK6dX2vA
play-lh.googleusercontent.com/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/6bzZvPcSupVg_2QTezuNeyKH7ufakVdrrxqz1WauguklAfrGUHcfZdAYWeaK6dX2vA
Requested by
Host: googleplay.ggbetpl.xyz
URL: https://googleplay.ggbetpl.xyz/en/pwa/googleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.246 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f22.1e100.net
Software
fife /
Resource Hash
2b7c49260ef6b55ae2bd74b6ad8f490e00d9bd7bb01f59efc49ab72a2e97e39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 20:54:27 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88367
x-xss-protection
0
expires
Sat, 16 Oct 2021 20:54:27 GMT
2Y1Eh5z8hi3JP42KDKezOn3ORaIEP7bGik_PoopjbSayy8INtFEcdR6ufKZNlZymHnE
play-lh.googleusercontent.com/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/2Y1Eh5z8hi3JP42KDKezOn3ORaIEP7bGik_PoopjbSayy8INtFEcdR6ufKZNlZymHnE
Requested by
Host: googleplay.ggbetpl.xyz
URL: https://googleplay.ggbetpl.xyz/en/pwa/googleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.246 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f22.1e100.net
Software
fife /
Resource Hash
bd90192c6d6b8a644d2e0c4f9de1f4448ef46412531f82201c455c6669af1d9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 20:54:27 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85422
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 12 Oct 2021 16:16:28 GMT
jac1mYwp3-qAryFgMTDrhP1RkEBVMmHY84MTDbbZAboBwa3ONVEdqsUVuLg1cFB1mNk
play-lh.googleusercontent.com/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/jac1mYwp3-qAryFgMTDrhP1RkEBVMmHY84MTDbbZAboBwa3ONVEdqsUVuLg1cFB1mNk
Requested by
Host: googleplay.ggbetpl.xyz
URL: https://googleplay.ggbetpl.xyz/en/pwa/googleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.246 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f22.1e100.net
Software
fife /
Resource Hash
84280611eecf05f0d5cc37c490ee1a6585606fd52ca782d6e2b10b827d8677e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 20:54:27 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75286
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 10 Oct 2021 13:30:36 GMT
7nv_HU8DHWKa-ajsMgR9HEgEgnkmqLSka3C0nAVUQOWqv699ibSfT7BzAUUj795-Yj4
play-lh.googleusercontent.com/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/7nv_HU8DHWKa-ajsMgR9HEgEgnkmqLSka3C0nAVUQOWqv699ibSfT7BzAUUj795-Yj4
Requested by
Host: googleplay.ggbetpl.xyz
URL: https://googleplay.ggbetpl.xyz/en/pwa/googleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.246 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f22.1e100.net
Software
fife /
Resource Hash
3047f322ae43a2de43039eee3003f1e08e1299d708f0c7d066e553bc3dd5d8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 20:54:27 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83122
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 10 Oct 2021 13:30:37 GMT
mod_pagespeed_beacon
googleplay.ggbetpl.xyz/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleplay.ggbetpl.xyz/mod_pagespeed_beacon?url=https%3A%2F%2Fgoogleplay.ggbetpl.xyz%2Fen%2Fpwa%2Fgoogleplay
Requested by
Host: googleplay.ggbetpl.xyz
URL: https://googleplay.ggbetpl.xyz/en/pwa/googleplay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.149.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode
cors
origin
https://googleplay.ggbetpl.xyz
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
did=11009_googleplay_6169ea82dbb26
content-length
62
:path
/mod_pagespeed_beacon?url=https%3A%2F%2Fgoogleplay.ggbetpl.xyz%2Fen%2Fpwa%2Fgoogleplay
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded
accept
*/*
cache-control
no-cache
:authority
googleplay.ggbetpl.xyz
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 15 Oct 2021 20:54:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bO0%2BVGDs%2BYlrbovJinjgGZ4KQwhdFyTE1dpN0UM9gGMV84AiHrh0devcI3E6IG4KK3dYZToj5qQW2a7Ny03vtxWoqobxArGb7n%2FAk9dAc4KSb0YNWOzCuiZHbGd%2BdB%2Bjkz68AAOYQ9wA"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache
cf-ray
69ebf1546826cd8b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| SETTINGS object| PWAPlatform function| onPWAInstall object| pagespeed boolean| isClicked

2 Cookies

Domain/Path Name / Value
googleplay.ggbetpl.xyz/en/pwa Name: pdk
Value: 4093ceac1820b29e9bc4ede617805e5e
googleplay.ggbetpl.xyz/ Name: did
Value: 11009_googleplay_6169ea82dbb26