playinfo.gomlab.com Open in urlscan Pro
13.224.194.98 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://playinfo.gomlab.com/ad_txt.html?lang=ENG&gom_version=2.3.40.5302&build=update&gomplayerarch=player32bit&product_id=G...
Submission Tags: falconsandbox
Submission: On December 17 via api (December 17th 2020, 12:27:36 pm UTC) from US

Summary HTTP 4 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 13.224.194.98, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is playinfo.gomlab.com.

This is the only time playinfo.gomlab.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1	13.224.194.98 13.224.194.98		16509 (AMAZON-02) (AMAZON-02)
2	13.224.194.113 13.224.194.113		16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::200e		15169 (GOOGLE) (GOOGLE)
4	3

1 13.224.194.98 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-98.fra2.r.cloudfront.net

playinfo.gomlab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.194.113 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-113.fra2.r.cloudfront.net

img.gomlab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	gomlab.com playinfo.gomlab.com img.gomlab.com	105 KB
1	google-analytics.com www.google-analytics.com	18 KB
4	2

	Domain	Requested by
2	img.gomlab.com	playinfo.gomlab.com
1	www.google-analytics.com	playinfo.gomlab.com
1	playinfo.gomlab.com
4	3

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://playinfo.gomlab.com/ad_txt.html?lang=ENG&gom_version=2.3.40.5302&build=update&gomplayerarch=player32bit&product_id=GOMPLA
Frame ID: 22916AF81752C625E9C4FAD74813348A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /\(CloudFront\)$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /\(CloudFront\)$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

4
Requests

25 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

123 kB
Transfer

149 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set ad_txt.html Show response
playinfo.gomlab.com/ 2 KB
3 KB 165ms
119ms Document
text/html 13.224.194.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://playinfo.gomlab.com/ad_txt.html?lang=ENG&gom_version=2.3.40.5302&build=update&gomplayerarch=player32bit&product_id=GOMPLA
Protocol: HTTP/1.1
Server: 13.224.194.98 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-98.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 48ed2be3b00757553e620b5512dca82ee09ee589ce437cbabe7902103a31c326

Request headers

Host: playinfo.gomlab.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Content-Length: 2117
Connection: keep-alive
Cache-control: no-cache="set-cookie"
Date: Thu, 17 Dec 2020 12:27:20 GMT
Server: Apache
Set-Cookie: ipCountry=DE; path=/ AWSELB=21D7DF3316F0F69EF6B39095BC157EE93B7A95EC59BA067903BF5CE1FB014F0443F5616E9FB32173CE29B16E7074681D6F7102C2C4ABB0974F7C518F720D491D869294FEC9;PATH=/;MAX-AGE=300
X-Cache: Miss from cloudfront
Via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: w61EwyUXBGRwU8TE7HizZIf5twnzymxbPfYYl6ZknD3Ni1_JTJGCzw==

GET
H/1.1 200
OK common_reset.css
img.gomlab.com/css/gomproduct/player/ 10 KB
10 KB 276ms
27ms Stylesheet
text/css 13.224.194.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://img.gomlab.com/css/gomproduct/player/common_reset.css
Requested by: Host: playinfo.gomlab.com
URL: http://playinfo.gomlab.com/ad_txt.html?lang=ENG&gom_version=2.3.40.5302&build=update&gomplayerarch=player32bit&product_id=GOMPLA
Protocol: HTTP/1.1
Server: 13.224.194.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fedda95c25defa21098c91b32b8b13c5089613a1fe0b80a79bd858bcdbee326d

Request headers

Referer: http://playinfo.gomlab.com/ad_txt.html?lang=ENG&gom_version=2.3.40.5302&build=update&gomplayerarch=player32bit&product_id=GOMPLA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 12:25:02 GMT
Via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
Age: 218
X-Cache: Hit from cloudfront
x-amz-meta-mode: 33204
Connection: keep-alive
Content-Length: 10093
Last-Modified: Thu, 09 Apr 2020 06:01:12 GMT
Server: AmazonS3
ETag: "4f7d76ae1d7d23f05a4475b015d41bea"
x-amz-meta-uid: 500
x-amz-meta-gid: 500
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Type: text/css
X-Amz-Cf-Id: AP4Vi9mjZfvl7LzsdINIXwnOjUnq95UXOw49oKUdOvsDSI065Mh59A==
x-amz-meta-mtime: 1586412071

GET
H/1.1 200
OK jquery-1.8.x.js Show response
img.gomlab.com/js/web/ 91 KB
92 KB 272ms
23ms Script
application/x-javascript 13.224.194.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://img.gomlab.com/js/web/jquery-1.8.x.js?20151001
Requested by: Host: playinfo.gomlab.com
URL: http://playinfo.gomlab.com/ad_txt.html?lang=ENG&gom_version=2.3.40.5302&build=update&gomplayerarch=player32bit&product_id=GOMPLA
Protocol: HTTP/1.1
Server: 13.224.194.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

Referer: http://playinfo.gomlab.com/ad_txt.html?lang=ENG&gom_version=2.3.40.5302&build=update&gomplayerarch=player32bit&product_id=GOMPLA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Dec 2020 20:43:04 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Age: 63141
X-Cache: Hit from cloudfront
x-amz-meta-mode: 33261
Connection: keep-alive
Content-Length: 93637
Last-Modified: Mon, 18 Jan 2016 02:04:22 GMT
Server: AmazonS3
ETag: "e1288116312e4728f98923c79b034b67"
x-amz-meta-uid: 500
x-amz-meta-gid: 0
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Type: application/x-javascript
X-Amz-Cf-Id: WWfQaU-8xmvjaEXiMeau2BY2hnU5CJw6xGUJFDGeSl6tgTXukstUYA==

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

46 KB
18 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: playinfo.gomlab.com
URL: http://playinfo.gomlab.com/ad_txt.html?lang=ENG&gom_version=2.3.40.5302&build=update&gomplayerarch=player32bit&product_id=GOMPLA

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://playinfo.gomlab.com/ad_txt.html?lang=ENG&gom_version=2.3.40.5302&build=update&gomplayerarch=player32bit&product_id=GOMPLA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1348
date: Thu, 17 Dec 2020 12:04:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 17 Dec 2020 14:04:53 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery string| GoogleAnalyticsObject function| ga number| curr_num object| text_json boolean| text_flag function| BannerAutoNext object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.gomlab.com/	1970-01-19 14:44:54	Name: _gid Value: GA1.2.1284593863.1608208041
			.gomlab.com/	1970-01-20 08:14:40	Name: _ga Value: GA1.2.1403561179.1608208041
			playinfo.gomlab.com/	1970-01-19 14:43:28	Name: AWSELB Value: 21D7DF3316F0F69EF6B39095BC157EE93B7A95EC59BA067903BF5CE1FB014F0443F5616E9FB32173CE29B16E7074681D6F7102C2C4ABB0974F7C518F720D491D869294FEC9
			playinfo.gomlab.com/	1969-12-31 23:59:59	Name: ipCountry Value: DE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.gomlab.com
playinfo.gomlab.com
www.google-analytics.com
13.224.194.113
13.224.194.98
2a00:1450:4001:809::200e
48ed2be3b00757553e620b5512dca82ee09ee589ce437cbabe7902103a31c326
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
fedda95c25defa21098c91b32b8b13c5089613a1fe0b80a79bd858bcdbee326d