www.gpgames.us
Open in
urlscan Pro
108.167.140.92
Malicious Activity!
Public Scan
Submission: On July 01 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on May 18th 2023. Valid for: 3 months.
This is the only time www.gpgames.us was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 108.167.140.92 108.167.140.92 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 | 192.229.173.207 192.229.173.207 | 15133 (EDGECAST) (EDGECAST) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:80d::200a | 15169 (GOOGLE) (GOOGLE) | |
13 | 3 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: gator4165.hostgator.com
www.gpgames.us | |
gpgames.us |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
gpgames.us
www.gpgames.us gpgames.us |
2 MB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 433 |
30 KB |
1 |
w3schools.com
www.w3schools.com — Cisco Umbrella Rank: 17702 |
7 KB |
13 | 3 |
Domain | Requested by | |
---|---|---|
9 | www.gpgames.us |
www.gpgames.us
|
2 | gpgames.us |
www.gpgames.us
|
1 | ajax.googleapis.com |
www.gpgames.us
|
1 | www.w3schools.com |
www.gpgames.us
|
13 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
appinstallcheck.com |
apps.apple.com |
play.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
gpgames.us R3 |
2023-05-18 - 2023-08-16 |
3 months | crt.sh |
*.w3schools.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-03-05 - 2024-04-04 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-29 - 2023-08-21 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.gpgames.us/thesimsfreelifepoints
Frame ID: 1514DA52822B52828169EAB1B603FACA
Requests: 8 HTTP requests in this frame
Frame:
https://www.gpgames.us/thesimsfreeplay/recentactivity-iframe.html
Frame ID: A1E81BBAF75465D99908E22F24703F42
Requests: 5 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Title: Continue - Server 2
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
thesimsfreelifepoints
www.gpgames.us/ |
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w3.css
www.w3schools.com/lib/ |
31 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.jpg
www.gpgames.us/thesimsfreeplay/ |
197 KB 197 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-lifepoints.png
www.gpgames.us/thesimsfreeplay/ |
217 KB 217 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
www.gpgames.us/thesimsfreeplay/ |
319 KB 320 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appstore2.png
www.gpgames.us/image/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googleplay2.png
www.gpgames.us/image/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recentactivity-iframe.html
www.gpgames.us/thesimsfreeplay/ Frame A1E8 |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.jpg
www.gpgames.us/thesimsfreeplay/ |
824 KB 824 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame A1E8 |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recentactivity-iframe.html
www.gpgames.us/thesimsfreeplay/ Frame A1E8 |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca.png
gpgames.us/flags/ Frame A1E8 |
987 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us.png
gpgames.us/flags/ Frame A1E8 |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| MyIP number| eenum number| ee function| dis_num2 function| formatAMPM object| modalparent object| modal_btn_multi object| span_close_multi function| setDataIndex0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
gpgames.us
www.gpgames.us
www.w3schools.com
108.167.140.92
192.229.173.207
2607:f8b0:4006:80d::200a
170b1be7a3077ca8bbd48301dad900c1513ab0efc1983e8f00cfdf50baec2274
1886c4751312f02b7b9e14254a25651ae2b46f5b4773ea0133d63e58ff8bb700
1cb4c2c4406cc52cdadba9ced4d347adf63311b75cdf8ae2bc199f0355fbf654
1df041ee94ffd0494c727347964137eb7193c1c97bee9f0cbae6a918256e6df4
2f2d3c65754f7a485d41c260209aeb4f8a900428359f9708ac610c947f1fb321
347edc09a31b00c696f4f6e81b9e23f7f30e0ae8a214d19962e5c71c8c35369e
72c76d5534a6e0df94fec3302fac7e96054d1e1665430ee6dc74e70261926613
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8fd6c9b29963015985adf962fdb94d9ec1c854bfa04c82d827d8e252615034e5
a212bbac21defee785f6637e7c75f8e8704334011cda742a54b417fd2240d219
b4e430ab7b2405f6bc883baf550a035edc912aa51f0ac061e5faa78b873fff12
b56ad2f6a71758ef55482a089ec63301ce1d10702d35d2b5f8293520e6bc55a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855