google-uls.com
Open in
urlscan Pro
172.67.203.41
Malicious Activity!
Public Scan
Effective URL: https://google-uls.com/?id=s7
Submission: On July 10 via api from US — Scanned from DE
Summary
TLS certificate: Issued by WE1 on June 27th 2024. Valid for: 3 months.
This is the only time google-uls.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 172.67.203.41 172.67.203.41 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:831::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:830::2001 | 15169 (GOOGLE) (GOOGLE) | |
5 | 172.217.18.22 172.217.18.22 | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.95.179.58 52.95.179.58 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 104.26.13.205 104.26.13.205 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 43.131.10.207 43.131.10.207 | 139341 (ACE-AS-AP...) (ACE-AS-AP ACE) | |
10 | 23.213.161.216 23.213.161.216 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 34.96.80.159 34.96.80.159 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 43.132.32.113 43.132.32.113 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
2 | 240e:cf:8800:... 240e:cf:8800:53:3::3db | 134238 (CT-JIANGX...) (CT-JIANGXI-IDC CHINANET Jiangx province IDC network) | |
1 | 240e:97b:500:... 240e:97b:500:2000::4 | 4134 (CHINANET-...) (CHINANET-BACKBONE No.31) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
52 | 15 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
lh3.googleusercontent.com |
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f22.1e100.net
play-lh.googleusercontent.com |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-3.amazonaws.com
appdv76.s3.ap-southeast-3.amazonaws.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-216.deploy.static.akamaitechnologies.com
analytics.tiktok.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.80.96.34.bc.googleusercontent.com
cdn.adjust.com |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
api.mythad.com |
ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN)
s4.cnzz.com | |
c.cnzz.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 943 |
246 KB |
7 |
googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 128 play-lh.googleusercontent.com — Cisco Umbrella Rank: 328 |
4 KB |
3 |
cnzz.com
s4.cnzz.com — Cisco Umbrella Rank: 99264 z3.cnzz.com — Cisco Umbrella Rank: 141698 c.cnzz.com — Cisco Umbrella Rank: 54795 |
11 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 110 |
115 KB |
2 |
google-uls.com
google-uls.com |
54 KB |
1 |
gstatic.com
www.gstatic.com |
1 KB |
1 |
mythad.com
api.mythad.com — Cisco Umbrella Rank: 22817 |
734 B |
1 |
adjust.com
cdn.adjust.com — Cisco Umbrella Rank: 73170 |
28 KB |
1 |
kwai.net
s1.kwai.net — Cisco Umbrella Rank: 17371 |
27 KB |
1 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 232 |
59 KB |
1 |
amazonaws.com
appdv76.s3.ap-southeast-3.amazonaws.com — Cisco Umbrella Rank: 405038 |
560 B |
1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2521 Failed |
154 B |
0 |
vofzhq.com
Failed
www.vofzhq.com Failed |
|
52 | 13 |
Domain | Requested by | |
---|---|---|
10 | analytics.tiktok.com |
google-uls.com
analytics.tiktok.com |
5 | play-lh.googleusercontent.com |
google-uls.com
|
3 | www.googletagmanager.com |
google-uls.com
|
2 | lh3.googleusercontent.com |
google-uls.com
|
2 | google-uls.com |
google-uls.com
|
1 | www.gstatic.com | |
1 | c.cnzz.com |
s4.cnzz.com
|
1 | z3.cnzz.com |
s4.cnzz.com
|
1 | s4.cnzz.com |
google-uls.com
|
1 | api.mythad.com |
analytics.tiktok.com
|
1 | cdn.adjust.com |
google-uls.com
|
1 | s1.kwai.net |
google-uls.com
|
1 | connect.facebook.net |
google-uls.com
|
1 | appdv76.s3.ap-southeast-3.amazonaws.com |
google-uls.com
|
1 | api.ipify.org |
google-uls.com
|
0 | www.vofzhq.com Failed |
google-uls.com
|
52 | 16 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
google-uls.com WE1 |
2024-06-27 - 2024-09-25 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
*.googleusercontent.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
edgestatic.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
*.s3.ap-southeast-3.amazonaws.com Amazon RSA 2048 M01 |
2024-06-20 - 2025-06-02 |
a year | crt.sh |
ipify.org GTS CA 1P5 |
2024-05-19 - 2024-08-17 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-04-18 - 2024-07-17 |
3 months | crt.sh |
*.kwai.net GlobalSign RSA OV SSL CA 2018 |
2023-10-26 - 2024-11-26 |
a year | crt.sh |
*.tiktok.com RapidSSL ECC CA 2018 |
2023-07-14 - 2024-08-13 |
a year | crt.sh |
cdn.adjust.com WR3 |
2024-06-30 - 2024-09-28 |
3 months | crt.sh |
*.mythad.com GlobalSign GCC R3 DV TLS CA 2020 |
2024-03-12 - 2025-04-13 |
a year | crt.sh |
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G3 |
2024-02-17 - 2025-03-20 |
a year | crt.sh |
*.gstatic.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://google-uls.com/?id=s7
Frame ID: 940814B95C512B0B84AC7F2C31C62BA2
Requests: 52 HTTP requests in this frame
Screenshot
Page Title
7276 – Apps on Google PlayPage URL History Show full URLs
- https://google-uls.com/ Page URL
- https://google-uls.com/?id=s7 Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://google-uls.com/ Page URL
- https://google-uls.com/?id=s7 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
52 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
google-uls.com/ |
242 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
style.css
www.vofzhq.com/resource/save1/assets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
clipboard.min.js
www.vofzhq.com/resource/save1/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
adjust-latest.min.js
www.vofzhq.com/resource/save1/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
128 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
lh3.googleusercontent.com/a/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
api.ipify.org/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
google-uls.com/ |
242 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
style.css
www.vofzhq.com/resource/save1/assets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
clipboard.min.js
www.vofzhq.com/resource/save1/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
adjust-latest.min.js
www.vofzhq.com/resource/save1/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
128 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ACg8ocIViwTDhpGxCyQsQwqTKli-MfAWlNQcq6b_czIEjrBAFA=s32-c-k-cc-mo
lh3.googleusercontent.com/a/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_KiRouu_G6J_2jwePzQ_i5_FMc_SVKT3mI7d7KKq9zca-Nr8bj2bPasawLvk6ajzASQS-90a8hYXeAh0lQ=w96-h32-rw
play-lh.googleusercontent.com/ |
222 B 247 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1.jpg
www.vofzhq.com/resource/save1/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
2.jpg
www.vofzhq.com/resource/save1/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
3.jpg
www.vofzhq.com/resource/save1/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
44.jpg
www.vofzhq.com/resource/save1/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
5.jpg
www.vofzhq.com/resource/save1/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
play-lh.googleusercontent.com/ |
200 B 225 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
play-lh.googleusercontent.com/ |
244 B 269 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
play-lh.googleusercontent.com/ |
200 B 225 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
play-lh.googleusercontent.com/ |
164 B 189 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
indonesia.png
www.vofzhq.com/resource/save1/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
email-decode.min.js
www.vofzhq.com/resource/save1/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7276.js
appdv76.s3.ap-southeast-3.amazonaws.com/download-app/ |
153 B 560 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.ipify.org/ |
21 B 154 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
183 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
222 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
events-nr.js
s1.kwai.net/kos/s101/nlav11187/pixel/custom/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adjust-latest.min.js
cdn.adjust.com/ |
90 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.MWU2NDEzYzJiMA.js
analytics.tiktok.com/i18n/pixel/static/ |
339 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.MWU2NDEzYzJiMQ.js
analytics.tiktok.com/i18n/pixel/static/ |
344 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ |
146 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 845 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 703 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel
analytics.tiktok.com/api/v2/ |
0 841 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
act
analytics.tiktok.com/api/v2/pixel/ |
0 843 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getPixelConfig
api.mythad.com/rest/n/adintl/ad/ |
138 B 734 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
z.js
s4.cnzz.com/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
s7.png
www.vofzhq.com/resource/save1/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
s7-1.png
www.vofzhq.com/resource/save1/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
s7-2.png
www.vofzhq.com/resource/save1/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
s7-3.png
www.vofzhq.com/resource/save1/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
s7-4.png
www.vofzhq.com/resource/save1/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
s7-5.png
www.vofzhq.com/resource/save1/assets/image/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
stat.htm
z3.cnzz.com/ |
2 B 123 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.js
c.cnzz.com/ |
906 B 862 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon_v3.ico
www.gstatic.com/android/market_images/web/ |
4 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/css/style.css
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/js/clipboard.min.js
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/js/adjust-latest.min.js
- Domain
- api.ipify.org
- URL
- https://api.ipify.org/?format=json
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/css/style.css
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/js/clipboard.min.js
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/js/adjust-latest.min.js
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/image/1.jpg
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/image/2.jpg
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/image/3.jpg
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/image/44.jpg
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/image/5.jpg
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/image/indonesia.png
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/js/email-decode.min.js
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/image/s7.png
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/image/s7-1.png
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/image/s7-2.png
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/image/s7-3.png
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/image/s7-4.png
- Domain
- www.vofzhq.com
- URL
- https://www.vofzhq.com/resource/save1/assets/image/s7-5.png
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)49 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| urlParams function| gtag object| dataLayer function| fbq function| _fbq string| KwaiAnalyticsObject object| kwaiq object| install object| params string| TiktokAnalyticsObject object| ttq object| Adjust object| Adjust_q object| google_tag_manager object| google_tag_data object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| yoda_kuaishou_plugin_callback_Kwai_isSupport_b32f569a_d291_4e29_ad03_2b02e1cc916c function| yoda_kuaishou_plugin_callback_Kwai_isSupport_965673a3_3f7d_4328_8ea1_742ff7a2fb85 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_31acaa02_e07a_471f_a9aa_67df061d861c function| yoda_kuaishou_plugin_callback_Kwai_isSupport_ce8d1a24_8ea7_4466_83eb_22a64f63df66 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_180fdffe_21f3_4228_ac7b_ddbf4dbca2d9 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_d19f67d9_e62f_4e89_a0c5_c32a400bf255 object| events function| yoda_kuaishou_plugin_callback_Kwai_isSupport_dfb14c48_a7b3_4c4b_8380_0df271111400 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_0d3c2944_311f_4b8f_ad86_033efc09c4ba function| yoda_kuaishou_plugin_callback_Kwai_isSupport_50da6c19_dd2d_43d0_8e70_dc333b0c4aa6 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_061ec6cd_6f49_44a1_8b0f_c82e62f9ffda function| yoda_kuaishou_plugin_callback_Kwai_isSupport_91c6af2f_bcd3_47d2_a57f_f78b653a8ddb function| yoda_kuaishou_plugin_callback_Kwai_isSupport_b64998a5_7c9f_4e04_83a4_614db850d8d3 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_f3a1ae73_0799_4f6f_9fd4_7973971086c2 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_933c902c_f5eb_4108_bfc4_bf7dee625562 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_a28fc6d5_ddc5_4ad0_b5cd_afa812141a20 function| yoda_kuaishou_plugin_callback_Kwai_isSupport_39a05d3b_7e8b_475d_a502_3e0d03e602a2 object| downloadLink function| getAuthToken function| getCookie function| buildURL function| getFbPid function| gtag_report_conversion function| goDownload function| similarGamesClick object| _czc object| _cz_loaded string| _cz_account object| _CNZZDbridge_12813374206 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.tiktok.com/ | Name: _ttp Value: 2j3CLIRmLephLy4CJdytrc0wwZw |
|
.google-uls.com/ | Name: _tt_enable_cookie Value: 1 |
|
.google-uls.com/ | Name: _ttp Value: EbDG3bH5uIME_XChAm2PiY8MYw3 |
|
.mythad.com/ | Name: kwai_ckid Value: 1720606317247_8470169502352165 |
|
.google-uls.com/ | Name: UM_distinctid Value: 1909c20dc633ee-0b298e076ed99b-11462c6f-1d4c00-1909c20dc64c57 |
|
google-uls.com/ | Name: CNZZDATA1281337420 Value: 1810158918-1720606318-https%253A%252F%252Fgoogle-uls.com%252F%7C1720606318 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.tiktok.com
api.ipify.org
api.mythad.com
appdv76.s3.ap-southeast-3.amazonaws.com
c.cnzz.com
cdn.adjust.com
connect.facebook.net
google-uls.com
lh3.googleusercontent.com
play-lh.googleusercontent.com
s1.kwai.net
s4.cnzz.com
www.googletagmanager.com
www.gstatic.com
www.vofzhq.com
z3.cnzz.com
api.ipify.org
www.vofzhq.com
104.26.13.205
172.217.18.22
172.67.203.41
23.213.161.216
240e:97b:500:2000::4
240e:cf:8800:53:3::3db
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2008
2a03:2880:f084:d:face:b00c:0:3
34.96.80.159
43.131.10.207
43.132.32.113
52.95.179.58
1d355a2635cf91a471018aa8dd3f11475641f3830b3d4afa7d103d0881b06581
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2e66a4315d0abf76f37d99e9f7595f43ab23965947fa90ab49a2e816700a02df
329ad3c7ac436f964c7a8cfcc6a74c859b51cdabd8974a65f0836410b11f2dc5
33bd6023958eb1b812805df5446e9fb6ce274d56994c23e7288f2589ed73a05c
4e40caec07450755166c40ba51099f2807b4b2efc3d6252f59d26bc0be325e9e
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284
7163ed07fc099c1d8eb7ad4ea82ab3ac04b9062613a22e0a6b9f9f9943383118
735cab12bd32c4514bf52404d102af467d8b50814215c9c210fe07e3d7e47a9d
8878a6113d3767fcb0f7c88fdc432c839a4e4e6fe97dec5e24b0d5eb32addd88
8b5eaf40218075cea5deeb7f5b1f281030c970a307707acb1a2057518c64a902
8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627
a8824e092873df0caa02707af5cb7dbaa123126315d3052443ddd3d6e9917799
ac24d42194474ee013aa1b4e879fd08cd74f48f878125d40ce243838bca31a03
ac38fa2145cdda6a78e7706a8d819d86067a82bddb13d02e736ab36ce8f045b6
b3633f98a4d4891f7b74e76266f36b54d96607a83a54466a523526b644e202f0
d0859397754a7cb6846604179f2b593873dc4d2ab758d093bee3ca197d1879a1
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
de88165fa4d58b4ad531b6f8d8facbc5dc00f73e96b617e503d36fee29c53cec
dfcd24e8a3dec2d84e4d32fa8fb9087174c67c2cbf3958c4287a5cda6f5bc174
e00870e3c1034202dcd8dbce87276fa59681fecbfc01c3637f64dad8f767b574
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586808fae6d192ec1b2c2eca2f4126b59cc4c6c8a02a2fe42986ba4a7068f73
f343b3015d0545a7d5b719a434135bcae2ac766ed459aeea671e3688b79d1875
fa8124ac4fe21c49f2bb4373761e0550e03306f125522ef08a114288fb74e8c9