URL: https://www.gpgames.us/thesimsfreelifepoints
Submission: On July 01 via api from US — Scanned from US

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 13 HTTP transactions. The main IP is 108.167.140.92, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.gpgames.us.
TLS certificate: Issued by R3 on May 18th 2023. Valid for: 3 months.
This is the only time www.gpgames.us was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

IP Address AS Autonomous System
11 108.167.140.92 46606 (UNIFIEDLA...)
1 192.229.173.207 15133 (EDGECAST)
1 2607:f8b0:400... 15169 (GOOGLE)
13 3
Apex Domain
Subdomains
Transfer
11 gpgames.us
www.gpgames.us
gpgames.us
2 MB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 433
30 KB
1 w3schools.com
www.w3schools.com — Cisco Umbrella Rank: 17702
7 KB
13 3
Domain Requested by
9 www.gpgames.us www.gpgames.us
2 gpgames.us www.gpgames.us
1 ajax.googleapis.com www.gpgames.us
1 www.w3schools.com www.gpgames.us
13 4

This site contains links to these domains. Also see Links.

Domain
appinstallcheck.com
apps.apple.com
play.google.com
Subject Issuer Validity Valid
gpgames.us
R3
2023-05-18 -
2023-08-16
3 months crt.sh
*.w3schools.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-04
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-05-29 -
2023-08-21
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.gpgames.us/thesimsfreelifepoints
Frame ID: 1514DA52822B52828169EAB1B603FACA
Requests: 8 HTTP requests in this frame

Frame: https://www.gpgames.us/thesimsfreeplay/recentactivity-iframe.html
Frame ID: A1E81BBAF75465D99908E22F24703F42
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

The Sims FreePlay - Free Life Points

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

1635 kB
Transfer

1726 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request thesimsfreelifepoints
www.gpgames.us/
12 KB
4 KB
Document
General
Full URL
https://www.gpgames.us/thesimsfreelifepoints
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.140.92 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4165.hostgator.com
Software
Apache /
Resource Hash
1886c4751312f02b7b9e14254a25651ae2b46f5b4773ea0133d63e58ff8bb700

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
3993
content-type
text/html
date
Sat, 01 Jul 2023 15:13:39 GMT
last-modified
Mon, 12 Sep 2022 18:15:44 GMT
server
Apache
vary
Accept-Encoding
w3.css
www.w3schools.com/lib/
31 KB
7 KB
Stylesheet
General
Full URL
https://www.w3schools.com/lib/w3.css
Requested by
Host: www.gpgames.us
URL: https://www.gpgames.us/thesimsfreelifepoints
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.173.207 New York, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D08) / ASP.NET
Resource Hash
2f2d3c65754f7a485d41c260209aeb4f8a900428359f9708ac610c947f1fb321
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gpgames.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding
gzip
date
Sat, 01 Jul 2023 15:13:39 GMT
last-modified
Fri, 30 Jun 2023 11:38:14 GMT
server
ECS (nyb/1D08)
age
13796
etag
"017e35a47abd91:0+gzip"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public,max-age=14400,public
accept-ranges
bytes
content-length
6679
x-content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
banner.jpg
www.gpgames.us/thesimsfreeplay/
197 KB
197 KB
Image
General
Full URL
https://www.gpgames.us/thesimsfreeplay/banner.jpg
Requested by
Host: www.gpgames.us
URL: https://www.gpgames.us/thesimsfreelifepoints
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.140.92 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4165.hostgator.com
Software
Apache /
Resource Hash
1cb4c2c4406cc52cdadba9ced4d347adf63311b75cdf8ae2bc199f0355fbf654

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gpgames.us/thesimsfreelifepoints
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 15:13:39 GMT
last-modified
Mon, 12 Sep 2022 17:37:28 GMT
server
Apache
accept-ranges
bytes
content-length
202061
content-type
image/jpeg
free-lifepoints.png
www.gpgames.us/thesimsfreeplay/
217 KB
217 KB
Image
General
Full URL
https://www.gpgames.us/thesimsfreeplay/free-lifepoints.png
Requested by
Host: www.gpgames.us
URL: https://www.gpgames.us/thesimsfreelifepoints
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.140.92 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4165.hostgator.com
Software
Apache /
Resource Hash
b56ad2f6a71758ef55482a089ec63301ce1d10702d35d2b5f8293520e6bc55a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gpgames.us/thesimsfreelifepoints
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 15:13:39 GMT
last-modified
Mon, 12 Sep 2022 18:06:33 GMT
server
Apache
accept-ranges
bytes
content-length
222451
content-type
image/png
icon.png
www.gpgames.us/thesimsfreeplay/
319 KB
320 KB
Image
General
Full URL
https://www.gpgames.us/thesimsfreeplay/icon.png
Requested by
Host: www.gpgames.us
URL: https://www.gpgames.us/thesimsfreelifepoints
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.140.92 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4165.hostgator.com
Software
Apache /
Resource Hash
8fd6c9b29963015985adf962fdb94d9ec1c854bfa04c82d827d8e252615034e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gpgames.us/thesimsfreelifepoints
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 15:13:39 GMT
last-modified
Mon, 12 Sep 2022 17:33:47 GMT
server
Apache
accept-ranges
bytes
content-length
327150
content-type
image/png
appstore2.png
www.gpgames.us/image/
11 KB
11 KB
Image
General
Full URL
https://www.gpgames.us/image/appstore2.png
Requested by
Host: www.gpgames.us
URL: https://www.gpgames.us/thesimsfreelifepoints
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.140.92 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4165.hostgator.com
Software
Apache /
Resource Hash
72c76d5534a6e0df94fec3302fac7e96054d1e1665430ee6dc74e70261926613

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gpgames.us/thesimsfreelifepoints
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 15:13:39 GMT
last-modified
Mon, 06 May 2019 00:35:22 GMT
server
Apache
accept-ranges
bytes
content-length
11498
content-type
image/png
googleplay2.png
www.gpgames.us/image/
8 KB
8 KB
Image
General
Full URL
https://www.gpgames.us/image/googleplay2.png
Requested by
Host: www.gpgames.us
URL: https://www.gpgames.us/thesimsfreelifepoints
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.140.92 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4165.hostgator.com
Software
Apache /
Resource Hash
b4e430ab7b2405f6bc883baf550a035edc912aa51f0ac061e5faa78b873fff12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gpgames.us/thesimsfreelifepoints
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 15:13:39 GMT
last-modified
Mon, 06 May 2019 00:35:17 GMT
server
Apache
accept-ranges
bytes
content-length
8502
content-type
image/png
recentactivity-iframe.html
www.gpgames.us/thesimsfreeplay/ Frame A1E8
10 KB
4 KB
Document
General
Full URL
https://www.gpgames.us/thesimsfreeplay/recentactivity-iframe.html
Requested by
Host: www.gpgames.us
URL: https://www.gpgames.us/thesimsfreelifepoints
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.140.92 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4165.hostgator.com
Software
Apache /
Resource Hash
170b1be7a3077ca8bbd48301dad900c1513ab0efc1983e8f00cfdf50baec2274

Request headers

Referer
https://www.gpgames.us/thesimsfreelifepoints
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
3671
content-type
text/html
date
Sat, 01 Jul 2023 15:13:39 GMT
last-modified
Mon, 12 Sep 2022 17:29:18 GMT
server
Apache
vary
Accept-Encoding
background.jpg
www.gpgames.us/thesimsfreeplay/
824 KB
824 KB
Image
General
Full URL
https://www.gpgames.us/thesimsfreeplay/background.jpg
Requested by
Host: www.gpgames.us
URL: https://www.gpgames.us/thesimsfreelifepoints
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.140.92 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4165.hostgator.com
Software
Apache /
Resource Hash
347edc09a31b00c696f4f6e81b9e23f7f30e0ae8a214d19962e5c71c8c35369e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gpgames.us/thesimsfreelifepoints
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 15:13:40 GMT
last-modified
Mon, 12 Sep 2022 17:37:27 GMT
server
Apache
accept-ranges
bytes
content-length
843388
content-type
image/jpeg
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame A1E8
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.gpgames.us
URL: https://www.gpgames.us/thesimsfreeplay/recentactivity-iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gpgames.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 01:02:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Jun 2024 01:02:58 GMT
recentactivity-iframe.html
www.gpgames.us/thesimsfreeplay/ Frame A1E8
10 KB
10 KB
Image
General
Full URL
https://www.gpgames.us/thesimsfreeplay/recentactivity-iframe.html
Requested by
Host: www.gpgames.us
URL: https://www.gpgames.us/thesimsfreeplay/recentactivity-iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.140.92 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4165.hostgator.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gpgames.us/thesimsfreeplay/recentactivity-iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 15:13:40 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 17:29:18 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
3671
ca.png
gpgames.us/flags/ Frame A1E8
987 B
1 KB
Image
General
Full URL
https://gpgames.us/flags/ca.png
Requested by
Host: www.gpgames.us
URL: https://www.gpgames.us/thesimsfreeplay/recentactivity-iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.140.92 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4165.hostgator.com
Software
Apache /
Resource Hash
a212bbac21defee785f6637e7c75f8e8704334011cda742a54b417fd2240d219

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gpgames.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 15:13:40 GMT
last-modified
Mon, 22 Apr 2019 15:19:47 GMT
server
Apache
accept-ranges
bytes
content-length
987
content-type
image/png
us.png
gpgames.us/flags/ Frame A1E8
1 KB
1 KB
Image
General
Full URL
https://gpgames.us/flags/us.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.140.92 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4165.hostgator.com
Software
Apache /
Resource Hash
1df041ee94ffd0494c727347964137eb7193c1c97bee9f0cbae6a918256e6df4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gpgames.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 15:13:49 GMT
last-modified
Mon, 22 Apr 2019 15:20:33 GMT
server
Apache
accept-ranges
bytes
content-length
1039
content-type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| MyIP number| eenum number| ee function| dis_num2 function| formatAMPM object| modalparent object| modal_btn_multi object| span_close_multi function| setDataIndex

0 Cookies

2 Console Messages

Source Level URL
Text
security warning URL: https://www.gpgames.us/thesimsfreeplay/recentactivity-iframe.html
Message:
Mixed Content: The page at 'https://www.gpgames.us/thesimsfreeplay/recentactivity-iframe.html' was loaded over HTTPS, but requested an insecure element 'http://gpgames.us/flags/ca.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.gpgames.us/thesimsfreeplay/recentactivity-iframe.html
Message:
Mixed Content: The page at 'https://www.gpgames.us/thesimsfreeplay/recentactivity-iframe.html' was loaded over HTTPS, but requested an insecure element 'http://gpgames.us/flags/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html